7 - Business Continuity and Disaster Recovery Plan Flashcards
1
Q
- Once a business continuity plan is developed and approved by senior management, what final critical element must be addressed?a. Filing of the plan with local emergency servicesb. Performing a qualitative risk analysisc. Creating awareness of the plan throughout the organizationd. Perform a structured walk-through test
A
C: This is the final required step in business continuity planning.
2
Q
- Each time the business continuity plan is updated or revised, what must be done?a. Perform a new cost/benefit analysisb. A checklist test must be performedc. Update your countermeasuresd. Destroy all copies of all old version of the plan.
A
D: This is a required step to ensure that only one version of the plan is distributed within the organization. 9. What is the primary objective of a disaster recovery plan?
3
Q
- What is the primary objective of a disaster recovery plan?a. To recover critical processes in a timely mannerb. Manage public relations after a crisisc. To minimize financial loss during normal operations outaged. Re-design the security infrastructure of the organization after an emergency
A
A: This is the primary objective of a disaster recovery plan.
4
Q
- Which of the following is not an objective of a disaster recovery plan?a. Protecting the organization from significant loss due to the failure of its IT infrastructureb. Empowering personnel for decision making during a crisis situationc. Minimizing risks to the organization from delays in providing servicesd. Guaranteeing the reliability and availability of standby systems through testing and evaluation
A
B: An objective of a disaster recovery plan is to minimize decision making during a crisis.
5
Q
- The security issue that addresses ongoing processing activity in the face of minor disruptive events is known as?a. business continuity planningb. disaster recovery planningc. mission critical relocation planningd. redundancy development planning
A
A: Business continuity planning is the security issue that addresses ongoing processing activity in the face of minor disruptive events.
6
Q
- Who is ultimately responsible for the business continuity planning?a. Disaster recovery teamb. IT staffc. End usersd. Senior management
A
D: Senior management is ultimately responsible for the success or failure of the business continuity plan. 5. Which of the following is not one of the three primary goals of business impact analysis?
7
Q
- Which of the following is not one of the three primary goals of business impact analysis?a. Plan testing and verificationb. Criticality prioritizationc. Downtime estimationd. Resource requirements
A
A: Business impact analysis is the disaster equivalent of risk analysis, it does not have an implementation plan associated with it and there such a plan does not need testing or verification.
8
Q
- Which of the following is not an aspect of quantitative loss criteria associated with business impact analysis?a. Financial loss due to violations of contract agreementsb. Loss of competitive advantage or market sharec. Financial losses due to capital expenditured. Losses associated with financial liability expenditures
A
B: This is a qualitative loss criteria.
9
Q
- Business continuity planning is designed to handle what sort of conditions?a. Moderate disruptive eventsb. Major disruptive events to very destructive eventsc. Daily work activitiesd. Total destruction of a company and its assets
A
A: Business continuity planning is designed to handle moderate disruptive events.
10
Q
- Which of the following is not a goal of business continuity planninga. Reduce the risk of financial lossb. Reformulate the security policy to more adequately prepare for intrusion attempts during the recovery processc. Recover from a disruptive event quicklyd. Mitigate the risks associated with a disruptive event
A
B: This is not a goal of business continuity planning. This is part of the normal review and improvement process of the formalized security structure.
11
Q
- What is the top priority of business continuity planning?a. Quick and efficient recovery of the organizationb. Minimizing financial losses due to a disruptive eventc. Safety of the personneld. Managing public opinion about the organization during a crisis
A
C: The top priority of business continuity planning is the safety of personnel.
12
Q
- Which of the following is considered an essential element of due care and due diligence?a. creation of InfoSec teamsb. business continuity and disaster recovery planningc. delegating implementation tasks to subordinatesd. senior management sign off on all security planning
A
B: Business continuity and disaster recovery planning are considered essential elements of due care and due diligence.
13
Q
- Business continuity planning should address all but which of the following?a. local area network componentsb. telecommunicationsc. employee personal possessionsd. applications and software
A
C: Employee personal possessions are the responsibility of the employees, not the organization and its business continuity planning.
14
Q
- Which of the following is not an event that would be considered to trigger application of the business continuity plan?a. fire in the data centerb. earthquake resulting in broken communication linesc. floods affecting the basement levels onlyd. an intrusion attack that compromises a Web server
A
D: Intrusion attacks are not events that trigger the business continuity plan. Instead, intrusion attacks trigger normal InfoSec or CIRT response teams.
15
Q
- Which of the following is not a goal or objective of business continuity planning?a. reduce the risks associated with a disruptive eventb. minimize costs associated with recovering from a disruptive eventc. promptly recover from a disruptive eventd. provide a procedural guide so minimal decisions are made during an event.
A
B: Business continuity planning does not deal with recovering from disruptive events, rather maintaining business activity during a disruptive event. Disaster recovery planning deals with recovery.
16
Q
- Which of the following should be accomplished first when acting out a business continuity plan?a. Restore critical functionsb. Restore non-critical functionsc. Maintain personnel safetyd. Locate an alternate site
A
C: Maintaining personnel safety is always the first and top priority.
17
Q
- What is the primary difference between a disaster recovery plan and a business continuity plan?a. The severity of the damage to the area caused by a disasterb. The use of a secondary sitec. The cost of maintenanced. The interruption of mission critical processes
A
D: The primary difference is whether mission critical processes are interrupted. If they are, then disaster recovery is used, if not, then business continuity is used.
18
Q
- Although the activities themselves can be delegates, who is ultimately responsible for all phases of business continuity planning?a. Senior managementb. InfoSec teamsc. Systems auditord. Department managers
A
A: Senior management is always ultimately responsible for all aspects of security and maintaining productivity in their organization, even though the actual tasks to accomplish this may be delegated.
19
Q
- Which of the following is not a goal of business impact assessment?a. criticality prioritizationb. establishing resource requirementsc. personnel safetyd. downtime estimation
A
C: Personnel safety is the most important factor for business continuity and disaster recovery planning. However, it is not a factor or goal of a business impact assessment.
20
Q
- The Maximum Tolerable Downtime estimation is an indication of whata. how long the business continuity plan takes to developb. how long the business continuity plan takes to implementc. how long the migration to the secondary site will taked. how long can mission critical processes be down and still allow the organization to recover
A
D: The Maximum Tolerable Downtime estimation is an indication of how long can mission critical processes be down and still allow the organization to recover.
21
Q
- The business continuity planning task of identifying key business processes, ordering those processes, and evaluating event impact is known as? a. criticality prioritizationb. business impact assessmentc. vulnerability assessmentd. quantative analysis
A
B: Business impact assessment is the business continuity planning task of identifying key (critical) business processes, ordering (prioritizing) those processes, and evaluating event impact.
22
Q
- When performing a business impact analysis, which of the following is the least useful assessment material item to gather?a. organizational chartb. mission statementc. definition of business unitsd. outline of relationships within the organization
A
B: The mission statement is inconsequential and useless to the act of business impact analysis.
23
Q
- Which of the following is not one of the four aspects or elements of a business continuity plan?a. business impact assessmentb. scope and plan initiationc. business continuity plan developmentd. testing
A
D: While testing is important, it is not one of the four primary elements of a business continuity plan. In fact, testing seems to be mentioned only in relation to disaster recovery planning.
24
Q
- When updating or maintaining a business continuity plan, which of the following is most important?a. only a single version of the plan should exist throughout the organizationb. each department should develop and maintain their own planc. the business continuity plan cannot make recommendations outside of the organization’s security policyd. keeping the cost of the plan to a minimum
A
A: Only a single version of the business continuity plan should exist throughout the organization.
25
25. The process of making employees aware of the business continuity plan is found in what stage or element of the business continuity plan development process? a. business impact assessment b. plan approval and implementation c. business continuity plan development d. scope and plan initiation
B: Staff awareness is an aspect of the plan approval and implementation element of the business continuity plan development process.
26
26. Which of the following is not an event that would be considered to trigger application of the disaster recover plan? a. a terrorist bomb that destroys most of your primary site b. a wind storm that completely severs your power and communications c. a hurricane that floods your data center d. a rupture in a gas main 10 miles from your primary facility
D: When an event causes concern but does not effect your primary facility, it will not trigger the disaster recovery plan.
27
27. A disaster recovery plan may be triggered by all but which of the following? a. A mud slide burying your primary site b. Intermittent loss of access to a entertainment Web site c. A fire that destroys your entire data center d. A robbery where your primary servers are stolen
B: Internet communication interruptions that are not related to your mission critical processes will not trigger the disaster recovery plan.
28
28. The scope of the business continuity plan should be which of the following? a. people, infrastructure, key personnel, equipment b. media relations, human resources, people, facilities c. office supplies, people, infrastructure, facilities d. Infrastructure (IT), facilities, supplies and equipment
C: The scope of the business continuity plan should be everything necessary to support your mission critical services, such as office supplies, people, infrastructure, facilities.
29
29. Which of the following is not an option for alternate site Selection within disaster recovery planning? a. mutual aid agreements b. subscription services c. service bureaus d. adjacent building rental
D: Adjacent building rental is the poorest choice for an alternate site since it is so close to the original site that it is susceptible to the same disasters that could destroy the primary site.
30
30. What is a mutual aid agreement? a. two parties agree to support the other's critical business functions in the event of a disaster b. two parties agree to share the cost of maintaining an alternate site c. two parties agree to work together in building secondary locations d. an insurance company agrees to pay for IT relocation services
A: two parties agree to support the other's critical business functions in the event of a disaster
31
31. Which of the following is the most cost effective alternate site location but which is most likely to be useless when actually needed? a. hot site b. mutual aid agreements c. portable hot site d. service bureau contract
B: A mutual aid agreement is the cheapest forms of alternate site location, but since most companies barely have the capacity to support their own mission critical processes, when needed in a disaster these agreements are usually worthless.
32
32. When business impact analysis is completed, what is the end result? a. a quantitative risk analysis report b. an auditor's final qualitative report c. a business continuity plan d. a organizational security policy
C: The end result of business impact analysis is a business continuity plan.
33
33. Which of the following is not an element of the vulnerability assessment process of business impact analysis? a. quantitative analysis b. qualitative analysis c. defining critical areas and dependencies d. selecting countermeasures
D: Countermeasure Selection is associated with risk analysis, not business impact analysis vulnerability assessment.
34
34. Which of the following is not a goal of disaster recovery planning? a. Maintaining critical functions through a minor disruptive event b. Protecting an organization from major IT failure c. Minimizing the risk to an organization from the interruption of mission critical processes d. Maintaining reliable backup and restoration solutions through testing and simulation
A: Maintaining critical functions through a minor disruptive event is business continuity planning, not disaster recovery planning.
35
35. Which of the following is the best type of leadership that should assume control while the disaster recovery plan is being carried out? a. committee b. procedural c. interactive d. democratic
B: A disaster recovery plan should minimize the need for personnel to make decisions during and after a disaster. Thus a procedural leadership would simply follow the directions as outlined in the disaster recovery plan.
36
36. The primary goal of the data processing continuity aspect of disaster recovery planning is? a. maintain data integrity throughout the disaster b. maintain functional networking access throughout the disaster c. ensure workers can complete their work tasks d. moving the entire IT infrastructure over to a secondary location
C: The primary goal of the data processing continuity aspect of disaster recovery planning is to ensure workers can complete their work tasks.
37
37. Which of the following is not an advantage to a service bureau contract for an alternate processing site? a. resource contention during a large emergency b. testing is often possible c. cost effective d. offers quick response and reasonable availability
A: Service bureau contracts for alternate processing sites becomes a disadvantage when the resources are over allocated and they are insufficient to handle all clients during a large emergency.
38
38. Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for? a. rolling mobile backup sites b. hot site c. multiple processing centers d. service bureau contracts
B: Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for hot sites.
39
39. Which of the following should not be true regarding an alternate site? a. located far away from the primary site b. facility should be far enough away not to be affected by the same disaster c. located very close to the primary site d. should support the mission critical processes of the organization
C: The alternate site should not be very close to the primary site, otherwise it will be susceptible to the same disaster that affects the primary site.
40
40. Which of the following is not a disadvantage of a hot site? a. duplicate copy of sensitive data b. cost c. fully configured systems with all supporting utilities and infrastructure d. requires constant maintenance
C: The fact that a hot site has fully configured systems with all supporting utilities and infrastructure is an advantage not a disadvantage.
41
41. Which of the following is an advantage of a warm site as compared to a hot site? a. applications may not be fully installed b. systems are not fully configured c. communications links are not installed d. moderate administrative and maintenance costs
D: A warm site has considerably less administrative and maintenance costs since it is not a duplicate production environment.
42
42. What type of site can make adequate recovery impossible? a. cold site b. service bureau c. multiple production centers d. mobile hot backup site
A: A cold site can make adequate recovery impossible because installing and configuring the infrastructure can take longer than the maximum time to recovery an organization can withstand.
43
43. What is the most common but least effective Selection of an alternate backup site? a. service bureau b. cold site c. mobile backup site d. multiple processing centers
B: A cold site is the most common form of alternate backup site, but is also the least effective solution since most companies cannot withstand the down time to bring a cold site up and running.
44
44. Which of the following is not true about cold sites? a. equipment will need to be brought in b. communication lines may not be installed c. a duplicate copy of critical data is hosted there d. HVAC is probably installed
C: A cold site has no means to support a duplicate copy of critical data.
45
45. What is the primary benefit of using multiple processing centers? a. each location is owned and managed by a different entity b. each location is within a small geographic area c. if a location is compromised, the remaining locations may not have sufficient capabilities to handle the additional load d. the mission critical applications of an organization are spread among numerous physical locations
D: The primary benefit of using multiple processing centers is that mission critical applications of an organization are spread among numerous physical locations.
46
46. Which type of disaster recovery test is performed by individuals separately rather than by a group of personnel working together as a team? a. checklist test b. simulation test c. structured walk through test d. parallel test
A: A checklist test is performed by individuals separately rather than by a group of personnel working together as a team.
47
47. Which of the following disaster recovery tests can be performed simultaneously with any of the other tests? a. Simulation test b. Checklist test c. Parallel test d. Full interruption test
B: A checklist test can also be performed simultaneously with any other test to keep the plan current. The checklist is usually the first test to be performed to check for omissions or changes needed to the plan.
48
48. Which form of disaster recovery test performs all activities of the plan up to but not including point of starting processing at the alternate site? a. full interruption test b. structured walk through test c. simulation test d. parallel test
C: A simulation test performs all activities of the plan up to but not including point of starting processing at the alternate site.
49
49. Another name for electronic vaulting is? a. remote journaling b. parallel processing c. database shadowing d. batch processing
D: Batch processing is another name for electronic vaulting.
50
50. The act of parallel processing transactions is also known as? a. remote journaling b. electronic vaulting c. batch processing d. database shadowing
A: Remote journaling is the act of parallel processing transactions.
51
51. Which of the following is not a reason to test a disaster recovery plan? a. testing verifies the accuracy of the procedures b. testing minimizes legal liability c. testing trains personnel d. testing verifies the processing capability of the alternate site
B: Testing does not minimize legal liability, rather the overall act of designing and implementing a plan minimizes legal liability.
52
52. When designing the test document (i.e. the procedure for the test) for a disaster recovery plan, all but which of the following must be included? a. the length of the test b. the participants in the test c. the cost in productivity of the test d. the resources or services to be included in the test
C: The productivity loss due to the test is not an element of the test document. Rather it is a side effect of performing a test that must be absorbed by the organization in order to gain a better disaster recovery plan.
53
53. Which of the follow types of disaster recovery plan tests should be performed first to discover any omissions or modifications that may be needed for your plan? a. structured walk through test b. simulation test c. parallel test d. checklist test
D: A checklist test allows for department heads or functional managers to review the plan and indicate if anything has been omitted or needs to be modified. The planning team can then implement those changes to the plan.
54
54. According to a disaster recovery plan, the recovery team is responsible for which of the following? a. returning to the primary site b. get non-critical processing operations up at the primary site c. ensure that threat to personnel at the primary site has been eliminated d. implementing the disaster recovery plan
D: Implementing the disaster recovery plan is the responsibility of the recovery team.
55
55. Which of the following is a responsibility of the salvage team? a. return primary site back to normal operating conditions b. implement the disaster recovery plan to get business functions operational at the alternate site c. ensure personnel safety at the alternate site d. minimize the risk of disaster effect at the primary site
A: The primary responsibility of the salvage team is to return the primary site back to normal operating conditions.
56
56. When should the salvage team return to the primary site? a. as soon as critical processes are operating at the alternate site b. after threat to personal safety is eliminated c. immediately to recover the backup media d. within 24 hours of the disaster
B: The salvage team should return to the primary site only after threat to personal safety is eliminated.
57
57. Which form of disaster recovery test performs all activities of the plan but processing at the primary facility does not stop? a. full interruption test b. structured walk through test c. simulation test d. parallel test
D: A parallel test performs all activities of the plan but processing at the primary facility does not stop.
58
58. Which form of disaster recovery test performs all activities of the plan up to the point of terminating processing at the primary site? a. full interruption test b. structured walk through test c. simulation test d. parallel test
D: A parallel test performs all activities of the plan up to point of terminating processing at the primary site.
59
59. Which form of disaster recovery test is an on-paper only walk through of the plan in a group meeting? a. full interruption test b. structured walk through test c. simulation test d. parallel test
B: A structured walk through test is an on-paper only walk through of the plan in a group meeting.
60
60. The best method to test that a disaster recovery plan is fully capable of handling a serious disaster is to use which of the following testing methods? a. simulation test b. structured walk through test c. full interruption test d. parallel test
C: A full interruption test is the best method to test that a disaster recovery plan is fully capable of handling a serious disaster. However, doing so can cause a disaster of its own.
61
61. Which of the following is the least important activity to perform once a disaster recovery plan is developed? a. post the plan on the public Web server b. test the plan for viability c. train staff on using the plan d. retain only a single version of the plan
A: The disaster recovery plan is not information that should be shared with the general public.
62
62. When seeking senior management signoff on the final version of a disaster recovery plan, which of the following is least important? a. whether the plan is sufficient to recover all aspects of the organization b. the details of disaster recovery plans from other organizations c. whether the plan has been tested for viability d. the level of detail the procedures include for recovering
B: The details of plans from other organizations is the least important factor when obtaining final senior management signoff of a disaster recovery plan.
63
63. Testing a business continuity plan performs all but which of the following? a. personnel training b. staff awareness c. design improvements d. viability testing
C: The results of a test may indicate that the plan needs to be improved, but actual design improvements are not the result of the testing process itself.
64
64. When is the emergency considered over in the event of activation of the disaster recovery plan? a. when mission critical operations are functioning at the alternate site b. when threat to human safety is eliminated c. when all operations are back at the primary site d. when the organization has maintained viability for three months after the disaster
C: The emergency is over when all operations are back at the primary site.
65
65. Why is an emergency not considered over until the organization fully returns to the primary site? a. human safety is not protected until the primary site is restored b. legal requirements for insurance mandate this c. the alternate site can never fully support the operations of the organization d. because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site
D: An emergency is not over until the organization fully returns to the primary site because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site.
66
66. When returning to the primary site after the alternate site has been used for mission critical processing, what is the first step? a. return non-mission critical functions to the primary site b. interrupt all operations at the alternate site c. return mission critical functions to the primary site d. verify safety of the alternate site
A: The first step in returning to the primary site is to get non-mission critical functions operating. This will ensure that the restored IT infrastructure will be able to support the full load of the mission critical operations.
67
67. Which arrangement does not need to be done before a disaster occurs? a. establish an alternate or backup site b. establish a media contact c. make preparations to continue writing paychecks d. create a rendezvous point for all employees
B: There is no need to establish media contacts before a disaster.
68
68. Which of the following represent the true scope of threats to an organization that may trigger the use of a business continuity plan or a disaster recovery plan? a. man-made, technical, accidental b. natural, technical, circumstantial c. man-made, natural, technical d. natural, mythical, theoretical
C: The scope of threats are man-made, natural, and technical.
69
69. The most critical part of a disaster recovery plan to ensure that it will be effective in restoring the organization is? a. vulnerability assessment b. project initiation c. senior management signoff d. ongoing maintenance
D: Ongoing maintenance ensures that a disaster recovery plan remains viable.
70
70. Which of the following provides the most useful or meaningful information? a. testing a disaster recovery plan and learning whether it passed or failed overall b. testing a disaster recovery plan and learning what aspects failed c. testing a business continuity plan and learning which staff members failed to follow procedure d. testing a business continuity plan and restoring files from the most recent full backup
B: Testing a disaster recovery plan and learning what aspects failed offers the most useful and meaningful information from this list of Selections.
71
71. A business continuity plan should address which sets of threats? a. intrusion attacks and man-made disasters b. hardware failures and natural disasters c. natural and man-made disasters d. technical failures and human error
C: A business continuity plan should address the threats of natural and man-made disasters.
72
72. When selecting an alternate site for a disaster recovery plan, which of the following is the most important consideration factor? a. location b. size c. cost d. capability of supporting business processing
D: The ability for an alternate site to support business processing is the most important aspect when selecting an alternate site.
73
73. What is the most important element or aspect of business continuity planning or disaster recovery planning? a. vulnerability assessment b. criticality prioritization c. maintaining critical processes across any disruptive event d. management support
D: The most important element is management support.
74
74. In the event of a minor disaster, which of the following activities should occur to restore systems and recover data files? a. initiate the business continuity plan b. restore files from backup c. initiate a full interruption test d. perform a vulnerability analysis
A: Initiating the business continuity plan is the activity that should take place after a minor disaster to restore systems and recover data files.
75
75. Qualitative and quantitative elements can be found in which of the following? a. senior management approval b. business impact analysis c. simulation testing d. criticality prioritization
B: Business impact analysis includes qualitative and quantitative elements.
76
76. When designing a business continuity plan to prevent single points of failure, which of the following is the most important? a. use RAID b. test backups c. establish redundancy d. install surge protectors
C: Prevention of single points of failure involves implementation of redundancy throughout the IT infrastructure.
77
77. The owner of the business continuity plan and the disaster recovery plan in your organization is? a. CIRT b. Internal auditor c. departmental network administrator d. senior management
D: The senior manager is the owner of the business continuity and disaster recovery plans for an organization.
78
78. When performing a business impact analysis, which of the following is necessary? a. outlining critical operation dependencies b. contracting with a service bureau c. selecting countermeasures d. defining staff responsibilities
A: Business impact analysis includes defining or outlining the dependencies of critical business operations.
79
79. What is the primary disadvantage of dividing the IT infrastructure of an organization among multiple sites or processing centers? a. Decreased risk of downtime due to multiple operation centers b. Most cost effective than maintaining a hot site c. Administration d. All facilities are owned or controlled by the organization
C: Administration of multiple sites is the primary disadvantage of employing a multi-site IT infrastructure.
80
80. The primary factor when selecting a secondary or backup facility site for use during a disaster is? a. Cost b. Source of hardware replacement components c. Use of service bureaus to provide backup services d. Distance from primary facility
D: The backup or secondary facility should be far enough away from the primary facility so that it is not affected by the same disaster but close enough that it can be reached by personnel within an acceptable amount of time (usually 1/2 day's travel).
81
81. Which of the following is described by the use of a live process that duplicates transactions and entire files from a primary server to backup/secondary servers at alternate/backup sites? a. Database shadowing b. Remote Journaling c. Electronic vaulting d. Batch dump processing
A: Database shadowing maintains duplicate servers by relying on remote journaling as well as the transfer of entire files from the primary server to the backup servers.
82
82. When testing a disaster recovery plan, which of the following is true? a. A plan can be trusted before it is tested b. Every element of the plan should be tested c. Only simulations of the plan should be attempted when testing d. Tests should always involve the disruption of the production environment
B: Every element of the plan should be tested.
83
83. Which of the following is the most often overlooked aspect of disaster recovery? a. maintaining employee compensation mechanisms b. protecting human safety c. restoring and maintaining critical business functions d. alternate site Selection
A: The most often overlooked aspect of disaster recovery is maintaining a mechanism by which to continue issuing employee paychecks.
84
84. The best location for a data center in an alternate site is? a. ground floor b. center of building c. sub-basement d. penthouse
B: The center of the building is always the best choice for a data center in any type of site.
85
85. What is the main drawback to mutual aid agreements? a. Agreements are made with companies with similar IT infrastructure needs b. Offers a crisis protection scheme that does not require significant preparation expense. c. Assumes the infrastructure of one organization can sustain the operations of both organizations during a crisis. d. Both parties in the agreement agree to support each other during a crisis.
C: This is the primary drawback to mutual aid agreements.
86
86. What type of alternate processing facility has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure? a. Secondary site b. Cold site c. Warm site d. Hot site
D: A hot site is an alternate processing facility that has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure.
87
87. Which of the following is an advantage of a hot site? a. Minimized downtime b. Cost c. Service provider overselling its capacity d. Site security
A: This is an advantage of a hot site. A hot site minimizes downtime due to a disaster at the primary facility. Downtime is usually limited to travel time between the two facilities and a minimal reconfiguration effort.
88
88. Which of the following is a benefit of a cold site? a. Installation of communication links b. Cost c. Pre-installation of basic infrastructure d. Ability to adequately and efficiently recover from a disaster
B: A cold site is very cost effective, because it is little more than rent on an empty facility.
89
89. Which of the following is not an important consideration for a disaster recovery plan? a. Interfacing with external groups such as emergency services, utility providers, customers, etc. b. Preparations to continue paying salaries even with interrupted production c. Maintaining manager vacations and Christmas bonuses during a crisis d. Maintaining adequate insurance to cover all liabilities
C: This is not an important consideration of a disaster recovery plan.
90
90. Part of emergency response awareness, all employees should have minimal training in all but which of the following? a. First aid b. Use of a fire extinguisher c. Evacuation routes d. Management of toxic gases
D: Management of toxic gases is an activity that requires specialized training and equipment. This is not a normal awareness activity for employees.
91
91. Which of the following is not an important element or aspect of business continuity planning (BCP) or disaster recovery planning (DRP)? a. Minimum operational IT system requirements b. Obtaining replacement hardware c. Restoring critical operations d. Maintaining a reliable backup solution
A: This is not an aspect of either BCP or DRP.
92
92. Which testing procedure exercised every phase of the plan up to but not including initiating alternate processing? a. Structured walk-through test b. Parallel test c. Simulation test d. Full-interruption test
C: A simulation test exercises every phase of the plan up to but not including initiating alternate processing
93
93. What is the best way to test a plan in order to determine whether the entire plan will function as expected or fail? a. Structured walk-through test b. Parallel test c. Simulation test d. Full-interruption test
D: A full-interruption test is the only way to verify that every element of the plan will function as designed.
94
94. The salvage team returns to the original production site when? a. Once the possibility of personal injury is eliminated b. While personnel evacuation is taking place c. Only after the recovery site is shut down d. The salvage team never returns to the original production site
A: The salvage team only returns to the original production site only after the possibility of personal injury is eliminated.
95
95. When is an emergency over in terms of the disaster recovery plan? a. Once the organization is fully operational at the backup site b. Once the organization fully returns to the original production site c. Once the possibility of personal injury is eliminated d. Once critical production systems are restored at the recovery site
B: An emergency is only over after the organization fully returns to the original production site.
96
96. What policy or plan is the final option when a disaster strikes and all other plans fail? a. Mutual aid agreement b. Business continuity plan c. Disaster recovery plan d. Insurance policy
D: The last option is an insurance plan.
97
97. Which backup or protection mechanisms can be used to quickly restore a database from the secondary location due to a virus corruption of the data at the primary location? a. Sending an employee to the second site to physically move the duplicate system back to the primary site b. Create a drive image from the secondary site, then use the drive image to restore the primary site c. Off-site tape storage d. Electronic vaulting
D: The use of electronic vaulting is the fastest mechanism to restore a damaged system at the primary site from the backup stored at the secondary site. Electronic vaulting consists of online storage of backups, which can be quickly accessed and restored.
98
98. What factor should determine whether restoring telecommunications is a critical function of the disaster recovery plan? a. Whether the organization can function productively without it b. Whether the service can be installed in a timely manner c. Whether the service is pre-installed at the secondary location d. Whether the budget will support an emergency response for the service
A: Whether the organization can function productively without a service is the determining factor for defining the restoration of a service, such as telecommunications, is a critical element of a disaster recovery plan.
99
99. When storing backup tapes at an off-site facility for an organization which controls highly classified military assets, which of the following is the most important aspect to consider? a. The format of the backup tapes b. The number of backup tapes stored offsite c. The useful life of the stored data d. Whether the same route is traveled at the same time each day between the facility and the off-site storage location
D: The travel route is the most important aspect to consider from this list. If the data is highly classified, then very high security standards need to be maintained. This would include varying the route and the time which backup tapes are transferred offsite to prevent timed attacks against the transfer vehicles.
100
100. Which of the following network devices offers the least redundancy or fault tolerance? a. Switch b. UPS c. FDDI d. Hub
D: A hub is not redundant or fault tolerant.
101
101. In order to minimize losses due to a disaster, what must occur? a. A hot site must be available for immediate transfer of production operations b. Minimizing the disaster recovery time period c. All personnel should be thoroughly trained in contingency activities d. Ensuring non-critical functions are restored first
B: Minimizing the disaster recovery time period will directly reduce the losses associated with the disaster.
102
102. What factor determines the frequency at which a disaster recovery plan should be tested? a. Budget b. Management choice c. Asset movement and change d. Employee turnover
C: The rate of asset movement and change determines how frequently the DRP should be tested. The more assets change and move, the more often the DRP should be tested.
103
103. What is the final element of disaster recovery planning? a. Impact analysis b. Plan development c. Plan maintenance d. Plan testing
C: Plan maintenance is the final element of DRP, maintenance is ongoing.
104
104. The most important characteristic of a disaster recovery team coordinator is? a. Security certifications b. Extensive IT infrastructure experience c. Background and training in business management d. The ability to communicate well with both technical and non-technical personnel
D: The most important characteristic of a disaster recovery team coordinator is the ability to communicate well with both technical and non-technical personnel.
105
105. Which method is the best way to maintain a business continuity plan or a disaster recovery plan? a. Thorough testing and end-user evaluation b. Management oversight and refinement c. A combination of top-down and bottom-up approaches d. External independent analysis and review
C: The best method for maintaining a recovery plan is to use both top-down (management) and bottom-up (test results) approaches.
106
106. A disaster recovery plan is primarily concerned with protecting against? a. Financial losses b. Asset losses c. Equipment losses d. Market share losses
A: A DRP is primarily concerned with protecting against financial losses.
107
107. What is the best way to test a disaster recovery plan? a. During a crisis b. Unannounced c. Using simulations d. Immediately after a disaster occurs
B: The best way to test a DRP is like an unannounced fire drill. A few key managers should be aware of the test, but all aspects of the DRP should be implemented to ensure they operate as designed.
108
108. A traffic accident results in a delivery van crashing into your server cage located in the corner of your building. All systems within the cage are damaged beyond repair. What would have been the best course of action to prepare for such an emergency? a. Arrange for a cold site backup facility b. Adequately train employees in security awareness c. Raise anti-van shield d. Implemented a daily offsite electronic vault backup system.
D: The best preparatory action for such a disaster is an offsite backup solution.
109
109. When performing contingency planning for a SOHO LAN, which of the following should be considered? a. Remote access connectivity for telecommuters b. Backup solutions c. Hot site alternate processing facility d. Rolling mobile backup sites with self-contained A/C and fully installed servers
B: A SOHO (small office, home office) LAN should concern itself with backup solutions as part of its contingency plan.
110
110. What type of site is most effective in providing a short recovery time? a. Cold site b. Warm site c. Hot site d. A partner site via mutual aid agreement
C: A hot site is most effective in providing a short recovery time.
111
111. A disaster recovery contingency plan is most concerned with addressing what sorts of issues, hindrances, or threats? a. Administrative b. Logical c. Physical d. Technical
C: A disaster recovery contingency plan is most concerned with addressing physical threats.
112
112. The business continuity planning documentation and the formalized security policy documentation are? a. The same document b. Separate but complementary documents c. Mutually exclusive documents d. Regulated documents by the government
B: The business continuity planning documentation and the formalized security policy documentation are separate but complementary documents.
113
113. Which of the following is typically not included or considered when developing a disaster recovery or contingency plan? a. Hardware failure b. Power loss c. Postal delivery interruptions d. Natural disasters
C: Postal delivery interruptions are typically not included or even considered in disaster recovery or contingency planning.
114
114. The first step that should be performed when implementing a contingency plan is to? a. Inventory the hardware b. Perform a full backup c. Valuation of assets d. Arrange for an offsite backup processing center
B: The first step that should be performed when implementing a contingency plan is to perform a full backup.
115
115. If an organization does not have a disaster recovery plan and an earthquake destroys the primary processing facility, who is held liable? a. Insurance company b. IT staff c. Senior management d. Risk analysis team
C: Senior management is held liable for the lack of due care and due diligence in forming a disaster recovery plan.
116
116. What is the primary limitation of disaster recovery planning? a. The inability to address all possible types of disasters b. The inability to provide adequate awareness training for employees c. The inability to obtain senior management buyoff d. The inability to deploy adequate safeguards
A: This is the primary limitation of DRP.
117
117. When a hardware failure occurs, what designation determines the length of time the recovery process will take? a. Cost of the repair b. Availability of replacement parts c. Mean time to repair d. Thoroughness of the business continuity plan
C: The mean time to repair determines how long it will take to repair a system and thus directly relates to the recovery time period.
118
118. Which of the following is the least expensive option when preparing for an offsite secondary operations facility? a. Mutual aid agreement b. Hot site alternate facility c. Warm site backup facility d. Redundant servers on opposite ends of the organization's main campus
A: Mutual aid agreement is the cheapest way to prepare for an offsite secondary operations facility.
119
119. What aspect of a business continuity plan, a disaster recovery plan, or even a contingency plan is most difficult to obtain upper management buyoff? a. Financial b. Employee awareness training c. Plan testing d. Insurance policies
A: Financial is the most difficult aspect of disaster planning to obtain senior management buyoff for due to the fact that it involves a significant amount of spending to prevent possible future disasters.
120
120. When selecting an insurance policy to reduce the effects of a disaster on an organization, what is the most important criteria to consider? a. Overall cost b. Familiarity of the insurance company with your specific field of operation c. Total value of the organization's assets d. Evaluating asset value with various risks
D: This is the best criteria for selecting an insurance policy.
