Help with question - DR

sumeetgandhisumeetgandhi CISA, CISM, PMP, AWS SA, AWS SysOps, CISM, ITIL, PRINCE2, MCTS - SharePoint / Office365SingaporeMember Posts: 60 ■■■□□□□□□□
During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery site's server is slow. To find the root cause of this, the IS auditor should FIRST review the:

A. event error log generated at the disaster recovery site.
B. disaster recovery test plan.
C. disaster recovery plan (DRP).
D. configurations and alignment of the primary and disaster recovery sites.

According to me the answer should be A as first I would want to see what all errors are being generated (network / account / connectivity / disk space etc). This would give me some direction of where should I look into. But the correct answer is D. How just by looking at the configuration / alignment can I find the root cause.

Could someone please explain. 
---
With Regards
Sumeet Gandhi
CISA, CISM, PMP, PMI-ACP, AWS Certified Solutions Architect, Office 365, SharePoint Online, SharePoint (2016 / 2013 / 2010 / 2007), MCTS, CSM, ITIL, PRINCE2
Tagged:

Comments

  • kaijukaiju Member Posts: 453 ■■■■■■■□□□
    edited December 2018
    A multitude of issues could appear during a recovery event if the configurations for the disaster recovery site are not the same as the primary site. Event logs will flag the error but verifying the configs can pinpoint exactly what was wrong IF there was a misconfiguration which in turn would illuminate the root cause. 
    Work smarter NOT harder! Semper Gumby!
  • COBOL_DOS_ERACOBOL_DOS_ERA Member Northern VA, NYCMember Posts: 205 ■■■■■□□□□□
    D is the most encompassing, as Kaju pointed out in his response. One of the trick of taking ISACA CRISC and CISM exam is to understand that is there any that would cover broader scope of the problem, and most of the time that's the answer. For example,  most often business need or business case is going to be the right answer. Remember in configuration you are actually reviewing your plan, any associated anomalies. So, A, B, and C are actually part of D, thus D is the correct answer.
    CISM, CRISC, CGEIT, PMP, PMI-ACP, SEC+, ITIL V3, A-CSM. And Many More.
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,017 ■■■■□□□□□□
    In many cases companies decide not to spend money on DR equipment so you will end up with old equipment at the DR site, this will work when you are testing your DR setup because you don't have the full load, but in case of a real disaster your DR systems can not handle the full load.

    If the setup in the DR is identical to main site (D) then troubleshoot and check the logs etc.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    Because when you look at the configurations of primary and DR sites, you are going to find that the DR site has 80% of servers and 75% (random numbers for scenario) of the connectivity (in/out) that the primary site does.  Which if the primary site is running at 85-90% of capacity is going to cause bottlenecks and slow downs.

    Answering A is a tech/administrator response, unfortunately, the CISSP, CRISC, CISM etc are wanting the manager perspective.  D is always going to be the right answer to this type of question
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,769 Admin
  • sumeetgandhisumeetgandhi CISA, CISM, PMP, AWS SA, AWS SysOps, CISM, ITIL, PRINCE2, MCTS - SharePoint / Office365 SingaporeMember Posts: 60 ■■■□□□□□□□
    Thank you @kaiju @promethuschow @wd40 @jcundiff for the valuable insights, its lot more clear now. Appreciate your help as always.
    ---
    With Regards
    Sumeet Gandhi
    CISA, CISM, PMP, PMI-ACP, AWS Certified Solutions Architect, Office 365, SharePoint Online, SharePoint (2016 / 2013 / 2010 / 2007), MCTS, CSM, ITIL, PRINCE2
  • sumeetgandhisumeetgandhi CISA, CISM, PMP, AWS SA, AWS SysOps, CISM, ITIL, PRINCE2, MCTS - SharePoint / Office365 SingaporeMember Posts: 60 ■■■□□□□□□□
    JDMurray said:
    Did you get this practice item from Quizlet?


    No, its from the QaE db. 
    ---
    With Regards
    Sumeet Gandhi
    CISA, CISM, PMP, PMI-ACP, AWS Certified Solutions Architect, Office 365, SharePoint Online, SharePoint (2016 / 2013 / 2010 / 2007), MCTS, CSM, ITIL, PRINCE2
  • kaijukaiju Member Posts: 453 ■■■■■■■□□□
    Glad I could help!
    Work smarter NOT harder! Semper Gumby!
Sign In or Register to comment.