BCP

Question 1

to start business continuity processes

Answer 1

activation

Question 2

Notification that a potential disaster situation exists or has occurred

Answer 2

alert

Question 3

location to perform the business function

Answer 3

alternate site

Question 4

A copy of files and programs made to facilitate recovery if necessary.

Answer 4

Backup

Question 5

documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business processes will be sustained during and after a significant disruption.

Answer 5

Business Continuity Plan

Question 6

ongoing process supported and funded by executive staff to ensure business continuity requirements are assessed, resources are allocated and, recovery and continuity strategies and procedures are completed and tested

Answer 6

business continuity program

Question 7

group of decision makers, business owners, technology experts and continuity professionals, tasked with making strategic recovery and continuity planning decisions for the organization.

Answer 7

business continuity steering committee

Question 8

detailed review of information system’s requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption.

Answer 8

Business Impact Analysis

Question 9

Any event, whether anticipated or unanticipated which stops the normal course of business operations at an organization location.

Answer 9

business interruption

Question 10

contract to pay for disaster related expenses that may be incurred until operations are fully recovered.

Answer 10

business interruption insurance

Question 11

group of individuals responsible for maintaining the procedures and coordinating return of business functions and processes.

Answer 11

business recovery team

Question 12

chronological sequence of recovery activities, or critical path, that must be followed to resume an acceptable level of operations following a business interruption. may range from minutes to weeks, depending upon requirements and methodology.

Answer 12

business recovery timeline

Question 13

component which deals specifically with the relocation of a key function or department in the event of a disaster.

Answer 13

business unit recovery

Question 14

internal list of contact information used for the communication of incident information, designed in a distributed manor so that no one person is responsible for contacting everyone.

Answer 14

call tree

Question 15

(desk check) a test that answers the questions: Does the organization have the documentation it needs? Can it be located?

Answer 15

checklist test

Question 16

recovery alternative, a building only with sufficient power, and HVAC

Answer 16

cold site

Question 17

A predetermined set of instructions or procedures that describe how an organization’s mission essential functions will be sustained within 12 hours and for up to 30 days as a result of a disaster event before returning to normal operations.

Answer 17

Continuity of Operations Plan

Question 18

person responsible for overall recovery of an organization or unit(s).

Answer 18

coordinator

Question 19

A critical event, which may dramatically impact an organization’s profitability, reputation, or ability to operate.

Answer 19

crisis

Question 20

Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.

Answer 20

critical functions

Question 21

Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization

Answer 21

critical infrastructure

Question 22

documents that, if lost, would cause considerable inconvenience and/or require replacement or recreation at considerable expense.

Answer 22

critical records

Question 23

processes determined by an organization to be necessary to meet its recovery and restoration objectives. these will determine the timeframes, technologies, media and offsite storage of the backups, and will ensure that recovery point and time objectives can be met.

Answer 23

data backup strategies

Question 24

confidential system, application, program and/or production files on media that can be stored both on and/or offsite.

Answer 24

data backups

Question 25

restoration of computer files from backup media to restore programs and production data to the state that existed at the time of the last safe backup.

Answer 25

data recovery

Question 26

partial or full duplication of data from source to one or more destinations.

Answer 26

database replication

Question 27

formal announcement by pre-authorized personnel that a disaster or severe outage is predicted or has occurred and that triggers pre-arranged mitigating actions.

Answer 27

declaration

Question 28

test that answers the questions: Does the organization have the documentation and people it needs. Do they understand the documentation?

Answer 28

desk check test

Question 29

an event which stops business from continuing.

Answer 29

disaster

Question 30

A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities.

Answer 30

Disaster Recovery Plan

Question 31

A structured group of teams ready to take control of the recovery operations if a disaster should occur.

Answer 31

disaster recovery teams

Question 32

? is the duplication of data on separate disks in real time to ensure its continuous availability, currency and accuracy.

Answer 32

disk mirroring

Question 33

An unplanned event that causes an information system to be inoperable for a length of time (e.g., minor or extended power outage, extended unavailable network, or equipment or facility damage or destruction).

Answer 33

Disruption

Question 34

a back up type, where the organization has excess capacity in another location.

Answer 34

distributed processing

Question 35

practice of activity typically targeted to a specific response. The purpose is to have the participants follow the designated response activities specified in their plans to become more proficient in executing the response activity.

Answer 35

Drills - Test

Question 36

transmission of backup data to an offsite facility; it eliminates the need for tape shipment and therefore significantly shortens the time required to move the data offsite.

Answer 36

electronic vaulting

Question 37

sudden, unexpected event requiring immediate action due to potential threat to health and safety, the environment, or property.

Answer 37

emergency

Question 38

location where coordination and execution of BCP or DRP is directed

Answer 38

Emergency Operations Center

Question 39

plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.

Answer 39

emergency procedures

Question 40

planning for the delegation of authority required when decisions must be made without the normal chain of command

Answer 40

executive succession

Question 41

activity that is performed for the purpose of training and conditioning team members, and improving their performance.

Answer 41

exercise

Question 42

asynchronous duplication of the production database on separate media to ensure data availability, currency and accuracy.

Answer 42

file shadowing

Question 43

process of recovering a database to the point of failure by applying active journal or log data to the current backup files of the database.

Answer 43

forward recovery

Question 44

live, very high risk test.

Answer 44

Full Interruption Test

Question 45

recovery alternative, everything needed for the business function, except people and last backup

Answer 45

hot site

Question 46

magnitude of harm that can be expected to result from consequences of unauthorized disclosure of information, unauthorized modification of information, unauthorized destruction of information, or loss of information or information system availability.

Answer 46

Impact

Question 47

classify the intensity of a potential impact that may occur if the information system is jeopardized.

Answer 47

Impact Level

Question 48

highest level of authority at EOC with knowledge of the business process and the resources available

Answer 48

incident manager

Question 49

reaction of an organization to a significant event that may impact the organization, its people, or its ability to function productively.

Answer 49

incident response

Question 50

documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against an organization's information system(s).

Answer 50

Incident Response Plan

Question 51

management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies, system failures, or disasters.

Answer 51

Information System Contingency Plan

Question 52

test conducted on multiple components of a plan, in conjunction with each other, typically under simulated operating conditions

Answer 52

integrated test

Question 53

process of logging single changes or updates to a database since the last full backup.

Answer 53

journaling

Question 54

an exercise where the plan is executed as if a real disaster has taken place at a specific point in the facility and is typically conducted with multiple BC/DR teams. (simulation test)

Answer 54

Live Walk-Through Test

Question 55

amount of time mission/business process can be disrupted without causing significant harm to the organization's mission.

Answer 55

Maximum Tolerable Downtime

Question 56

recovery alternative, complete duplication of services including personnel

Answer 56

mirrored site

Question 57

essential to the organization’s ability to perform necessary business functions.

Answer 57

mission-critical application

Question 58

recovery alternative, short-term, high cost movable processing location

Answer 58

mobile site

Question 59

backup of data located where staff can gain access readily and a localized disaster will not cause harm

Answer 59

near site

Question 60

backup of data located where staff can not gain access readily and a regional disaster will not cause harm

Answer 60

off site

Question 61

Alternate location where duplicated vital records and documentation may be stored for use during disaster recovery.

Answer 61

off-site storage

Question 62

backup of data located where staff can gain access immediately

Answer 62

on-site

Question 63

determines the significance of the loss of an operational or technological resource. The loss of a system, network or other critical resource may affect a number of business processes.

Answer 63

operational impact analysis

Question 64

test conducted on one or more components of a plan under actual operating conditions.

Answer 64

operational test

Question 65

operational test is held at the same time with the actual processing of critical systems to ensure that the systems will run correctly at the alternative site.

Answer 65

Parallel Test

Question 66

between two organizations (or two internal business groups) with basically the same equipment/same environment that allows each one to recover at each other’s site.

Answer 66

reciprocal agreement

Question 67

time period between a disaster and a return to normal functions, during which the disaster recovery plan is employed.

Answer 67

recovery period

Question 68

determinant of the amount of data that may need to be recreated after the systems or functions have been recovered. stipulates the amount of data an organization can lose when a disaster occurs

Answer 68

Recovery Point Objective

Question 69

target time which respects tolerance for loss of certain business function, basis of strategy stipulates the amount of time an organization needs to recover from a disaster

Answer 69

Recovery Time Objective

Question 70

database backup type which records at the transaction level

Answer 70

remote journaling

Question 71

backup type which creates a complete copy

Answer 71

replication

Question 72

ability to quickly adapt and recover from any known or unknown changes to the environment through holistic implementation of risk management, contingency, and continuity planning.

Answer 72

Resilience

Question 73

planning with a goal of returning to the normal business function

Answer 73

restoration

Question 74

process of planning for and/or implementing the restarting of defined business operations following a disaster, usually beginning with the most critical or time-sensitive functions first.

Answer 74

resumption

Question 75

assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure and evaluating the cost for such controls; involves an evaluation of the probabilities of a particular negative event.

Answer 75

risk assessment / analysis

Question 76

Implementation of measures to limit specific threats to the continuity of business operations, and/or respond to any occurrence of such threats in a timely and appropriate manner.

Answer 76

risk mitigation

Question 77

recovery alternative which outsources a business function at a cost

Answer 77

service bureau

Question 78

backup type, for databases at a point in time

Answer 78

shadowing

Question 79

scenario based test that answers the question: Can the organization replicate the business process?

Answer 79

simulation

Question 80

test conducted on a specific component of a plan, in isolation from other components, typically under simulated operating conditions.

Answer 80

standalone test

Question 81

One method of testing a specific component of a plan. Typically, a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.

Answer 81

structured walkthrough

Question 82

The scope of activities associated with initiation, development and acquisition, implementation, operation and maintenance, and ultimately its disposal

Answer 82

System Development Life Cycle

Question 83

planned or unplanned interruption in system availability

Answer 83

system downtime

Question 84

A is a test that exercises all or part of the BC/DR plan as specified in the scope of the test plan.

Answer 84

Tabletop Walk-Through Test

Question 85

document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster.

Answer 85

test plan

Question 86

to evaluate the current situation and make basic decisions as to what to do

Answer 86

triage

Question 87

first test conducted to familiarize the team leader and members with the plan. It addresses all components of the BC/ DR plan.

Answer 87

Walk-Through Test

Question 88

recovery alternative which includes cold site and some equipment and infrastructure is available

Answer 88

warm site