BC & DR Flashcards Preview

CISSP > BC & DR > Flashcards

Flashcards in BC & DR Deck (52)
Loading flashcards...
1

What does BCP deal with?

Keeping business operations running

2

What does DRP deal with?

Restoring normal business operations after the disaster tales place

3

What are three common elements between BCP and DRP?

- Identification of critical business functions
- Identification of disaster scenarios
- Experts

4

What two assessments are commonly used to identify critical business functions?

- Business Impact Assessment
- Vulnerability Assessment

5

What two elements are commonly used to rank possible disaster scenarios?

Probability and Impact

6

What term is used to describe the blending of BCP and DRP into a single mission?

COOP (Continuity of Business Operations)

7

What are 3 important elements of a BCP project?

- Senior Management Support
- Senior Management Involvement
- Project Team Membership

8

A BCP project generally consists of which 4 components?

- scope determination
- BIA
- BCP
- Implementation

9

What is the term used to describe a project scope when it grows beyond the original intent?

Scope Creep

10

What type of assessment would you carry out determine which business functions are more resillient and which are more fragile?

Business Impact Assessment

11

How are the effects of an impact generally categorised?

Quantitative and Qualitative

12

What 5 tasks need to be performed well as part if a Business Impact Assessment?

1. Perform a Vulnerability Assessment
2. Carry out a criticality assessment
3. Determine the maximum tolerable downtime
4. Establish recovery targets
5. Determine resource requirements

13

What is a criticality assessment?

Determines how critically important a particular business function is to the ongoing viability of the organisation.

14

What type of assessment determines the impact, both quantitative and qualitative - of the loss of a critical business function?

Vulnerability Assessment

15

Which type of assessment should identify critical support areas?

vulnerability assessment

16

What are the steps in a criticality assessment?

1. Inventory all high level business functions and rank them in order of criticality
2. Describe the impact of a disruption to each function on overall business operations.
3. Estimate the duration of a disaster event
4. Consider the impact of a disruption based on the length of time that a disaster impairs critical business functions.

17

What does MTD stand for in relation to BCP?

Maximum Tolerable Downtime

18

What are the two objectives when assessing recovery targets?

Recovery Time Objective
Recovery Point Objective

19

What term is used to describe the maximum period of time in which a business process must be restored after a disaster?

Recovery Time Objective

20

What term is used to describe the maximum period of time in which data might be lost if a disaster strikes?

Recovery Point Objective

21

4 typical resource requirements are:

- IT Systems and application
- Key personnel
- Business equipment
- Supplier and Partners

22

What is the businesses highest priority in the event of a disaster?

Personnel safety

23

What is the difference between an incremental and differential backup?

Differential takes a backup of changed files only since last full backup. Incremental takes a backup of changed files only whether it be since last full backup or last incremental backup

24

What 3 things should be considered when scheduling a data backup plan?

- time taken to perform backups
- time taken to restore backups
- procedures for restoring data

25

name 4 types of data backup

- Magnetic tape
- Virtual Tape Library
- Site replication
- Remote backup (internet)

26

What type of agreement involves a software vendor sending a copy of its software code to a third party in the event of a disaster

Software escrow agreement

27

What are two ways of providing power during prolonged power outages?

UPS (Uninterrupted power supply)
Emergency electric generator

28

What is another benefit of a UPS asides from continued power supply?

Controlled Shutdown

29

What are the 5 common types of data sites?

Cold Site
Warm Site
Hot Site
Reciprocal Site
Multi-site

30

What is a cold site in relation to a DC?

Empty computer room with basic environmental facilities, ie UP, heating, ventilation, etc.