Disaster Recovery and Business Continuity

Question 1

A team leader assigns Ron, a server administrator, the task of determining the business and financial effects that a failed e-mail server would have if it was down for two hours. What type of analysis must Ron perform?

Critical systems and components identification

Business impact analysis

Security audit

Answer 1

Business impact analysis

A business impact analysis (BIA), also referred to as a business impact assessment, identifies the effect unwanted events have on the operation of a business

Question 2

An urban law enforcement agency leases a new space in another part of town, complete with a functioning computer network mirroring the current live site. A high-speed network link constantly synchronizes data between the two sites. What type of site is the new leased location?

Frost site

Warm site

Hot site

Answer 2

Hot site

A hot site offers the least downtime but at the most cost, since it is an immediately available alternate processing site should the primary site become unavailable

Question 3

An urban law enforcement agency leases a new space in another part of town, complete with a functioning computer network mirroring the current live site. Data backups from the primary site are copied to the new leased location every two days. What type of site is the new leased location?

Frost site

Cold site

Warm site

Answer 3

Warm site

Warm sites are functional only once critical data is available

Question 4

Turtle Airlines has hired you to ensure that its customer reservation system is always online. The software runs and stores data locally on the Linux operating system. What should you do?

Install two Linux servers in a cluster. Cluster the airline software, with its data being written to shared storage.

Install a new Linux server. Ensure that the airline software runs from the first server. Schedule airline data to replicate to the new Linux server nightly.

Configure the Linux server with RAID 5.

Answer 4

Install two Linux servers in a cluster. Cluster the airline software, with its data being written to shared storage.

Clustering software between two servers will enable the customer reservation system to function even if one server fails, because the data is not stored within a single server; it exists on shared storage that both cluster nodes can access. When a cluster node (server) fails, the application fails over to a running cluster node (server)

Question 5

A busy clustered web site regularly experiences congested network traffic. You must improve the web site response time. What should you implement?

Ethernet switch

Network load balancing

Fibre Channel switch

Answer 5

Network load balancing

Network load balancing (NLB) can distribute network traffic to multiple servers hosting the same content to improve performance

Question 6

Your primary e-mail server uses three hot-swappable hard disks in a RAID 5 configuration. When one disk fails, you have other disks readily available in the server room that you simply plug in while the server is still running. Which term best describes this scenario?

Disk clustering

Hardware fault tolerance

Disk striping

Answer 6

Hardware fault tolerance

With hardware fault tolerance, a hardware component can fail without completely impeding data access. A single disk failure in a RAID 5 configuration means the failed disk can be hot-swapped with a functional disk. Because RAID 5 stripes data across disks in the array and parity is distributed across disks, user requests for data can be reconstructed dynamically in RAM until the data is reconstructed on the replaced disk

Question 7

Your server backup routine consists of a full backup each Friday night and a nightly backup of all data changed since Friday’s backup. What type of backup schedule is this?

Full

Full and incremental

Full and differential

Answer 7

Full and differential

Differential backups will archive data that has changed since the last full backup. Restoring data means first restoring the full backup and then the latest differential

Question 8

The chief security officer at a national bank chain will be retiring next year, and an IT security employee must be groomed to fill that position. What term encompasses this procedure?

Retirement

Job rotation

Succession planning

Answer 8

Succession planning

Succession planning involves identifying and preparing individuals to fill specific job roles

Question 9

You are a network engineer for a San Francisco law firm. After the 1989 earthquake, an emphasis on continued business operation after future earthquakes dominated in the San Francisco business community. What type of plan focuses on ensuring that personnel, customers, and IT systems are minimally affected after a disaster?

Fault tolerant

Disaster recovery

Business continuity

Answer 9

Business continuity

Business continuity is considered the key goal to which disaster recovery plays a part. Disaster recovery (DR) normally involves implementing steps to get the business operational. Business continuity ensures business operation after the successful implementation of the DRP. Keeping the organization functional sometimes requires the use of an alternate site if the primary site fails, or the use of a recruitment agency (against normal business practices) to employ workers if there is a worker shortage

Question 10

Windows Server 2012 backups are scheduled as follows: full backups on Saturdays at 3 a.m. and incremental backups weeknights at 9 p.m. Write verification has been enabled. Backup tapes are stored off site at a third-party location. What should be done to ensure the integrity and confidentially of the backups? (Choose two.)

Have a different person than the backup operator analyze each day’s backup logs.

Ensure the user performing the backup is a member of the Administrators group.

Encrypt the backup media.

Use SSL to encrypt the backup media.

Answer 10

Have a different person than the backup operator analyze each day’s backup logs.

Encrypt the backup media.

To reduce the likelihood of tampering, a different person should review backup logs. For confidentiality, backup tapes stored off site should be encrypted

Question 11

You are an IT network architect. Your firm has been hired to perform a network security audit for Acme Shipping, Inc. One of Acme’s warehouses has a server room containing one Windows server and two Linux servers. After interviewing the server administrators, you learn they have no idea what to do if the Linux servers cease to function. What is needed here?

Disaster recovery plan

Risk analysis

Windows servers

Answer 11

Disaster recovery plan

Disaster recovery plans outline exactly who must do what in case unfavorable events occur

Question 12

Which items should be considered when ensuring high availability for an e-commerce web site? (Choose two.)

Using TPM to encrypt server hard disks

Using redundant Internet links

Network load balancing

Upgrading the server CMOS to the latest version

Answer 12

Using redundant Internet links

Network load balancing

High availability makes a resource available as often as is possible. Redundant Internet links allow access to the web site even if one Internet link fails. Network load balancing (which could use the redundant Internet links) distributes traffic evenly either to server cluster nodes or through redundant network links

Question 13

Which of the following should be considered when creating a disaster recovery plan?

(Choose three.)

Determining which class of IP addresses are in use.

Ranking risks.

Disabling unused switch ports.

Assigning recovery tasks to personnel.

Establishing an alternate location to continue business operations.

Answer 13

Ranking risks.

Assigning recovery tasks to personnel.

Establishing an alternate location to continue business operations.

Risks should be ranked to determine which are the most probable. The most attention should be given to the most likely threats. Personnel must be assigned tasks according to the disaster recovery plan (DRP) to minimize confusion and downtime. DRPs also provide details about the order of restoration, such as the order in which software components must be placed back into operation. An alternate site (cold, warm, or hot) should at least be considered. Larger businesses or agencies may be able to justify the cost of maintaining an alternate site

Question 14

As part of your disaster recovery planning, you create a prioritized list of professionals who can be contacted in the event of a flood. Who are they? (Choose three.)

Property restoration specialist

Document restoration specialist

Server backup specialist

Server restoration specialist

Answer 14

Property restoration specialist

Document restoration specialist

Server restoration specialist

Property restoration specialists efficiently restore the state of a facility so that a business can continue to operate. Their responsibilities include HVAC, electricity, water, lighting, and so on. Document restoration specialists have expertise in retrieving damaged data, whether it is physical (paper documents) or digital. Server restoration specialists are trained in quickly getting servers up and running to their previous state. A disaster recovery plan is required for server restoration specialists to perform their duties efficiently

Question 15

What should be used to make informed decisions regarding your specific disaster recovery plan?

DRP template freely downloaded from a web site

ROI analysis

Business impact analysis

Answer 15

Business impact analysis

A business impact analysis identifies which risks will affect business operations more than others. This is valuable in determining how to recover from a disaster

Question 16

Identify the disaster recovery plan errors. (Choose two.)

Perform a business impact analysis first.

Base your DRP on a downloaded template.

Data backups are never tested; it costs the company too much money.

Keep existing backup solutions in place even though the software is two versions out of date.

Answer 16

Base your DRP on a downloaded template.

Data backups are never tested; it costs the company too much money.

Your DRP should be much more specific than what a downloaded template can provide. DRPs are not worth their investment if their success has not been proven through testing

Question 17

You are creating a DRP for a small, independent car dealership. There are four employees who each use a desktop computer; there are no servers. All company data is stored on the four computers. A single high-speed DSL link is shared by all users. What are the best DRP solutions? (Choose two.)

Store data with an online data storage service.

Ensure employees know exactly what to do in the event of a disaster.

Purchase faster desktops.

Purchase a file server.

Answer 17

Store data with an online data storage service.

Ensure employees know exactly what to do in the event of a disaster.

Online data storage would be an affordable solution to safeguard business data. Users must know what to do in the event of a catastrophe to ensure the timely resumption of business

Question 18

Mark is the server specialist for Big Game Hunting, Inc. While installing a new server data hard disk, Mark spills his cup of coffee on the old server data hard disk. What should Mark do?

Use a blow-dryer to dry the hard disk.

Immerse the hard disk in warm water to remove the coffee.

Place the hard disk in an air-sealed container.

Answer 18

Place the hard disk in an air-sealed container.

Mark must ensure the coffee does not dry onto any electrical components. An air-sealed container is a good solution, followed by immediately contacting a data recovery specialist

Question 19

You are working with management to justify the cost of a warm site versus a cold site. What factors can help justify the cost of a warm site? (Choose two.)

Large revenue loss during short downtime

Small revenue loss during long downtime

Customer contracts tolerating no more than 8 hours of downtime

Customer contracts tolerating no more than 72 hours of downtime

Answer 19

Large revenue loss during short downtime

Customer contracts tolerating no more than 8 hours of downtime

Some businesses could lose large sums even in a short period of downtime. Calculating these figures enables intelligent decisions to be made regarding justifying the cost of an alternate site. Your business may have customer contracts requiring minimal downtime in the event of a disaster. The cost of the loss of this business could be factored into justifying the cost of an alternate (warm) site

Question 20

Your senior network administrator has decided that the five physical servers at your location will be virtualized and run on a single physical host. The five virtual guests will use the physical hard disks in the physical host. The physical host has the hard disks configured with RAID 1. Identify the flaw in this plan.

The physical server should be using RAID 5.

You cannot run five virtual machines on a physical host simultaneously.

The physical host is a single point of failure.

Answer 20

The physical host is a single point of failure.

If the single physical host experiences a failure, all five virtual machines will be unavailable. A second server should be clustered with the first, and virtual guests should use shared disk storage versus local disk storage

Question 21

Your company is virtualizing DNS, DHCP, web, and e-mail servers at your location. Each of the four virtual machines will be spread out across two physical hosts. Virtual machines are using virtual hard disks, and these files exist on a SAN. Choose the best virtual machine backup strategy that will allow the quickest granular restore.

Back up the virtual machine hard disks at the SAN level.

Install a backup agent in each virtual machine and perform backups normally.

Duplicate your SAN disk array so that backups are not necessary.

Answer 21

Install a backup agent in each virtual machine and perform backups normally.

If granular restores are required, backing up each virtual machine using a backup agent installed in each virtual machine is the best choice

Question 22

What should you do when storing server backup tapes off site?

Encrypt backed-up data.

Generate file hashes for each backed-up file.

Place backup tapes in static shielding bags.

Answer 22

Encrypt backed-up data.

Backup tapes stored off site must be encrypted to ensure data confidentiality

Question 23

You are the administrator for a virtual Windows 2012 Server running Active Directory Domain Services (AD DS). Abnormal server behavior and finally a server freeze lead you to believe that the server has a virus infection. What should you do?

Revert to an earlier virtual machine snapshot prior to the virus infection.

Format the hard disk, reinstall the server, and restore from tape.

Refer to your DRP.

Answer 23

Refer to your DRP.

A DRP specifies who should do what in case of a disaster, such as in the case of an infected server

Question 24

What is the purpose of a disaster recovery plan? (Choose two.)

To minimize economic loss

To have a premeditated reaction to public relations blunders

To install confidence in shareholders

To earn a high rate of return annually

Answer 24

To minimize economic loss

To install confidence in shareholders

Minimizing downtime, reducing customer disruption, and avoiding economic loss are the reasons for a disaster recovery plan. Shareholder confidence is solidified when an efficient, well-thought-out disaster recovery plan is in place

Question 25

Which of the following would appear on a DRP?

Prioritized list of critical computer systems

Single points of failure

Dollar value associated with an hour of downtime

Answer 25

Prioritized list of critical computer systems

Prioritized lists of critical computer systems helps ensure minimal downtime

Question 26

You are the network administrator for a small IT consulting firm. All servers are located at the single site. After testing the DRP and receiving management approval, you e-mail a copy to all employees for their reference in the event of a disaster. Identify the problem.

The e-mail should have been digitally signed.

Only executives should have received the message.

The mail server might not be available in the event of a disaster.

Answer 26

The mail server might not be available in the event of a disaster.

The only copy of the disaster recovery plan exists on a mail server that users may not have access to when they need it most. Alternate storage locations and physical copies must be considered

Question 27

You are the network administrator for a small IT consulting firm. All servers are hosted externally. After analyzing threats, creating a DRP, and receiving management approval, you e-mail a copy to all employees for their reference in the event of a disaster. Identify the problem.

The e-mail should have been encrypted.

The DRP was not tested.

Only executives should have received the message.

Answer 27

The DRP was not tested.

A disaster recovery plan changes with the business and must be tested to ensure its success

Question 28

Which of the following regarding disaster recovery are true? (Choose two.)

Once the plan is complete, it need never be revisited.

Once the plan is complete, it must have management approval.

The plan is never complete; it must evolve with the business.

The plan should include only IT systems.

Answer 28

Once the plan is complete, it must have management approval.

The plan is never complete; it must evolve with the business.

Without management support and approval, a disaster recovery plan will not succeed. The plan must be revisited periodically to ensure that it is in step with changes in the business

Question 29

You are a web site administrator. You need to minimize web site downtime in the event of a disaster or security compromise. Which of the following terms best describes the reliability of hard disks?

MTBF

MTTF

MTTR

Answer 29

MTTR

Mean time to recovery (MTTR) measures the amount of time it takes to return a device, system, or network to normal functionality

Question 30

As the IT director, you are comparing public cloud providers. Your company will no longer house on-premises mail or application servers. Which factors under your control must you consider to ensure that mail and applications are always available to users?

Updates applied to cloud provider servers

Redundant network links

RAID level used on cloud provider servers

Answer 30

Redundant network links

Redundant network links to the Internet will ensure that if one Internet connection fails, the other can be used to access mail and application services in the cloud. Laws and regulations can sometimes prevent the use of cloud applications and cloud storage. In response to this issue, many large cloud providers offer community clouds that cater to specific industries and their security requirements. Another cloud storage issue is data sovereignty, which deals with the physical location of data and any applicable laws. Cloud providers allow customers to specify a region in which data is stored

Question 31

Laurel is the head of IT security for a government department. Recent repeated security breaches involving malware on removable media have her concerned about future incidents, so she reviews the past incident responses to determine how such occurrences can be prevented and how responses can be improved. What type of document should Laurel prepare?

After-action report

SLA

Risk assessment

Answer 31

After-action report

After-action reports take lessons learned from previous incidents—essentially they strive to improve upon identified problems that hampered incident response