Lecture 9

Question 2

What is business continuity?

Answer 2

An organization’s ability to maintain operations after a disruptive event

Question 3

What is a business continuity plan BCP?

Answer 3

A strategic document that provides alternative modes of operation for business activities

Question 4

What are the three steps in creating a BCP?

Answer 4

Identifying exposure to threats Creating preventative and recovery procedures Testing them to determine if they are sufficient

Question 5

What are the three main goals of a BCP?

Answer 5

Business recovery planning Crisis management and communications Disaster recovery

Question 6

What elements should a BCP have?

Answer 6

High availability Scalability Diversity On-prem and cloud

Question 7

What is Continuity of Operation Planning COOP?

Answer 7

A federal initiative encouraging organisations to address how critical operations continue under negative circumstances

Question 8

What does Business Impact Analysis BIA do?

Answer 8

Identifies business functions and quantifies the impact loss may have on operations

Question 9

What types of impacts does a BIA consider?

Answer 9

Impact on property Impact on finance Impact on safety Impact on reputation Impact on life

Question 10

What is the mission-essential function?

Answer 10

The activity that serves the enterprise’s core purpose

Question 11

What is a single point of failure?

Answer 11

A component or entity in a system that will disable the entire system if it fails

Question 12

What does minimizing single failure points result in?

Answer 12

High availability

Question 13

What does a Disaster Recovery Plan DRP focus on?

Answer 13

Protecting and restoring information technology functions

Question 14

What is included in a DRP?

Answer 14

A written document detailing processes for restoring IT resources after disruption

Question 15

What is a common topic covered by DRPs?

Answer 15

The sequence in restoring systems or restoration order

Question 16

What is fault tolerance?

Answer 16

A system’s ability to deal with malfunctions

Question 17

What is the solution to fault tolerance?

Answer 17

Building in redundancy by duplicating equipment

Question 18

What is mean time to recovery MTTR?

Answer 18

Average time for a device to recover from a non-terminal failure

Question 19

What types of equipment can redundancy involve?

Answer 19

Endpoints Servers Disks Networks Power Sites Data

Question 20

Why is endpoint downtime less critical?

Answer 20

Because user endpoints affect fewer critical functions than servers or networks

Question 21

What is a feature that allows OS rollback?

Answer 21

Revert to a known state

Question 22

What does freezing a computer do?

Answer 22

Prevents changes from malware making the system nonpersistent

Question 23

What role do servers play in network infrastructure?

Answer 23

They are key and their loss can have significant business impact

Question 24

What is server clustering?

Answer 24

Combining two or more servers to appear as a single unit

Question 25

What is an asymmetric server cluster?

Answer 25

A cluster where a standby server is ready but performs no work until needed

Question 26

What is a symmetric server cluster?

Answer 26

All servers do useful work and share the load; if one fails others take over

Question 27

How has virtualization impacted server redundancy?

Answer 27

Replication tools automatically launch copies of virtual machines if one shuts down

Question 28

What are two hardware redundancies for disks?

Answer 28

RAID and SAN multipath

Question 29

What are SSDs and why are they preferred?

Answer 29

Solid-state drives more resistant to failure and more reliable than HDDs

Question 30

What does MTBF mean?

Answer 30

Mean time between failures measures average time until component failure

Question 31

What is RAID?

Answer 31

Redundant Array of Independent Disks using multiple drives to increase reliability and performance

Question 32

What is RAID Level 0?

Answer 32

Striped disk array without fault tolerance; data alternates across drives; failure causes data loss

Question 33

What is RAID Level 1?

Answer 33

Mirroring where data on primary drive is duplicated on others to prevent data loss

Question 34

What is disk duplexing?

Answer 34

Variation of RAID 1 using separate controller cards to protect against controller failure

Question 35

What is RAID Level 5?

Answer 35

Distributes parity across drives for error checking allowing recovery if one drive fails

Question 36

What is a storage area network SAN?

Answer 36

A dedicated network storage facility providing high-speed access to pooled storage devices

Question 37

What is multipath in SANs?

Answer 37

Technique creating multiple physical paths between devices and storage to increase speed and reliability

Question 38

Why are redundant networks important?

Answer 38

Because connectivity is critical and redundant networks provide backup in case of failure

Question 39

What is NIC teaming?

Answer 39

Combining network interface cards for redundancy and faster performance

Question 40

What is a UPS?

Answer 40

Uninterruptible power supply maintaining power during primary source interruption

Question 41

What is an off-line UPS?

Answer 41

Simple least expensive UPS charged by main power that switches on when primary power fails

Question 42

What is an on-line UPS?

Answer 42

UPS running always off battery and unaffected by voltage dips serving also as surge protector

Question 43

What is a backup generator?

Answer 43

Power source that automatically starts when main power is lost using diesel natural gas or propane

Question 44

What are recovery sites?

Answer 44

Backup locations used if main site is damaged by disaster like flood or hurricane

Question 45

What are the three types of recovery sites?

Answer 45

Hot site Cold site Warm site

Question 46

What characterizes a hot site?

Answer 46

Duplicate production site with all equipment and quick data backup availability

Question 47

What characterizes a cold site?

Answer 47

Office space only no equipment or backups less expensive longer to resume operations

Question 48

What characterizes a warm site?

Answer 48

Equipment installed no active connections or data backups less expensive than hot site

Question 49

What is data backup?

Answer 49

Copying information to different medium for use in case of disaster

Question 50

What two metrics help decide backup timing?

Answer 50

Recovery point objective RPO and Recovery time objective RTO

Question 51

What is continuous data protection CDP?

Answer 51

Backup technology performing continuous backups with immediate restore and historical record

Question 52

Where do most organisations store off-site backups?

Answer 52

Online cloud repositories using CDP technology

Question 53

What is the 3-2-1 backup plan?

Answer 53

Three copies of backups on at least two different media with one copy off-site

Question 54

What is a policy?

Answer 54

Document outlining specific requirements or rules to be met

Question 55

What are characteristics of a policy?

Answer 55

Communicates consensus Defines appropriate user behavior Identifies needed tools and procedures Guides HR actions May help prosecute violators

Question 56

What do account management policies control?

Answer 56

Restrictions regarding user accounts including password creation and use

Question 57

What tool can manage accounts in Windows?

Answer 57

Group Policy and Active Directory

Question 58

What is an access policy?

Answer 58

Permissions and restrictions based on role-based access control

Question 59

What are mobile device location-based policies?

Answer 59

Policies enforcing device access or actions based on geolocation geotagging or geofencing

Question 60

What is separation of duties?

Answer 60

Dividing process between individuals to prevent security breaches

Question 61

What is job rotation?

Answer 61

Moving employees between roles to limit control and expose fraud avenues

Question 62

What is mandatory vacation?

Answer 62

Scheduling audits while employees are away to detect issues

Question 63

What is a clean desk policy?

Answer 63

Ensuring confidential materials are secured when not in use

Question 64

What does least privilege mean?

Answer 64

Allocating only minimum privileges needed to perform job or function

Question 65

What are onboarding and offboarding?

Answer 65

Processes for hiring new employees and steps taken when they leave including access removal

Question 66

What is an acceptable use policy AUP?

Answer 66

Policy defining permitted user actions on systems and networks covering employees vendors and visitors

Question 67

What organizational policies are common?

Answer 67

Change management Change control Asset management

Question 68

What is a data classification policy?

Answer 68

Assigning labels to data based on importance

Question 69

What is a data governance policy?

Answer 69

Formal guidelines regarding handling of data

Question 70

What is a data retention policy?

Answer 70

Specifies how long data is retained after its initial purpose

Question 71

What is IT contingency planning?

Answer 71

Developing procedures to follow after major IT incidents

Question 72

What is fault tolerance?

Answer 72

Resilience to prevent issues from crippling systems

Question 73

What is the most important redundancy?

Answer 73

Data redundancy through backups