Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Information Systems Operations and Business Resilience practice sets

CISA Information Systems Operations and Business Resilience • Complete Question Bank

CISA Information Systems Operations and Business Resilience — All Questions With Answers

Complete CISA Information Systems Operations and Business Resilience question bank — all 0 questions with answers and detailed explanations.

72
Questions
Free
No signup
Certifications/CISA/Practice Test/Information Systems Operations and Business Resilience/All Questions
Question 1mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization experiences a critical system failure during non-business hours. The IT team discovers that the last full backup was 48 hours ago, and the incremental backups for the past 24 hours are corrupted. The recovery time objective (RTO) for this system is 4 hours, and the recovery point objective (RPO) is 1 hour. Which of the following is the MOST immediate concern?

Question 2hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An IT auditor is reviewing the business continuity plan (BCP) for a financial services firm. The plan includes a hot site that is shared with another organization under a reciprocal agreement. Which of the following findings should be of MOST concern to the auditor?

Question 3easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company is designing its backup strategy for a critical database that must be available 24/7. The database experiences high transaction volumes. Which backup method minimizes data loss while allowing continuous operations?

Question 4hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

During an incident response exercise, the IT team discovers that the failover to the disaster recovery (DR) site failed because the DR site's storage area network (SAN) was not zoned correctly for the replicated data. Which of the following controls would BEST prevent this issue?

Question 5mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company's backup policy requires that backup tapes be stored offsite for at least one year. During an audit, the auditor finds that the offsite storage facility is not access-controlled and backup tapes are not encrypted. Which of the following is the auditor's BEST recommendation?

Question 6easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization is implementing a business continuity plan (BCP). Which of the following is the PRIMARY purpose of conducting a business impact analysis (BIA)?

Question 7mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are essential components of an effective incident response plan? (Select exactly 2.)

Question 8hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which THREE of the following are key metrics to include in a disaster recovery test report? (Select exactly 3.)

Question 9mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An administrator sees the above error after a failed backup job. What is the MOST likely cause?

Exhibit

Refer to the exhibit.

Server: DB01
Backup Job: Full_Backup_DB01
Status: Failed
Error: 0x80070003 - The system cannot find the path specified.
Backup Destination: \\BACKUPSRV\DBBackups\DB01\

Last Successful Backup: 2023-03-15 03:00 AM
Scheduled Backup Time: Daily 02:00 AM
Question 10hardmultiple choice
Review the full routing breakdown →

An organization has configured HSRP as shown. During a failover test, the primary router (G0/1) is shut down, but the DR site router does not become active. What is the MOST likely reason?

Exhibit

Refer to the exhibit.

interface GigabitEthernet0/1
 description Link to Primary Site
 ip address 10.1.1.1 255.255.255.252
 standby 1 ip 10.1.1.2
 standby 1 priority 110
 standby 1 preempt
!
interface GigabitEthernet0/2
 description Link to DR Site
 ip address 10.2.2.1 255.255.255.252
 standby 2 ip 10.2.2.2
 standby 2 priority 100
!
router ospf 1
 network 10.0.0.0 0.255.255.255 area 0
!
ip route 0.0.0.0 0.0.0.0 10.1.1.2
Question 11hardmultiple choice
Read the full DNS explanation →

A multinational corporation operates an e-commerce platform hosted in a private cloud environment. The platform consists of web servers, application servers, and a database cluster. The database cluster uses synchronous replication across two data centers (Primary and DR) located 500 km apart. The recovery time objective (RTO) for the platform is 2 hours, and the recovery point objective (RPO) is 15 minutes. During a recent disaster simulation, the primary data center lost power completely. The IT team initiated failover to the DR site. However, the failover process took 3 hours due to a misconfiguration in the DNS failover scripts, and the database was found to be inconsistent because the replication link was broken 30 minutes before the power loss. The team had to restore from a backup that was 4 hours old. After the incident, management requests a review of the disaster recovery plan. Which of the following is the BEST course of action to address the issues identified?

Question 12mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization is implementing a backup strategy for its critical database. The database is updated continuously during business hours, and the recovery point objective (RPO) is 15 minutes. Which backup method should be used to meet the RPO while minimizing backup storage and performance impact?

Question 13hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

Based on the backup logs, the backup administrator notices that the incremental backup job failed due to insufficient storage. Which TWO actions should the administrator take to resolve the immediate issue and prevent recurrence?

Exhibit

Refer to the exhibit.

```
Backup Log for ArcServe UDP – 2024-05-21
========================================
Job Name: Full_Backup_Weekly
Start Time: 02:00
End Time: 04:30
Status: Completed with warnings
Details:
- Volume C: Backup successful (40.5 GB)
- Volume D: Backup successful (120.2 GB)
- Volume E: Backup failed (error code 0x80070020 – file in use)
- Volume F: Backup successful (25.0 GB)

Job Name: Incremental_Backup_Daily
Start Time: 12:00
End Time: 12:45
Status: Failed
Details:
- Volume C: Backup failed (error code 0x807800C5 – insufficient storage)
- Volume D: Backup failed (error code 0x807800C5 – insufficient storage)
- Volume E: Backup failed (error code 0x807800C5 – insufficient storage)
- Volume F: Backup failed (error code 0x807800C5 – insufficient storage)
```
Question 14hardmultiple choice
Study the full virtualization explanation →

An online retail company runs its e-commerce platform on a virtualized infrastructure with 50 virtual servers. The platform experiences intermittent slowdowns during peak hours, and recent monitoring reports show that disk I/O latency on the storage area network (SAN) frequently exceeds 50 ms during these periods. The SAN has two fabric switches and a single storage array with 12 TB of usable capacity, currently at 80% utilization. The company’s disaster recovery plan requires recovery point objective (RPO) of 1 hour and recovery time objective (RTO) of 4 hours for the e-commerce platform. During a recent test failover to the disaster recovery site, the IT team discovered that the replication link between primary and DR sites is saturated, causing replication lag of up to 3 hours. The team also noted that the DR site storage has only 6 TB of usable capacity, now at 60% utilization. The IT manager is concerned about meeting the RPO and RTO. Which course of action should the IT team take first?

Question 15mediumdrag order
Read the full NAT/PAT explanation →

Arrange the steps to implement a patch management process in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 16mediumdrag order
Read the full Information Systems Operations and Business Resilience explanation →

Order the steps for conducting a business impact analysis (BIA) in the correct sequence.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5
Question 17mediummatching
Read the full Information Systems Operations and Business Resilience explanation →

Match each disaster recovery site type to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Fully equipped and ready within hours

Partially configured, ready in days

Basic infrastructure, no equipment

Portable unit deployed as needed

Question 18mediummatching
Read the full Information Systems Operations and Business Resilience explanation →

Match each testing technique to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Simulated attack to find weaknesses

Automated check for known flaws

Manual inspection of source code

Manipulating people to divulge info

Question 19mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization's online transaction processing system experienced a sudden performance degradation. The database administrator checked system resources and found excessive I/O wait time on the storage subsystem. Which of the following is the MOST likely root cause?

Question 20hardmultiple choice
Read the full NAT/PAT explanation →

A multinational corporation has implemented a hot site disaster recovery solution for its critical financial applications. Which of the following is the MOST important consideration to ensure the effectiveness of the hot site?

Question 21easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

During an IT audit, the auditor finds that a system administrator has local administrator rights on multiple production servers and uses a shared service account for routine maintenance. What is the PRIMARY risk associated with this practice?

Question 22mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company's IT service desk receives multiple reports of users being unable to access a cloud-based CRM system. The network team confirms that internet connectivity is working. Which of the following should be the FIRST step in troubleshooting the issue?

Question 23hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization is evaluating its business continuity plan (BCP) for a critical application with a recovery time objective (RTO) of 4 hours and a recovery point objective (RPO) of 1 hour. The current backup strategy involves daily full backups and hourly transaction log backups. Which of the following is the MOST significant risk?

Question 24easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Which of the following is the BEST indicator that an organization's incident management process is effective?

Question 25mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An IT auditor is reviewing the change management process for a financial application. The auditor finds that emergency changes are frequently implemented without post-implementation review. What is the MOST significant risk?

Question 26hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A large enterprise is implementing a backup strategy for a critical database that requires an RTO of 2 hours and an RPO of 15 minutes. The database is 2 TB in size. Which backup method would BEST meet these requirements while minimizing storage costs?

Question 27easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Which of the following is the PRIMARY purpose of a business impact analysis (BIA) in business continuity planning?

Question 28mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are key elements of an effective incident response plan? (Select exactly 2.)

Question 29mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are primary objectives of capacity management? (Select exactly 2.)

Question 30hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which THREE of the following are common challenges when implementing a bring-your-own-device (BYOD) policy that affect information systems operations? (Select exactly 3.)

Question 31hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Refer to the exhibit. An IT operator receives this error message from an automated backup job. What is the MOST likely cause of this failure?

Exhibit

Refer to the exhibit.

```
ERROR: 2019-10-22 14:23:45.678
Severity: CRITICAL
Source: BackupServer1
Message: Backup job 'FinanceDB_Full' failed.
Reason: Unable to mount virtual disk 'FinData-001' from storage array 'SAN01'.
Suggested action: Check storage array connectivity and LUN masking.
```
Question 32easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Refer to the exhibit. An auditor reviews the log shipping configuration for a critical database. Based on the information provided, what is the MOST significant finding?

Exhibit

Refer to the exhibit.

```
Configuration: Log Shipping
Primary Server: SQLPROD
Secondary Server: SQLDR
Status: Normal
Last backup created: 2020-03-15 06:00:00
Last restore completed: 2020-03-15 06:05:00
Log shipping interval: 15 minutes
Current latency: 18 minutes
Alert threshold: 30 minutes
```
Question 33mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Refer to the exhibit. An auditor reviews the security log of a sensitive server. Which of the following is the MOST suspicious event?

Exhibit

Refer to the exhibit.

```
Event Viewer: Security Log
Event ID: 4624 (Successful Logon)
Account Name: jdoe
Logon Type: 3 (Network)
Source Network Address: 10.0.0.15
Workstation Name: WS-FINANCE
Logon Process: NtLmSsp
Authentication Package: NTLM

Event ID: 4624 (Successful Logon)
Account Name: jdoe
Logon Type: 10 (Remote Interactive)
Source Network Address: 192.168.10.50
Logon Process: User32
Authentication Package: Negotiate

Event ID: 4634 (Logoff)
Account Name: jdoe
Logon Time: 2020-06-01 23:45:12
```
Question 34easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization's backup strategy involves weekly full backups and daily incremental backups. After a system failure, the restoration takes longer than expected. What is the most likely cause?

Question 35mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An IT manager notices that the CPU utilization of a critical server consistently exceeds 90% during peak hours. Which is the BEST course of action?

Question 36hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

During an audit, the IS auditor finds that the business continuity plan (BCP) was last updated two years ago and does not include new cloud-based applications. The organization has not conducted a BCP test in 18 months. What should the auditor recommend FIRST?

Question 37easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company's backup policy requires that backup media be stored offsite. Which of the following is the PRIMARY reason for this requirement?

Question 38mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization uses a hot site for disaster recovery. During a recent test, the hot site did not have the latest version of the application software. What is the MOST likely cause?

Question 39hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An IS auditor is reviewing the incident management process. The organization has a policy that all security incidents must be reported within one hour. However, the average reporting time is four hours. Which is the BEST corrective action?

Question 40easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Which of the following is the PRIMARY objective of an operational audit?

Question 41mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A database administrator accidentally deleted a critical table. The last full backup was taken 24 hours ago, and transaction logs are archived every 15 minutes. Which recovery method will minimize data loss?

Question 42hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization's business continuity plan includes a reciprocal agreement with another company. What is the PRIMARY risk of this arrangement?

Question 43easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Which is the MOST likely cause?

Exhibit

Refer to the exhibit.
2024-03-12 04:30:00 ERROR Backup job for server SQL01 failed. Error code: 0x80070001. Reason: The device is not ready.
Question 44mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Given this configuration, which is the PRIMARY concern?

Exhibit

Refer to the exhibit.
recovery_time_objective = 2 hours;
recovery_point_objective = 15 minutes;
replication_type = synchronous;
bandwidth = 100 Mbps;
data change rate = 50 GB per hour;
Question 45hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Which control failure is MOST significant?

Exhibit

Refer to the exhibit.
At 14:23 UTC, an unauthorized user accessed the HR database. The intrusion detection system alerted at 14:25. The incident response team was notified at 16:00. The database logs show query activity from 14:20 to 14:45. The DBA terminated the session at 15:10.
Question 46easymulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are essential components of a disaster recovery plan (DRP)?

Question 47mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are key performance indicators (KPIs) for IT operations?

Question 48hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which THREE of the following are common techniques for ensuring business resilience?

Question 49easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company is experiencing frequent server crashes due to memory leaks. The operations team has implemented a monitoring solution. Which of the following is the BEST indicator to trigger an automated failover to a standby server?

Question 50easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

During a disaster recovery test, the recovery time objective (RTO) for a critical application was not met. Which of the following is the MOST likely cause?

Question 51mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization implemented a business continuity plan (BCP) that includes manual workarounds. Which of the following is the PRIMARY risk of relying on manual processes during a disruption?

Question 52mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A company's backup policy requires daily full backups to tape and offsite storage. After a ransomware attack, the IT team discovers that the latest backup set is corrupted. Which of the following controls would have BEST prevented this?

Question 53mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An IS auditor is reviewing the change management process for a financial application. Which of the following findings would be of MOST concern?

Question 54hardmultiple choice
Read the full NAT/PAT explanation →

A multinational corporation is designing its disaster recovery strategy to meet a recovery point objective (RPO) of 15 minutes for its critical database. Which replication method is MOST appropriate?

Question 55hardmultiple choice
Read the full NAT/PAT explanation →

During an incident, the IT team identifies that a critical patch was not applied due to an expired software maintenance contract. Which of the following is the BEST long-term remediation?

Question 56easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization wants to ensure that its backup tapes are protected from unauthorized access. Which of the following is the MOST effective control?

Question 57hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

An organization is implementing a business continuity plan (BCP) and needs to determine the maximum acceptable downtime for a critical system. Which metric should be defined FIRST?

Question 58mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

An IS auditor is evaluating the effectiveness of a backup strategy for a critical database. Which TWO of the following are essential controls to ensure data recoverability?

Question 59hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

A company is updating its business continuity plan (BCP). Which THREE of the following should be included as key components?

Question 60easymulti select
Read the full NAT/PAT explanation →

During a disaster recovery test, the team discovers that the backup server is unable to restore data because of incompatible software versions. Which TWO controls should have been implemented to prevent this?

Question 61mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Refer to the exhibit. An IS auditor reviewing backup logs notices this error. Which of the following is the MOST likely root cause?

Exhibit

Backup Job Report - 2025-03-15
Job Name: DailyFullBackup_DB01
Status: FAILED
Error Code: E-103
Error Description: Unable to mount backup target /mnt/backup
Recommended Action: Check network connectivity to storage array.
Question 62hardmultiple choice
Review the full subnetting walkthrough →

Refer to the exhibit. During a security audit, an IS analyst identifies that a critical business application hosted on 192.168.1.100:443 is unreachable from the 10.0.1.0/24 subnet. Which of the following is the MOST likely cause?

Exhibit

access-list extended BLOCK-MALICIOUS
deny ip 10.0.1.0 0.0.0.255 any
deny tcp any host 192.168.1.100 eq 443
permit ip 10.0.0.0 0.0.255.255 any
Question 63hardmultiple choice
Study the full virtualization explanation →

A multinational organization operates a critical ERP system on a virtualized infrastructure across two data centers (primary and DR). The primary data center is located in Region A, and the DR site in Region B, 500 km away. The ERP database is 2 TB and changes at an average rate of 10 MB per second. The organization uses synchronous replication between the two sites over a dedicated 10 Gbps WAN link. During a recent disaster simulation, the IT team observed that the replication link experienced 15 ms latency, causing the primary database to slow down significantly under peak load, ultimately missing the defined RTO of 4 hours for full failover. The business has an RPO of 15 minutes. The CISO asks the IS auditor to recommend a solution that balances cost and performance while meeting both RTO and RPO. Which of the following is the BEST course of action?

Question 64mediummultiple choice
Read the full NAT/PAT explanation →

A multinational corporation is implementing a disaster recovery plan for its critical financial systems. The plan includes off-site backups and redundant hardware. During a recent test, the recovery time objective (RTO) was met, but the recovery point objective (RPO) was exceeded by 30 minutes due to delayed data replication. Which of the following is the BEST action to address this issue?

Question 65hardmulti select
Read the full Information Systems Operations and Business Resilience explanation →

An organization is evaluating its business continuity plan (BCP) to ensure alignment with the IT disaster recovery plan. Which TWO of the following are critical elements that should be included in the BCP to support effective business resilience?

Question 66easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A medium-sized retail company relies on an ERP system for order processing and inventory management. The system is hosted on-premises with daily backups stored on tape. The company's business continuity plan specifies an RTO of 4 hours and an RPO of 1 hour for the ERP system. During a recent fire drill, it was discovered that restoring the ERP system from tape took over 6 hours, and the most recent backup was from the previous day. Which of the following is the BEST course of action to meet the RTO and RPO goals?

Question 67mediummultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A financial institution operates a critical payment processing system that must maintain 99.999% availability. The system is deployed across two data centers in active-active mode with load balancing. During a routine maintenance window, a network misconfiguration caused all traffic to be directed to one data center, which then became overloaded and crashed, resulting in 30 minutes of downtime. The incident response team wants to prevent recurrence. Which of the following is the BEST action?

Question 68hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A healthcare organization is required to comply with HIPAA regulations for data backup and disaster recovery. They operate a primary data center and a colocation facility for disaster recovery. The current backup strategy involves nightly full backups to tape, which are stored off-site monthly. The recovery time for the electronic health record (EHR) system is estimated at 8 hours, but the RTO required by the business is 2 hours. Additionally, the RPO requirement is 15 minutes. The IT manager proposes implementing a continuous data protection (CDP) solution. However, the CFO is concerned about the cost. Which of the following is the BEST argument to justify the CDP investment?

Question 69easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A small e-commerce company uses a cloud-based e-commerce platform with automatic scaling. The company's business continuity plan relies on the cloud provider's promise of 99.99% uptime. During a regional outage affecting the cloud provider's primary availability zone, the company's website became unavailable for 2 hours, resulting in lost sales. The IT manager wants to improve resilience. Which of the following is the BEST action?

Question 70mediummulti select
Read the full Information Systems Operations and Business Resilience explanation →

Which TWO of the following are primary objectives of a business continuity plan (BCP)?

Question 71hardmultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

Refer to the exhibit. Which of the following is the most significant risk associated with the backup policy for critical data?

Exhibit

Backup Policy "CriticalData" {
  Schedule: Daily at 02:00
  Retention: 30 days
  Encryption: AES-256
  Offsite: Enabled
}

Compliance requirement: Retain financial data for 7 years.
Question 72easymultiple choice
Read the full Information Systems Operations and Business Resilience explanation →

A medium-sized financial services firm recently suffered a ransomware attack that encrypted critical servers and backups. The recovery process took three weeks because the backup tapes were stored in the same building (which was also infected) and the backup software had a vulnerability that allowed the ransomware to delete old backups. The firm's BCP did not account for simultaneous loss of primary and secondary data. As the IS auditor, you are asked to recommend the most effective improvement to the backup strategy to prevent recurrence and improve resilience. Which of the following actions should the firm implement?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CISA Practice Test 1 — 10 Questions→CISA Practice Test 2 — 10 Questions→CISA Practice Test 3 — 10 Questions→CISA Practice Test 4 — 10 Questions→CISA Practice Test 5 — 10 Questions→CISA Practice Exam 1 — 20 Questions→CISA Practice Exam 2 — 20 Questions→CISA Practice Exam 3 — 20 Questions→CISA Practice Exam 4 — 20 Questions→Free CISA Practice Test 1 — 30 Questions→Free CISA Practice Test 2 — 30 Questions→Free CISA Practice Test 3 — 30 Questions→CISA Practice Questions 1 — 50 Questions→CISA Practice Questions 2 — 50 Questions→CISA Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Governance and Management of ITInformation Systems Acquisition, Development and ImplementationInformation Systems Operations and Business ResilienceProtection of Information AssetsInformation System Auditing Process

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Information Systems Operations and Business Resilience setsAll Information Systems Operations and Business Resilience questionsCISA Practice Hub