Chapter 9 Implementing Controls to Protect Assets Flashcards by Jennifer Kajiwara

____ ____ _____ help protect access to secure areas

Physical security controls

How well did you know this?

Not at all

Perfectly

____ and ____ _____ strategies help eliminate single points of failure for critical systems.

Redundancy and fault-tolerance

How well did you know this?

Not at all

Perfectly

_____ ensure that data remains available even after data is lost.

Backups

How well did you know this?

Not at all

Perfectly

_____ ______ strategies help ensure mission critical functions continue to operate even if a disaster destroys a primary business location

Business continuity

How well did you know this?

Not at all

Perfectly

____ ___ _____ refers to the security practice of implementing several layers of protection.

Defense in depth (aka layered security)

How well did you know this?

Not at all

Perfectly

True or False: You must implement security at several different layers so if one layer fails you still have additional layers to protect you.

True

How well did you know this?

Not at all

Perfectly

____ _____ is the use of different security control types, such as technical controls, administrative controls, and physical controls.

Control diversity

How well did you know this?

Not at all

Perfectly

_____ ____ such as vulnerability assessments and penetration tests can help verify that these controls are working as expected

Administrative controls

How well did you know this?

Not at all

Perfectly

____ ________ is the practice of implementing security controls from different vendors to increase security.

Vendor diversity

How well did you know this?

Not at all

Perfectly

True or False: Many DMZs use two firewalls and vendor diversity dictates the use of firewalls from different vendors.

True

Example: One firewall could be a Cisco firewall and the other one could be a Check Point firewall.

How well did you know this?

Not at all

Perfectly

_____ _______ also helps provide defense in depth.

User training

How well did you know this?

Not at all

Perfectly

True or False: If users engage in risky behaviors, such as downloading and installing files from unknown sources or responding to phishing emails, they can give attackers a path into an organization’s network.

True

How well did you know this?

Not at all

Perfectly

True or False: Providing regular user training on common threats, and emerging threats, helps them avoid these types of attacks.

True

How well did you know this?

Not at all

Perfectly

A _____ ____ _____ is something you can physically touch, such as a hardware lock, a fence, an identification badge, and a security camera.

Physical security control

How well did you know this?

Not at all

Perfectly

______ _____ _____ ______ attempt to control entry and exits, and organizations commonly implement different controls at different boundaries

Physical security access controls

How well did you know this?

Not at all

Perfectly

List some physical security access controls

Perimeter - Border around land
Buildings
Secure work areas - i.e. SOCC, NOC
Hardware - Cabinet locks, cable locks, etc.
Airgap

How well did you know this?

Not at all

Perfectly

An ______ is a physical security control that ensures that a computer or network is physically isolated from another computer or network.

Airgap

How well did you know this?

Not at all

Perfectly

True or False: A complex physical security control is a sign

False

It is a simple physical security control

How well did you know this?

Not at all

Perfectly

True or False: It is common to secure access to controlled areas of a building with door locks, and there are many different lock types.

True

How well did you know this?

Not at all

Perfectly

A ____ ____ ____ is one that only opens after some access control mechanism is used

Door access system

How well did you know this?

Not at all

Perfectly

True or False: When implementing door access systems, it’s not important to limit the number of entry and exit points.

False

It is important

How well did you know this?

Not at all

Perfectly

True or False: In the event of a fire, door access systems should allow personnel to exit the building without any form of authentication.

True

How well did you know this?

Not at all

Perfectly

____ ____ often have four or five buttons labeled with numbers.

Cipher locks

How well did you know this?

Not at all

Perfectly

Cipher locks can be ______ or ______

Electronic or manual

How well did you know this?

Not at all

Perfectly

An _____ _____ _____ automatically unlocks the door after you enter the correct code into the keypad

Electronic cipher lock

A _____ _____ _____ requires a user to turn a handle after entering the code.

Manual cipher lock

True or False: To add complexity and reduce brute force attacks, many manual cipher locks include a code that requires two numbers entered at the same time.

True

True or False: One challenge with cipher locks is that they don't identify the users.

True

True or False: Uneducated users cannot give out the cipher code to unauthorized individuals without understanding the risks

False | They can

_______ _____ are small credit card-sized cards that activate when they are in close proximity to a card reader.

Proximity cards

True or False: Many self-serve gasoline stations and fast-food restaurants use proximity card readers embedded in credit cards.

True

True or False: The proximity card does not require its own power source.

True The electronics in the card include a capacitor and a coil that can accept a charge from the proximity card reader. When you pass the card close to the reader, the reader excites the coil and stores a charge in the capacitor. Once charged, the card transmits the information to the reader using a radio frequency.

True or False: Some door access systems include details on the user and record when the user enter or exists the area

True When used this way, it's common to combine the proximity card reader with a keypad requiring the user to enter a personal identification number (PIN). This identifies and authenticates the user with multifactor authentication. The user has something (proximity card) and knows something (PIN)

It is also possible to use _______ methods as an access control system.

Biometric

True or False: One of the benefits with using a biometric method for access control is that it provides both identification and authentication

True

True or False: It's important to ensure you use an accurate biometric system and configure it to use a low false acceptance rate.

True

_______ occurs when one user follows closely behind another user without using credentials.

Tailgating (also called piggybacking)

True or False: If authorized users routinely do tailgating, it indicates the environment is susceptible to a social engineering attack where an unauthorized user follows closely behind an authorized user.

True

True or False: Social engineers take advantage of people's polite and courteous manners

True

______ ______ areas are most susceptible to tailgating attacks.

High traffic

True or False: The best solution for preventing tailgating is a mantrap

True

A ____ is a physical security mechanism designed to control access to a secure area through a buffer zone.

Mantrap

True or False: Because they only allow one person through at a time, mantraps prevent tailgating

True

_______ get their name due to their ability to lock a person between two areas, such as an open access area and a secure access area, but not all of them are that sophisticated.

Mantraps

True or False: It's also possible to require identification and authentication before allowing passage through a mantrap.

True

Cameras are connected to a _____ ____ ______ system which transmits signals from video cameras to monitors that are similar to TVs

Closed circuit televisions (CCTVs)

True or False: In addition to providing security, CCTV can also enhance safety by deterring threats.

True

______ _________ provides the most reliable proof of a person's location and activity.

Video surveillance

True or False: Access logs provide a record, but it's possible to circumvent the security of an access log.

True Ex. someone can use another's proximity card to enter an area but it will be recorded as the card owner not the person who used it.

True or False: When using video surveillance in a work environment, it's important to respect privacy and to be aware of privacy laws.

True

List some things to consider with video surveillance and privacy

1. Only record activity in public areas. It is often illegal to record activity in locker rooms and restrooms 2. Notify employees of the surveillance - If employees aren't notified of the surveillance, legal issues related to the video surveillance can arise. 3. Do not record audio - Recording audio is illegal in many jurisdictions, without the express consent of all parties being recorded.

_____ provide a barrier around a property and deter people from entering.

Fences

True or False: When using a fence, it's common to control access to the area via specific gates.

True

True or False: When additional security is required, organizations sometimes configure dual gates, allowing access into one area where credentials are checked before allowing full access.

True | This effectively creates a cage preventing full access, but also prevents unauthorized individuals from escaping.

True or False: Many organizations use a combination of automation, light dimmers, and motion sensors to save on electricity costs without sacrificing security.

True

Installing _____ at all entrances to a building can deter attackers from trying to break in.

Lights

_______ provide an additional physical security protection

Alarms

True or False: You cannot combine motion detection systems with burglary prevention systems

False

_____ ______ sense infrared radiation sometimes called infrared light, which effectively sees a difference between objects of different temperatures

Infrared detectors

True or False: The use of infrared detectors can help eliminate false alarms by sensing more than just motion, but motion from objects of different temperatures

True

______, ______, and _____ (when combined) all provide layered physical security

Fencing, lighting, and alarms

Organizations often use _____, which are short vertical posts, composed of reinforced concrete and/or steel.

Bollards

True or False: Orgs often place the bollards in front of entrances about three or four feet apart.

True

True or False: Companies that don't have the resources to employ advanced security systems often use hardware locks to prevent access to secure areas

True

___ _______ is an important concept to consider when using hardware locks.

Key management

True or False: Proper key management ensures that only authorized personnel can access the physical keys

True

____ ____ are a great theft deterrent for mobile computers, and even many desktop computers at work.

Cable locks

True or False: Another common use of a cable lock is for computers in unsupervised labs.

True

True or False: Often in server rooms, administrators use locking cabinets or enclosures to secure equipment mounted within bays.

True

You can store smaller devices such as external USB drives or USB flash drives in an ______ ____ or _______ _______ when they aren't in use

Office safe or locking cabinet

____ _______ is the process of tracking valuable assets throughout their life cycles.

Asset management

True or False: An effective asset management system can help reduce several vulnerabilities

True

True or False: Asset management helps reduce architecture and design weaknesses by ensuring that purchases go through an approval process.

True

____ ____ occurs when an organization has more systems than it needs, and systems it owns are underutilized

System sprawl

True or False: Asset management begins before the hardware is purchased and helps prevent system sprawl by evaluating the purchase

True

True or False: Additionally after the asset is purchased, the process ensures the hardware is added into the asset management tracking system.

True | This ensures that the assets are managed and tracked from cradle to grave.

___ _____ ________ methods can track the movement of devices

Radio frequency identification (RFID) | Same as what stores use to prevent shoplifting

True or False: Mobile devices are easy to lose track of, so organizations often use asset tracking methods to reduce losses.

True

True or False: Environmental controls directly contribute to the availability of systems

True

True or False: Environmental controls include ensuring temperature and humidity controls are operating properly, fire suppression systems are in place, and proper procedures are used when running cables.

True

______, _________, and ___ ________ systems are important physical security controls that enhance the availability of systems.

Heating, ventilation, and air conditioning (HVAC)

True or False: If systems overheat, chips can actually burn themselves out.

True

_____ ______ HVAC systems provide more cooling capacity. This keeps server rooms at lower operating temperatures and results in fewer failures.

Higher tonnage

___ ___ ____ _____ help regulate the cooling in data centers with multiple rows of cabinets.

Hot and cold aisles

True or False: With hot and cold aisles, the back of all cabinets in one row faces the back of all the cabinets in an adjacent row. The same for the front of the cabinets. This way hot air for two row cabinets and cold air for two row cabinets flows through the same aisle

True

An HVAC also includes a _________ as a temperature control and additional humidity controls

Thermostat

In HVAC, the _______ ensures that the air temperature is controlled and maintained

Thermostat

_____ humidity can cause condensation on the equipment, which causes water damage

High

___ humidity allows a higher incidence of electrostatic discharge (ESD)

Low

True or False: HVAC systems are not often integrated with fire alarm systems.

False | They often are to prevent a fire from spreading

One of the core elements of a fire is ______

Oxygen

True or False: If an HVAC continues to operate normally while a fire is active, it continues to pump oxygen, which feeds the fire

True

True or False: When the HVAC is integrated with the fire alarm system, it controls the airflow to help prevent the rapid spread of the fire.

True

A _____ fire system can detect a fire and automatically activate to extinguish the fire

Fixed

The different components of a fire are ____, ______, ____, and a ______ ______ creating the fire

heat, oxygen, fuel, and a chain reaction

True or False: Fire suppression methods attempt to remove or disrupt one of these elements to extinguish a fire.

True

List methods of extinguishing a fire

1. Remove the heat. Fire extinguishers but not water for electrical fires 2. Remove the oxygen. Many methods use CO2 to displace oxygen. Common for fighting electrical fires because harmless to equipment. 3. Remove the fuel 4. Disrupt the chain reaction. Some chemicals can disrupt the chain reaction of fires to stop them.

True or False: When using CO2 to displace oxygen in a fire, it's important to ensure that personnel can get out before the oxygen is displaced

True

True or False: It is important to ensure that an alternative allows personnel to exit even if the proximity card reader loses power.

True

True or False: Administrators can review HVAC system logs to review the performance.

True

________ helps prevent electromagnetic interference (EMI) and radio frequency interference (RFI) from interfering with normal signal transmissions.

Shielding

_______ also protects against unwanted emissions and helps prevent an attacker from capturing network traffic.

Shielding

____ comes from different types of motors, power lines, and even fluorescent lights.

EMI

____ comes from radio frequency(RF) sources such as AM or FM transmitters.

RFI

True or False: Shielding used to block interference from both EMI and RFI is often referred to as simply EMI shielding.

True

True or False: EMI shielding fulfills the dual purpose of keeping interference out and preventing attackers from capturing network traffic

True.

What is the difference between shielded twisted pair and unshielded twisted pair cabling?

STP has shielding to prevent attackers from capturing network traffic and helps block interference from corrupting data

True or False: one method of reducing an attacker from splicing cable and connecting a hug using a protocol analyzer to capture traffic is to run cables through cable troughs or wiring ducts

True

True or False: In addition to considering physical security, it's important to keep cables away from EMI sources

True

True or False: If techs run cables over or through fluorescent lighting fixtures, the EMI from the lights can disrupt the signals on the cables.

True

A ________ ____ is typically a room that prevents signals from emanating beyond the room

Faraday cage

A Faraday cage includes electrical features that cause ____ signals that reach the boundary of the room to be reflected back, preventing signal emanation outside of it.

True or False: A Faraday cage also provides shielding to prevent outside interference such as EMI and RFI from entering the room

True

True or False: The metal shielding around an elevator acts as a Faraday cage, preventing signals from emanating out or signals from entering in.

True

________ adds duplication to critical system components and networks and provides _____ _______

Redundancy, fault tolerance

True or False: A system with fault tolerance can suffer a fault, but it can tolerate it and continue to operate.

True

Organizations often add redundancies to eliminate _____ ______ of ______

Single points of failure

List different levels redundancies can be added

1. Disk redundancies using RAID 2. Server redundancies by adding failover clusters 3. Power redundancies by adding generators or an UPS 4. Site redundancies by adding hot, cold, or warm sites

A _______ _____ of ______ is a component within a system that can cause the entire system to fail if the component fails.

Single point of failure

True or False: Some examples of single points of failure are disk, server, and power

True

Any system has four primary resources: _____, _____, ___, and _____

Processor Memory Disk Network interface

True or False: The disk is the slowest and most susceptible failure

True

______ _____ of ______ _____ subsystems provide fault tolerance for disks and increase the system availability

Redundant Array of Inexpensive Disks (RAID)

True or False : RAID-0 doesn't provide any redundancy or fault tolerance

True It includes two or more physical disks. Files are spread across each of the disks.

What is the benefit of a RAID-0?

Increased read and write performance

True or False: RAID-1 uses two disks

True

In RAID-1 data is written to _____ disks so if one fails the other disk still has all the data and the system can operate without any data loss.

Two

True or False: You can add an additional disk controller to a RAID-1 configuration to remove the disk controller as a single point of failure

True

Adding a second disk controller to a mirror is called _____ ________

Disk duplexing

If you have two 500 GB drives used in a RAID-1 how much storage space do you have?

500 GB since the other 500 GB is dedicated to fault tolerant, mirrored volume.

True or False: RAID-2, RAID-3, and RAID-4 are the most commonly used

False | They are rarely used

_______ is three or more disks that are striped together similar to RAID-0

RAID-5

______ _______ is striped across each of the drives in a RAID-5 and is used for fault tolerance

Parity information

True or False: In a RAID-5 conf if one of the drive fails, the system can read the information on the remaining drives and determine what the actual data should be.

True

True or False: If two of the drives fail in a RAID-5, the data is lost

True

______ is an extension of RAID-5 and it includes an additional parity block.

RAID-6

True or False: A huge benefit with RAID-6 is the disk subsystem will continue to operate even if two disk drives fail.

True | RAID-6 requires a minimum of four disks

______ configuration combines the features of mirroring (RAID-1) and striping (RAID-0).

RAID-10

True or False: The minimum number of drives in a RAID-10 is six

False | It is four

When adding more drives to a RAID-10 you add ____ /multiples of ____.

Two

If you have four 500 GB drives in a RAID-10 how much usable storage do you have?

1 TB

___ _______ refers to a system or service that needs to remain operational with almost zero downtime.

High availability

True or False: Utilizing different redundancy and fault-tolerance methods, it's possible to achieve 99.999 percent uptime, commonly called five nines.

True

What does five nines equate to in downtime minutes per year?

6 minutes of downtime a year

________ _______ are a key component used to achieve five nines

Failover clusters

Is five nines considered expensive or cheap?

Expensive

True or False: High availability five nines is justifiable if the cost of a potential outage is high.

True

_______ _______ is another option to provide both high availability and scalability, though it is typically used primarily in scientific applications.

Distributive allocation

True or False: In a distributed application model, multiple computers (often called nodes) are configured within a local network.

True

In a distributed application model, a ______ ________ divides the complex problem into smaller tasks then coordinates tasking of the individual nodes and collecting results. If any single node fails, the central processor doesn't task it anymore but overall processing continues, providing high availability.

Central processor

True or False: Distributive allocation provides high availability

True

The primary purpose of a _______ _______ is to provide high availability for a service offered by a server.

Failover cluster

True or False: Failover clusters use two or more servers in a cluster configuration, and the servers are referred to as nodes.

True

In a failover cluster, at least ____ server or node is active and at least ___ is inactive.

One, one

True or False: In a failover cluster, if an active node fails, the inactive node can take over the load without interruption to clients.

True

True or False: In an active-active cluster configuration, the cluster balances the load between the servers

True

Nodes need to have _____ to _________ hardware and are often quite expensive, but if a company truly needs to achieve 99.999 percent uptime, it's worth the expense

Close to identical

A ____ ________ can optimize and distribute data loads across multiple computers or multiple networks.

Load balancer

True or False: A load balancer can be hardware or software

True

A ________ based load balancer accepts traffic and directs it to servers based on factors such as processor utilization and the number of current connections to the server.

Hardware

A ______ based load balancer uses software running on each of the servers in the load-balanced cluster to balance the load.

Software

____ _______ primarily provides scalability, but it also contributes to high availability.

Load balancing

______ refers to the ability of a service to serve more clients without any decrease in performance.

Scalability

________ ensures that systems are up and operational when needed

Availability

True or False: By spreading the load among multiple systems, it ensures that individual systems are not overloaded, increasing overall availability

True

To scale ___ you add additional resources such as processors and memory

To scale ___ you ad additional servers in a load balancer

Out

Some load balancers use source address _____ to direct the requests.

Affinity

Source ______ sends requests to the same server based on the requestor's IP address

Affinity

True or False: Source affinity effectively sticks users to a specific server for the duration of their sessions

True

True or False: An added benefit of many load balancers is that they can detect when a server fails.

True

True or False: In general, failover clusters are commonly used for applications such as database applications.

True

True or False: Load balancers are often used for services, such as web servers in a web farm.

True

____ is a critical utility to consider when reviewing redundancies.

Power

An ____ provides fault tolerance for power and can protect against power fluctuations.

UPS

_______ provide long-term power in extended outages.

Generators

______ are copies of data created to ensure that when the original data is lost or corrupted, it can be restored.

Backups

The most common media used for backups is ____

Tape

_____ store more data and are cheaper than other media

Tapes

List some commonly used backup types

1. Full backup 2. Differential backup 3. Incremental backup 4. Snapshots

A _____ _____ backs up all the selected data

Full backup

A ______ ______ backs up all the data that has changed or is different since the last full backup

Differential backup

A ________ _____ backs up all the data that has changed since the last full or incremental backup

Incremental backup

A ______ captures the data at a point in time.

Snapshot (image backup)

True or False: It's possible to do a full backup on a daily basis but rare to do in most prod environments

True

What two limiting factors are there for doing full backups daily?

1. Time - can take several hours to complete depending on how much data and affects availability of a system 2. Money - requires more resources i.e. media and storage

True or False: A full backup is the easiest and quickest to restore

True

True or False: Each differential backup are all the deltas since the last full backup.

True | I.e. Monday captures differential, Tuesday builds on top of Monday's differential and so forth

True or False: As time progresses the differential backup steadily grows in size

True

True or False: Each incremental backup are all the deltas since the previous day

True I.e. Sunday is a full, Monday captures deltas from Sunday thru Monday, Tuesday captures deltas from Monday thru Tuesday, etc.

True or False: Full/incremental is better suited for orgs where time is priority and Full/Differential is better suited for orgs where restoration is priority

True

True or False: Snapshots are commonly used with virtual machines and sometimes referred to as a checkpoint

True

True or False: The only way to validate a backup is to perform a test restore

True

Performing a _____ ______ is nothing more than restoring the data from a backup and verifying it's integrity

Test restore

True or False: It's common to restore data to a different location other than the original source location, but in such a way that you can validate the data.

True

What are the two possible outcomes in a test restore

1. Success | 2. Fail

True or False: An additional benefit of performing regular test restores is that it allows administrators to become familiar with the process.

True

True or False: Backup media should be protected at the same level as the data that it holds.

True

List how backups are protected

1. Storage - clear labeling to identify the data and physical security protection to prevent others from easily accessing it while it's stored 2. Transfer - Data should be protected any time it is transferred from one location to another. Especially true when transferring a copy of the backup to a separate geographical location 3. Destruction - When no longer needed, destroyed. Accomplished by degaussing the media, shredding or burning the media, or scrubbing the media by repeatedly writing varying patterns of 1s and 0s onto the media

True or False: Organizations typically create a backup policy to answer critical questions related to backups

True

The ______ policy is a written document and will often identify issues such as what data to backup, how often to back up the data, how to test the backups, and how long to retain the backups.

Backup

______ backups protect against a disaster such as a fire or a flood.

Off-site

True or False: Many organizations have specific requirements related to the distance between the main site and the off-site location.

True

The off-site backup ______ should be far enough away that environmental factors at the primary location doesn't affect the off-site location

Location

The _____ implications related to backups depends on the data stored in the backups.

Legal

____ _______ refers to the legal implications when data is stored off-site.

Data sovereignty | If the data is stored in other countries, it can be subject to additional laws and regulations

The goal of _______ __________ is to ensure that critical business operations continue and the organization can survive the outage.

Business continuity

True or False: Organizations often create a business continuity plan (BCP)

True

A _______ _____ _______ is an important part of a BCP.

Business impact analysis

A ____ _______ ______ helps an organization identify critical systems and components that are essential to the organizations success.

Business impact analysis

True or False: A business impact analysis helps identify vulnerable business processes that support mission essential functions

True

True or False: The business impact analysis involves collecting information from throughout the organization and documenting the results. This documentation identifies core business or mission requirements.

True

True or False: The Business Impact Analysis does not recommend solutions.

True | It provides management with valuable information so that they can focus on critical business functions.

List some key questions that are addressed with a Business Impact Analysis

1. What are the critical systems and functions? 2. Are there any dependencies related to these critical systems and functions? 3. What is the maximum downtime limit of these critical systems and functions? 4. What scenarios are most likely to impact these critical systems and functions? 5. What is the potential loss from these scenarios?

True or False: Identifying the maximum downtime limit is extremely important.

True It drives decisions related to recovery objectives and helps an organization identify various contingency plans and policies.

Two tools that organizations can use when completing a business impact analysis are a ______ ______ _______ and a _____ ______ _______

Privacy threshold assessment and privacy impact assessment NIST SP 800-122 "Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" covers these in more depth but refers to a privacy threshold assessment as a privacy threshold analysis.

The primary purpose of the _____ _______ ________ is to help the organization identify PII within a system.

Privacy threshold assessment

Who typically completes a privacy threshold assessment?

System owner or data owner

If the system holds PII, the next step is to conduct a ______ ______ _________

Privacy impact assessment

True or False: A privacy impact assessment attempts to identify potential risks related to the PII by reviewing how the information is handled

True

What is the goal of a privacy impact assessment?

To ensure that the system is complying with applicable laws, regulations, and guidelines. The impact assessment provides a proactive method of addressing potential risks related to PII throughout the life cycle of a computing system.

The _____ ___ _______ identifies the maximum amount of time it can take to restore a system after an outage.

Recovery time objective (RTO)

A _____ _____ _______ identifies a point in time where data loss is acceptable.

Recovery point objective

True or False: When working with a BIA, experts often attempt to predict the possibility of a failure

True

____ ____ ____ ______ provides a measure of a system's reliability and is usually represented in hours.

Mean time between failures

True or False: Higher MTBF numbers indicate a higher reliability of a product or system.

True

___ ___ __ ______ identifies the average time it takes to restore a failed system.

Mean time to recover

________ __ ________ _______ focuses on restoring mission-essential functions at a recovery site after a critical outage.

Continuity of operations planning

______ is the process of moving mission-essential functions to the alternate site.

Failover

A ______ ____ is an alternate processing site that an organization can use after a disaster.

Recovery site

List the three primary types of recovery sites

1. Hot sites 2. Cold sites 3. Warm sites

True or False: Two other recovery sites are mobile sites and mirrored sites

True

A __ ____ would be up and operational 24 hours a day, seven days a week and would be able to take over functionality from the primary site quickly after a primary site failure.

Hot site

True or False: In many cases, copies of backup tapes are stored at the hot site as the off-site location.

True

True or False: A hot site is the least effective disaster recovery solution for high-availability requirements.

False | It is the most effective

True or False: A hot site is the most expensive to maintain and keep up to date.

True

A ____ ____ requires power and connectivity but not much else.

Cold site

True or False: With a cold site the organization brings all the equipment, software, and data to the site when it activates it.

True

A ____ ____ is the cheapest to maintain, but it is also the most difficult to test.

Cold site

A ____ ____ provides a compromise between a hot site and a cold site that an organization can tailor to meet its needs.

Warm site

A _____ ____ is a self contained transportable unit with all the equipment needed for specific requirements

Mobile site | Ex. semitrailer with everything needed for operations

_____ ____ are identical to the primary location and provide 100 percent availability.

Mirrored sites

True or False: The mirrored site is always up and operational

True

True or False: As a best practice, organizations return the least critical functions to the primary site first.

True

True or False: By moving the least critical functions back to the primary site first will help to flush out undiscovered problems

True

______ ______ is a part of an overall business continuity plan

Disaster recovery

True or False: In some cases, an organization will have multiple Disaster Recovery Plans within a Business Continuity Plan

True

True or False: A DRP or a BCP will include a hierarchical list of critical systems.

True | This list identifies what systems to restore after a disaster and in what order.

List the different phases of a disaster recovery process

1. Activate the disaster recovery plan 2. Implement contingencies 3. Recover critical systems 4. Test recovered systems 5. After-action report

True or False: Business continuity plans and Disaster recovery plans include testing.

True

_____ validates that the plan works as desired and will often include testing redundancies and backups.

Testing

Two primary types of exercises are ______ and _____

Tabletop and functional Read NIST SP 800-34 "Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities"

A _____ _____ is discussion based

Tabletop exercise

_____ _______ provide personnel with an opportunity to test the plans in a simulated operational environment.

Functional exercises

In a ______, the participants go through the steps in a controlled manner without affecting the actual system.

Simulation

True or False: Running through a simulation will verify that the test works and the amount of time it will take to execute the plan

True

List some of the common elements of testing

1. Backups - tested by restoring the data from the backup 2. Server restoration - rebuild a server using a test system without touching the live system 3. Server redundancy 4. Alternate sites