Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > 7 - Business Continuity and Disaster Recovery Plan > Flashcards

7 - Business Continuity and Disaster Recovery Plan Flashcards

1
Q
  1. Once a business continuity plan is developed and approved by senior management, what final critical element must be addressed?a. Filing of the plan with local emergency servicesb. Performing a qualitative risk analysisc. Creating awareness of the plan throughout the organizationd. Perform a structured walk-through test
A

C: This is the final required step in business continuity planning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Each time the business continuity plan is updated or revised, what must be done?a. Perform a new cost/benefit analysisb. A checklist test must be performedc. Update your countermeasuresd. Destroy all copies of all old version of the plan.
A

D: This is a required step to ensure that only one version of the plan is distributed within the organization. 9. What is the primary objective of a disaster recovery plan?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What is the primary objective of a disaster recovery plan?a. To recover critical processes in a timely mannerb. Manage public relations after a crisisc. To minimize financial loss during normal operations outaged. Re-design the security infrastructure of the organization after an emergency
A

A: This is the primary objective of a disaster recovery plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following is not an objective of a disaster recovery plan?a. Protecting the organization from significant loss due to the failure of its IT infrastructureb. Empowering personnel for decision making during a crisis situationc. Minimizing risks to the organization from delays in providing servicesd. Guaranteeing the reliability and availability of standby systems through testing and evaluation
A

B: An objective of a disaster recovery plan is to minimize decision making during a crisis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. The security issue that addresses ongoing processing activity in the face of minor disruptive events is known as?a. business continuity planningb. disaster recovery planningc. mission critical relocation planningd. redundancy development planning
A

A: Business continuity planning is the security issue that addresses ongoing processing activity in the face of minor disruptive events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Who is ultimately responsible for the business continuity planning?a. Disaster recovery teamb. IT staffc. End usersd. Senior management
A

D: Senior management is ultimately responsible for the success or failure of the business continuity plan. 5. Which of the following is not one of the three primary goals of business impact analysis?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Which of the following is not one of the three primary goals of business impact analysis?a. Plan testing and verificationb. Criticality prioritizationc. Downtime estimationd. Resource requirements
A

A: Business impact analysis is the disaster equivalent of risk analysis, it does not have an implementation plan associated with it and there such a plan does not need testing or verification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Which of the following is not an aspect of quantitative loss criteria associated with business impact analysis?a. Financial loss due to violations of contract agreementsb. Loss of competitive advantage or market sharec. Financial losses due to capital expenditured. Losses associated with financial liability expenditures
A

B: This is a qualitative loss criteria.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Business continuity planning is designed to handle what sort of conditions?a. Moderate disruptive eventsb. Major disruptive events to very destructive eventsc. Daily work activitiesd. Total destruction of a company and its assets
A

A: Business continuity planning is designed to handle moderate disruptive events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. Which of the following is not a goal of business continuity planninga. Reduce the risk of financial lossb. Reformulate the security policy to more adequately prepare for intrusion attempts during the recovery processc. Recover from a disruptive event quicklyd. Mitigate the risks associated with a disruptive event
A

B: This is not a goal of business continuity planning. This is part of the normal review and improvement process of the formalized security structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is the top priority of business continuity planning?a. Quick and efficient recovery of the organizationb. Minimizing financial losses due to a disruptive eventc. Safety of the personneld. Managing public opinion about the organization during a crisis
A

C: The top priority of business continuity planning is the safety of personnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Which of the following is considered an essential element of due care and due diligence?a. creation of InfoSec teamsb. business continuity and disaster recovery planningc. delegating implementation tasks to subordinatesd. senior management sign off on all security planning
A

B: Business continuity and disaster recovery planning are considered essential elements of due care and due diligence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Business continuity planning should address all but which of the following?a. local area network componentsb. telecommunicationsc. employee personal possessionsd. applications and software
A

C: Employee personal possessions are the responsibility of the employees, not the organization and its business continuity planning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Which of the following is not an event that would be considered to trigger application of the business continuity plan?a. fire in the data centerb. earthquake resulting in broken communication linesc. floods affecting the basement levels onlyd. an intrusion attack that compromises a Web server
A

D: Intrusion attacks are not events that trigger the business continuity plan. Instead, intrusion attacks trigger normal InfoSec or CIRT response teams.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which of the following is not a goal or objective of business continuity planning?a. reduce the risks associated with a disruptive eventb. minimize costs associated with recovering from a disruptive eventc. promptly recover from a disruptive eventd. provide a procedural guide so minimal decisions are made during an event.
A

B: Business continuity planning does not deal with recovering from disruptive events, rather maintaining business activity during a disruptive event. Disaster recovery planning deals with recovery.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which of the following should be accomplished first when acting out a business continuity plan?a. Restore critical functionsb. Restore non-critical functionsc. Maintain personnel safetyd. Locate an alternate site
A

C: Maintaining personnel safety is always the first and top priority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. What is the primary difference between a disaster recovery plan and a business continuity plan?a. The severity of the damage to the area caused by a disasterb. The use of a secondary sitec. The cost of maintenanced. The interruption of mission critical processes
A

D: The primary difference is whether mission critical processes are interrupted. If they are, then disaster recovery is used, if not, then business continuity is used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. Although the activities themselves can be delegates, who is ultimately responsible for all phases of business continuity planning?a. Senior managementb. InfoSec teamsc. Systems auditord. Department managers
A

A: Senior management is always ultimately responsible for all aspects of security and maintaining productivity in their organization, even though the actual tasks to accomplish this may be delegated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. Which of the following is not a goal of business impact assessment?a. criticality prioritizationb. establishing resource requirementsc. personnel safetyd. downtime estimation
A

C: Personnel safety is the most important factor for business continuity and disaster recovery planning. However, it is not a factor or goal of a business impact assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. The Maximum Tolerable Downtime estimation is an indication of whata. how long the business continuity plan takes to developb. how long the business continuity plan takes to implementc. how long the migration to the secondary site will taked. how long can mission critical processes be down and still allow the organization to recover
A

D: The Maximum Tolerable Downtime estimation is an indication of how long can mission critical processes be down and still allow the organization to recover.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q
  1. The business continuity planning task of identifying key business processes, ordering those processes, and evaluating event impact is known as? a. criticality prioritizationb. business impact assessmentc. vulnerability assessmentd. quantative analysis
A

B: Business impact assessment is the business continuity planning task of identifying key (critical) business processes, ordering (prioritizing) those processes, and evaluating event impact.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
  1. When performing a business impact analysis, which of the following is the least useful assessment material item to gather?a. organizational chartb. mission statementc. definition of business unitsd. outline of relationships within the organization
A

B: The mission statement is inconsequential and useless to the act of business impact analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q
  1. Which of the following is not one of the four aspects or elements of a business continuity plan?a. business impact assessmentb. scope and plan initiationc. business continuity plan developmentd. testing
A

D: While testing is important, it is not one of the four primary elements of a business continuity plan. In fact, testing seems to be mentioned only in relation to disaster recovery planning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q
  1. When updating or maintaining a business continuity plan, which of the following is most important?a. only a single version of the plan should exist throughout the organizationb. each department should develop and maintain their own planc. the business continuity plan cannot make recommendations outside of the organization’s security policyd. keeping the cost of the plan to a minimum
A

A: Only a single version of the business continuity plan should exist throughout the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q
  1. The process of making employees aware of the business continuity plan is found in what stage or element of the business continuity plan development process?a. business impact assessmentb. plan approval and implementationc. business continuity plan developmentd. scope and plan initiation
A

B: Staff awareness is an aspect of the plan approval and implementation element of the business continuity plan development process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q
  1. Which of the following is not an event that would be considered to trigger application of the disaster recover plan?a. a terrorist bomb that destroys most of your primary siteb. a wind storm that completely severs your power and communicationsc. a hurricane that floods your data centerd. a rupture in a gas main 10 miles from your primary facility
A

D: When an event causes concern but does not effect your primary facility, it will not trigger the disaster recovery plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q
  1. A disaster recovery plan may be triggered by all but which of the following?a. A mud slide burying your primary siteb. Intermittent loss of access to a entertainment Web sitec. A fire that destroys your entire data centerd. A robbery where your primary servers are stolen
A

B: Internet communication interruptions that are not related to your mission critical processes will not trigger the disaster recovery plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q
  1. The scope of the business continuity plan should be which of the following?a. people, infrastructure, key personnel, equipmentb. media relations, human resources, people, facilitiesc. office supplies, people, infrastructure, facilitiesd. Infrastructure (IT), facilities, supplies and equipment
A

C: The scope of the business continuity plan should be everything necessary to support your mission critical services, such as office supplies, people, infrastructure, facilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q
  1. Which of the following is not an option for alternate site Selection within disaster recovery planning?a. mutual aid agreementsb. subscription servicesc. service bureausd. adjacent building rental
A

D: Adjacent building rental is the poorest choice for an alternate site since it is so close to the original site that it is susceptible to the same disasters that could destroy the primary site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q
  1. What is a mutual aid agreement?a. two parties agree to support the other’s critical business functions in the event of a disasterb. two parties agree to share the cost of maintaining an alternate sitec. two parties agree to work together in building secondary locationsd. an insurance company agrees to pay for IT relocation services
A

A: two parties agree to support the other’s critical business functions in the event of a disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q
  1. Which of the following is the most cost effective alternate site location but which is most likely to be useless when actually needed?a. hot siteb. mutual aid agreementsc. portable hot sited. service bureau contract
A

B: A mutual aid agreement is the cheapest forms of alternate site location, but since most companies barely have the capacity to support their own mission critical processes, when needed in a disaster these agreements are usually worthless.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q
  1. When business impact analysis is completed, what is the end result?a. a quantitative risk analysis reportb. an auditor’s final qualitative reportc. a business continuity pland. a organizational security policy
A

C: The end result of business impact analysis is a business continuity plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q
  1. Which of the following is not an element of the vulnerability assessment process of business impact analysis?a. quantitative analysisb. qualitative analysisc. defining critical areas and dependenciesd. selecting countermeasures
A

D: Countermeasure Selection is associated with risk analysis, not business impact analysis vulnerability assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q
  1. Which of the following is not a goal of disaster recovery planning?a. Maintaining critical functions through a minor disruptive eventb. Protecting an organization from major IT failurec. Minimizing the risk to an organization from the interruption of mission critical processesd. Maintaining reliable backup and restoration solutions through testing and simulation
A

A: Maintaining critical functions through a minor disruptive event is business continuity planning, not disaster recovery planning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q
  1. Which of the following is the best type of leadership that should assume control while the disaster recovery plan is being carried out?a. committeeb. proceduralc. interactived. democratic
A

B: A disaster recovery plan should minimize the need for personnel to make decisions during and after a disaster. Thus a procedural leadership would simply follow the directions as outlined in the disaster recovery plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q
  1. The primary goal of the data processing continuity aspect of disaster recovery planning is?a. maintain data integrity throughout the disasterb. maintain functional networking access throughout the disasterc. ensure workers can complete their work tasksd. moving the entire IT infrastructure over to a secondary location
A

C: The primary goal of the data processing continuity aspect of disaster recovery planning is to ensure workers can complete their work tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q
  1. Which of the following is not an advantage to a service bureau contract for an alternate processing site?a. resource contention during a large emergencyb. testing is often possiblec. cost effectived. offers quick response and reasonable availability
A

A: Service bureau contracts for alternate processing sites becomes a disadvantage when the resources are over allocated and they are insufficient to handle all clients during a large emergency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q
  1. Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for?a. rolling mobile backup sitesb. hot sitec. multiple processing centersd. service bureau contracts
A

B: Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for hot sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q
  1. Which of the following should not be true regarding an alternate site?a. located far away from the primary siteb. facility should be far enough away not to be affected by the same disasterc. located very close to the primary sited. should support the mission critical processes of the organization
A

C: The alternate site should not be very close to the primary site, otherwise it will be susceptible to the same disaster that affects the primary site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q
  1. Which of the following is not a disadvantage of a hot site?a. duplicate copy of sensitive datab. costc. fully configured systems with all supporting utilities and infrastructured. requires constant maintenance
A

C: The fact that a hot site has fully configured systems with all supporting utilities and infrastructure is an advantage not a disadvantage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q
  1. Which of the following is an advantage of a warm site as compared to a hot site?a. applications may not be fully installedb. systems are not fully configuredc. communications links are not installedd. moderate administrative and maintenance costs
A

D: A warm site has considerably less administrative and maintenance costs since it is not a duplicate production environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q
  1. What type of site can make adequate recovery impossible?a. cold siteb. service bureauc. multiple production centersd. mobile hot backup site
A

A: A cold site can make adequate recovery impossible because installing and configuring the infrastructure can take longer than the maximum time to recovery an organization can withstand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q
  1. What is the most common but least effective Selection of an alternate backup site?a. service bureaub. cold sitec. mobile backup sited. multiple processing centers
A

B: A cold site is the most common form of alternate backup site, but is also the least effective solution since most companies cannot withstand the down time to bring a cold site up and running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. Which of the following is not true about cold sites?a. equipment will need to be brought inb. communication lines may not be installedc. a duplicate copy of critical data is hosted thered. HVAC is probably installed
A

C: A cold site has no means to support a duplicate copy of critical data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q
  1. What is the primary benefit of using multiple processing centers?a. each location is owned and managed by a different entityb. each location is within a small geographic areac. if a location is compromised, the remaining locations may not have sufficient capabilities to handle the additional loadd. the mission critical applications of an organization are spread among numerous physical locations
A

D: The primary benefit of using multiple processing centers is that mission critical applications of an organization are spread among numerous physical locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q
  1. Which type of disaster recovery test is performed by individuals separately rather than by a group of personnel working together as a team?a. checklist testb. simulation testc. structured walk through testd. parallel test
A

A: A checklist test is performed by individuals separately rather than by a group of personnel working together as a team.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q
  1. Which of the following disaster recovery tests can be performed simultaneously with any of the other tests?a. Simulation testb. Checklist testc. Parallel testd. Full interruption test
A

B: A checklist test can also be performed simultaneously with any other test to keep the plan current. The checklist is usually the first test to be performed to check for omissions or changes needed to the plan.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q
  1. Which form of disaster recovery test performs all activities of the plan up to but not including point of starting processing at the alternate site?a. full interruption testb. structured walk through testc. simulation testd. parallel test
A

C: A simulation test performs all activities of the plan up to but not including point of starting processing at the alternate site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q
  1. Another name for electronic vaulting is?a. remote journalingb. parallel processingc. database shadowingd. batch processing
A

D: Batch processing is another name for electronic vaulting.

50
Q
  1. The act of parallel processing transactions is also known as?a. remote journalingb. electronic vaultingc. batch processingd. database shadowing
A

A: Remote journaling is the act of parallel processing transactions.

51
Q
  1. Which of the following is not a reason to test a disaster recovery plan?a. testing verifies the accuracy of the proceduresb. testing minimizes legal liabilityc. testing trains personneld. testing verifies the processing capability of the alternate site
A

B: Testing does not minimize legal liability, rather the overall act of designing and implementing a plan minimizes legal liability.

52
Q
  1. When designing the test document (i.e. the procedure for the test) for a disaster recovery plan, all but which of the following must be included?a. the length of the testb. the participants in the testc. the cost in productivity of the testd. the resources or services to be included in the test
A

C: The productivity loss due to the test is not an element of the test document. Rather it is a side effect of performing a test that must be absorbed by the organization in order to gain a better disaster recovery plan.

53
Q
  1. Which of the follow types of disaster recovery plan tests should be performed first to discover any omissions or modifications that may be needed for your plan?a. structured walk through testb. simulation testc. parallel testd. checklist test
A

D: A checklist test allows for department heads or functional managers to review the plan and indicate if anything has been omitted or needs to be modified. The planning team can then implement those changes to the plan.

54
Q
  1. According to a disaster recovery plan, the recovery team is responsible for which of the following?a. returning to the primary siteb. get non-critical processing operations up at the primary sitec. ensure that threat to personnel at the primary site has been eliminatedd. implementing the disaster recovery plan
A

D: Implementing the disaster recovery plan is the responsibility of the recovery team.

55
Q
  1. Which of the following is a responsibility of the salvage team?a. return primary site back to normal operating conditionsb. implement the disaster recovery plan to get business functions operational at the alternate sitec. ensure personnel safety at the alternate sited. minimize the risk of disaster effect at the primary site
A

A: The primary responsibility of the salvage team is to return the primary site back to normal operating conditions.

56
Q
  1. When should the salvage team return to the primary site?a. as soon as critical processes are operating at the alternate siteb. after threat to personal safety is eliminatedc. immediately to recover the backup mediad. within 24 hours of the disaster
A

B: The salvage team should return to the primary site only after threat to personal safety is eliminated.

57
Q
  1. Which form of disaster recovery test performs all activities of the plan but processing at the primary facility does not stop?a. full interruption testb. structured walk through testc. simulation testd. parallel test
A

D: A parallel test performs all activities of the plan but processing at the primary facility does not stop.

58
Q
  1. Which form of disaster recovery test performs all activities of the plan up to the point of terminating processing at the primary site?a. full interruption testb. structured walk through testc. simulation testd. parallel test
A

D: A parallel test performs all activities of the plan up to point of terminating processing at the primary site.

59
Q
  1. Which form of disaster recovery test is an on-paper only walk through of the plan in a group meeting?a. full interruption testb. structured walk through testc. simulation testd. parallel test
A

B: A structured walk through test is an on-paper only walk through of the plan in a group meeting.

60
Q
  1. The best method to test that a disaster recovery plan is fully capable of handling a serious disaster is to use which of the following testing methods?a. simulation testb. structured walk through testc. full interruption testd. parallel test
A

C: A full interruption test is the best method to test that a disaster recovery plan is fully capable of handling a serious disaster. However, doing so can cause a disaster of its own.

61
Q
  1. Which of the following is the least important activity to perform once a disaster recovery plan is developed?a. post the plan on the public Web serverb. test the plan for viabilityc. train staff on using the pland. retain only a single version of the plan
A

A: The disaster recovery plan is not information that should be shared with the general public.

62
Q
  1. When seeking senior management signoff on the final version of a disaster recovery plan, which of the following is least important?a. whether the plan is sufficient to recover all aspects of the organizationb. the details of disaster recovery plans from other organizationsc. whether the plan has been tested for viabilityd. the level of detail the procedures include for recovering
A

B: The details of plans from other organizations is the least important factor when obtaining final senior management signoff of a disaster recovery plan.

63
Q
  1. Testing a business continuity plan performs all but which of the following?a. personnel trainingb. staff awarenessc. design improvementsd. viability testing
A

C: The results of a test may indicate that the plan needs to be improved, but actual design improvements are not the result of the testing process itself.

64
Q
  1. When is the emergency considered over in the event of activation of the disaster recovery plan?a. when mission critical operations are functioning at the alternate siteb. when threat to human safety is eliminatedc. when all operations are back at the primary sited. when the organization has maintained viability for three months after the disaster
A

C: The emergency is over when all operations are back at the primary site.

65
Q
  1. Why is an emergency not considered over until the organization fully returns to the primary site?a. human safety is not protected until the primary site is restoredb. legal requirements for insurance mandate thisc. the alternate site can never fully support the operations of the organizationd. because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site
A

D: An emergency is not over until the organization fully returns to the primary site because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site.

66
Q
  1. When returning to the primary site after the alternate site has been used for mission critical processing, what is the first step?a. return non-mission critical functions to the primary siteb. interrupt all operations at the alternate sitec. return mission critical functions to the primary sited. verify safety of the alternate site
A

A: The first step in returning to the primary site is to get non-mission critical functions operating. This will ensure that the restored IT infrastructure will be able to support the full load of the mission critical operations.

67
Q
  1. Which arrangement does not need to be done before a disaster occurs?a. establish an alternate or backup siteb. establish a media contactc. make preparations to continue writing paychecksd. create a rendezvous point for all employees
A

B: There is no need to establish media contacts before a disaster.

68
Q
  1. Which of the following represent the true scope of threats to an organization that may trigger the use of a business continuity plan or a disaster recovery plan?a. man-made, technical, accidentalb. natural, technical, circumstantialc. man-made, natural, technicald. natural, mythical, theoretical
A

C: The scope of threats are man-made, natural, and technical.

69
Q
  1. The most critical part of a disaster recovery plan to ensure that it will be effective in restoring the organization is?a. vulnerability assessmentb. project initiationc. senior management signoffd. ongoing maintenance
A

D: Ongoing maintenance ensures that a disaster recovery plan remains viable.

70
Q
  1. Which of the following provides the most useful or meaningful information?a. testing a disaster recovery plan and learning whether it passed or failed overallb. testing a disaster recovery plan and learning what aspects failedc. testing a business continuity plan and learning which staff members failed to follow procedured. testing a business continuity plan and restoring files from the most recent full backup
A

B: Testing a disaster recovery plan and learning what aspects failed offers the most useful and meaningful information from this list of Selections.

71
Q
  1. A business continuity plan should address which sets of threats?a. intrusion attacks and man-made disastersb. hardware failures and natural disastersc. natural and man-made disastersd. technical failures and human error
A

C: A business continuity plan should address the threats of natural and man-made disasters.

72
Q
  1. When selecting an alternate site for a disaster recovery plan, which of the following is the most important consideration factor?a. locationb. sizec. costd. capability of supporting business processing
A

D: The ability for an alternate site to support business processing is the most important aspect when selecting an alternate site.

73
Q
  1. What is the most important element or aspect of business continuity planning or disaster recovery planning?a. vulnerability assessmentb. criticality prioritizationc. maintaining critical processes across any disruptive eventd. management support
A

D: The most important element is management support.

74
Q
  1. In the event of a minor disaster, which of the following activities should occur to restore systems and recover data files?a. initiate the business continuity planb. restore files from backupc. initiate a full interruption testd. perform a vulnerability analysis
A

A: Initiating the business continuity plan is the activity that should take place after a minor disaster to restore systems and recover data files.

75
Q
  1. Qualitative and quantitative elements can be found in which of the following?a. senior management approvalb. business impact analysisc. simulation testingd. criticality prioritization
A

B: Business impact analysis includes qualitative and quantitative elements.

76
Q
  1. When designing a business continuity plan to prevent single points of failure, which of the following is the most important?a. use RAIDb. test backupsc. establish redundancyd. install surge protectors
A

C: Prevention of single points of failure involves implementation of redundancy throughout the IT infrastructure.

77
Q
  1. The owner of the business continuity plan and the disaster recovery plan in your organization is?a. CIRTb. Internal auditorc. departmental network administratord. senior management
A

D: The senior manager is the owner of the business continuity and disaster recovery plans for an organization.

78
Q
  1. When performing a business impact analysis, which of the following is necessary?a. outlining critical operation dependenciesb. contracting with a service bureauc. selecting countermeasuresd. defining staff responsibilities
A

A: Business impact analysis includes defining or outlining the dependencies of critical business operations.

79
Q
  1. What is the primary disadvantage of dividing the IT infrastructure of an organization among multiple sites or processing centers?a. Decreased risk of downtime due to multiple operation centersb. Most cost effective than maintaining a hot sitec. Administrationd. All facilities are owned or controlled by the organization
A

C: Administration of multiple sites is the primary disadvantage of employing a multi-site IT infrastructure.

80
Q
  1. The primary factor when selecting a secondary or backup facility site for use during a disaster is?a. Costb. Source of hardware replacement componentsc. Use of service bureaus to provide backup servicesd. Distance from primary facility
A

D: The backup or secondary facility should be far enough away from the primary facility so that it is not affected by the same disaster but close enough that it can be reached by personnel within an acceptable amount of time (usually 1/2 day’s travel).

81
Q
  1. Which of the following is described by the use of a live process that duplicates transactions and entire files from a primary server to backup/secondary servers at alternate/backup sites?a. Database shadowingb. Remote Journalingc. Electronic vaultingd. Batch dump processing
A

A: Database shadowing maintains duplicate servers by relying on remote journaling as well as the transfer of entire files from the primary server to the backup servers.

82
Q
  1. When testing a disaster recovery plan, which of the following is true?a. A plan can be trusted before it is testedb. Every element of the plan should be testedc. Only simulations of the plan should be attempted when testingd. Tests should always involve the disruption of the production environment
A

B: Every element of the plan should be tested.

83
Q
  1. Which of the following is the most often overlooked aspect of disaster recovery?a. maintaining employee compensation mechanismsb. protecting human safetyc. restoring and maintaining critical business functionsd. alternate site Selection
A

A: The most often overlooked aspect of disaster recovery is maintaining a mechanism by which to continue issuing employee paychecks.

84
Q
  1. The best location for a data center in an alternate site is?a. ground floorb. center of buildingc. sub-basementd. penthouse
A

B: The center of the building is always the best choice for a data center in any type of site.

85
Q
  1. What is the main drawback to mutual aid agreements?a. Agreements are made with companies with similar IT infrastructure needsb. Offers a crisis protection scheme that does not require significant preparation expense.c. Assumes the infrastructure of one organization can sustain the operations of both organizations during a crisis.d. Both parties in the agreement agree to support each other during a crisis.
A

C: This is the primary drawback to mutual aid agreements.

86
Q
  1. What type of alternate processing facility has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure?a. Secondary siteb. Cold sitec. Warm sited. Hot site
A

D: A hot site is an alternate processing facility that has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure.

87
Q
  1. Which of the following is an advantage of a hot site?a. Minimized downtimeb. Costc. Service provider overselling its capacityd. Site security
A

A: This is an advantage of a hot site. A hot site minimizes downtime due to a disaster at the primary facility. Downtime is usually limited to travel time between the two facilities and a minimal reconfiguration effort.

88
Q
  1. Which of the following is a benefit of a cold site?a. Installation of communication linksb. Costc. Pre-installation of basic infrastructured. Ability to adequately and efficiently recover from a disaster
A

B: A cold site is very cost effective, because it is little more than rent on an empty facility.

89
Q
  1. Which of the following is not an important consideration for a disaster recovery plan?a. Interfacing with external groups such as emergency services, utility providers, customers, etc.b. Preparations to continue paying salaries even with interrupted productionc. Maintaining manager vacations and Christmas bonuses during a crisisd. Maintaining adequate insurance to cover all liabilities
A

C: This is not an important consideration of a disaster recovery plan.

90
Q
  1. Part of emergency response awareness, all employees should have minimal training in all but which of the following?a. First aidb. Use of a fire extinguisherc. Evacuation routesd. Management of toxic gases
A

D: Management of toxic gases is an activity that requires specialized training and equipment. This is not a normal awareness activity for employees.

91
Q
  1. Which of the following is not an important element or aspect of business continuity planning (BCP) or disaster recovery planning (DRP)?a. Minimum operational IT system requirementsb. Obtaining replacement hardwarec. Restoring critical operations d. Maintaining a reliable backup solution
A

A: This is not an aspect of either BCP or DRP.

92
Q
  1. Which testing procedure exercised every phase of the plan up to but not including initiating alternate processing?a. Structured walk-through testb. Parallel testc. Simulation testd. Full-interruption test
A

C: A simulation test exercises every phase of the plan up to but not including initiating alternate processing

93
Q
  1. What is the best way to test a plan in order to determine whether the entire plan will function as expected or fail?a. Structured walk-through testb. Parallel testc. Simulation testd. Full-interruption test
A

D: A full-interruption test is the only way to verify that every element of the plan will function as designed.

94
Q
  1. The salvage team returns to the original production site when?a. Once the possibility of personal injury is eliminatedb. While personnel evacuation is taking placec. Only after the recovery site is shut downd. The salvage team never returns to the original production site
A

A: The salvage team only returns to the original production site only after the possibility of personal injury is eliminated.

95
Q
  1. When is an emergency over in terms of the disaster recovery plan?a. Once the organization is fully operational at the backup siteb. Once the organization fully returns to the original production sitec. Once the possibility of personal injury is eliminatedd. Once critical production systems are restored at the recovery site
A

B: An emergency is only over after the organization fully returns to the original production site.

96
Q
  1. What policy or plan is the final option when a disaster strikes and all other plans fail?a. Mutual aid agreementb. Business continuity planc. Disaster recovery pland. Insurance policy
A

D: The last option is an insurance plan.

97
Q
  1. Which backup or protection mechanisms can be used to quickly restore a database from the secondary location due to a virus corruption of the data at the primary location?a. Sending an employee to the second site to physically move the duplicate system back to the primary siteb. Create a drive image from the secondary site, then use the drive image to restore the primary sitec. Off-site tape storaged. Electronic vaulting
A

D: The use of electronic vaulting is the fastest mechanism to restore a damaged system at the primary site from the backup stored at the secondary site. Electronic vaulting consists of online storage of backups, which can be quickly accessed and restored.

98
Q
  1. What factor should determine whether restoring telecommunications is a critical function of the disaster recovery plan?a. Whether the organization can function productively without itb. Whether the service can be installed in a timely mannerc. Whether the service is pre-installed at the secondary locationd. Whether the budget will support an emergency response for the service
A

A: Whether the organization can function productively without a service is the determining factor for defining the restoration of a service, such as telecommunications, is a critical element of a disaster recovery plan.

99
Q
  1. When storing backup tapes at an off-site facility for an organization which controls highly classified military assets, which of the following is the most important aspect to consider?a. The format of the backup tapesb. The number of backup tapes stored offsitec. The useful life of the stored datad. Whether the same route is traveled at the same time each day between the facility and the off-site storage location
A

D: The travel route is the most important aspect to consider from this list. If the data is highly classified, then very high security standards need to be maintained. This would include varying the route and the time which backup tapes are transferred offsite to prevent timed attacks against the transfer vehicles.

100
Q
  1. Which of the following network devices offers the least redundancy or fault tolerance?a. Switchb. UPSc. FDDId. Hub
A

D: A hub is not redundant or fault tolerant.

101
Q
  1. In order to minimize losses due to a disaster, what must occur?a. A hot site must be available for immediate transfer of production operationsb. Minimizing the disaster recovery time periodc. All personnel should be thoroughly trained in contingency activitiesd. Ensuring non-critical functions are restored first
A

B: Minimizing the disaster recovery time period will directly reduce the losses associated with the disaster.

102
Q
  1. What factor determines the frequency at which a disaster recovery plan should be tested?a. Budgetb. Management choicec. Asset movement and changed. Employee turnover
A

C: The rate of asset movement and change determines how frequently the DRP should be tested. The more assets change and move, the more often the DRP should be tested.

103
Q
  1. What is the final element of disaster recovery planning?a. Impact analysisb. Plan developmentc. Plan maintenanced. Plan testing
A

C: Plan maintenance is the final element of DRP, maintenance is ongoing.

104
Q
  1. The most important characteristic of a disaster recovery team coordinator is?a. Security certificationsb. Extensive IT infrastructure experiencec. Background and training in business managementd. The ability to communicate well with both technical and non-technical personnel
A

D: The most important characteristic of a disaster recovery team coordinator is the ability to communicate well with both technical and non-technical personnel.

105
Q
  1. Which method is the best way to maintain a business continuity plan or a disaster recovery plan?a. Thorough testing and end-user evaluationb. Management oversight and refinementc. A combination of top-down and bottom-up approachesd. External independent analysis and review
A

C: The best method for maintaining a recovery plan is to use both top-down (management) and bottom-up (test results) approaches.

106
Q
  1. A disaster recovery plan is primarily concerned with protecting against?a. Financial lossesb. Asset lossesc. Equipment lossesd. Market share losses
A

A: A DRP is primarily concerned with protecting against financial losses.

107
Q
  1. What is the best way to test a disaster recovery plan?a. During a crisisb. Unannounced c. Using simulationsd. Immediately after a disaster occurs
A

B: The best way to test a DRP is like an unannounced fire drill. A few key managers should be aware of the test, but all aspects of the DRP should be implemented to ensure they operate as designed.

108
Q
  1. A traffic accident results in a delivery van crashing into your server cage located in the corner of your building. All systems within the cage are damaged beyond repair. What would have been the best course of action to prepare for such an emergency?a. Arrange for a cold site backup facilityb. Adequately train employees in security awarenessc. Raise anti-van shieldd. Implemented a daily offsite electronic vault backup system.
A

D: The best preparatory action for such a disaster is an offsite backup solution.

109
Q
  1. When performing contingency planning for a SOHO LAN, which of the following should be considered?a. Remote access connectivity for telecommutersb. Backup solutionsc. Hot site alternate processing facilityd. Rolling mobile backup sites with self-contained A/C and fully installed servers
A

B: A SOHO (small office, home office) LAN should concern itself with backup solutions as part of its contingency plan.

110
Q
  1. What type of site is most effective in providing a short recovery time?a. Cold siteb. Warm sitec. Hot sited. A partner site via mutual aid agreement
A

C: A hot site is most effective in providing a short recovery time.

111
Q
  1. A disaster recovery contingency plan is most concerned with addressing what sorts of issues, hindrances, or threats?a. Administrativeb. Logicalc. Physicald. Technical
A

C: A disaster recovery contingency plan is most concerned with addressing physical threats.

112
Q
  1. The business continuity planning documentation and the formalized security policy documentation are?a. The same documentb. Separate but complementary documentsc. Mutually exclusive documentsd. Regulated documents by the government
A

B: The business continuity planning documentation and the formalized security policy documentation are separate but complementary documents.

113
Q
  1. Which of the following is typically not included or considered when developing a disaster recovery or contingency plan?a. Hardware failureb. Power lossc. Postal delivery interruptionsd. Natural disasters
A

C: Postal delivery interruptions are typically not included or even considered in disaster recovery or contingency planning.

114
Q
  1. The first step that should be performed when implementing a contingency plan is to?a. Inventory the hardwareb. Perform a full backupc. Valuation of assetsd. Arrange for an offsite backup processing center
A

B: The first step that should be performed when implementing a contingency plan is to perform a full backup.

115
Q
  1. If an organization does not have a disaster recovery plan and an earthquake destroys the primary processing facility, who is held liable?a. Insurance companyb. IT staffc. Senior managementd. Risk analysis team
A

C: Senior management is held liable for the lack of due care and due diligence in forming a disaster recovery plan.

116
Q
  1. What is the primary limitation of disaster recovery planning?a. The inability to address all possible types of disastersb. The inability to provide adequate awareness training for employeesc. The inability to obtain senior management buyoffd. The inability to deploy adequate safeguards
A

A: This is the primary limitation of DRP.

117
Q
  1. When a hardware failure occurs, what designation determines the length of time the recovery process will take?a. Cost of the repairb. Availability of replacement partsc. Mean time to repaird. Thoroughness of the business continuity plan
A

C: The mean time to repair determines how long it will take to repair a system and thus directly relates to the recovery time period.

118
Q
  1. Which of the following is the least expensive option when preparing for an offsite secondary operations facility?a. Mutual aid agreementb. Hot site alternate facilityc. Warm site backup facilityd. Redundant servers on opposite ends of the organization’s main campus
A

A: Mutual aid agreement is the cheapest way to prepare for an offsite secondary operations facility.

119
Q
  1. What aspect of a business continuity plan, a disaster recovery plan, or even a contingency plan is most difficult to obtain upper management buyoff?a. Financialb. Employee awareness trainingc. Plan testingd. Insurance policies
A

A: Financial is the most difficult aspect of disaster planning to obtain senior management buyoff for due to the fact that it involves a significant amount of spending to prevent possible future disasters.

120
Q
  1. When selecting an insurance policy to reduce the effects of a disaster on an organization, what is the most important criteria to consider?a. Overall costb. Familiarity of the insurance company with your specific field of operationc. Total value of the organization’s assetsd. Evaluating asset value with various risks
A

D: This is the best criteria for selecting an insurance policy.

CISSP (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions