Security Architecture Domain 5

Question 1

BCP is defined as:

Answer 1

• Preparation that facilitates the rapid recovery of mission-critical
  business operations
• The reduction of the impact of a disaster
• The continuation of critical business functions

Question 2

DRP is defined as:

Answer 2

A subset of BCP that emphasizes the procedures for emergency
response relating to the information infrastructure of the
organization

Question 3

DRP includes:

Answer 3

• Extended backup operations
• Post-disaster recovery for data center, network, and
  computer resources

Question 4

While performing the BIA, security architects should avoid using the term critical or essential in defining the processes or people during this phase of the planning. Instead, use the term __________

Answer 4

Time sensitive

Question 5

All applications, and the business functions that they support, need to be classified as to their time sensitivity for recovery even if they do not support business functions that are time sensitive. For applications, this is commonly referred to as

Answer 5

Recovery Time Objective (RTO).

Question 6

This is the amount of time the business can function without that application before significant business impact occurs.

Answer 6

Recovery Time Objective (RTO).

Question 7

Decisions need to be made about all types of data because data is what is needed to run the business. How much data is it acceptable to lose? A minutes worth? An hour’s worth? A whole business day’s worth? The answers to these questions are used to determine the

Answer 7

Recovery Point Objective (RPO).

Question 8

The RTO is determined during the …

Answer 8

Business Impact Analysis

Question 9

BS 25999-2 was a British standard issued in 2007, which quickly became the main standard for business continuity management - although it is a British national standard, it was used in many other countries; on May 15, 2012 BS25999-2 was replaced by international standard

Answer 9

ISO 22301.

Question 10

In addition to BS 25999-2, BS 25999-1 is an “auxiliary” standard which provides more details on

Answer 10

how to implement specific parts of BS 25999-2.

Question 11

ISO 22301

Answer 11

is the new de-facto standard for Business Continuity Management.

Question 12

ISO/IEC 27031

Answer 12

• Guidelines for information and communication
  technology readiness for business continuity

Question 13

PAS 200

Answer 13

Crisis management - Guidance and good practice

Question 14

PD 25666

Answer 14

• Guidance on exercising and testing for continuity and
  contingency programmes

Question 15

PD 25111

Answer 15

• Guidance on human aspects of business continuity

Question 16

ISO/IEC 24762

Answer 16

• Guidelines for information and communications
  technology disaster recovery services

Question 17

ISO/PAS 22399

Answer 17

• Guideline for incident preparedness and
  operational continuity management 32

Question 18

ISO/IEC 27001

Answer 18

• Information security management systems-
  Requirements 33

Question 19

NIST Special Publication 800-34 Rev 1 -

Answer 19

Contingency Planning
Guide for Federal Information Systems 34

Question 20

Incremental backups take copies of only the files that are new or have changed since

Answer 20

the last full OR incremental backup was taken, and then set the
archive bit to “0.”

Question 21

Differential backups copy only the files that are new or have changed since

Answer 21

the last full backup and do not change the archive bit value.

Question 22

If an organization wants the backup and recovery strategy to be as simple as possible, then they should only use ______ backups.

Answer 22

full

Question 23

In how many steps can a differential backup be restored

Answer 23

2

Question 24

Which backup takes the longest to restore

Answer 24

Incremental

Question 25

What is a synthetic full backup

Answer 25

the backup server actually produces full backups. It does this by combining the existing full backup with the data from the incremental backups.

Question 26

What is an incremental-forever backup

Answer 26

The basic idea is that like an incremental backup, the incremental- forever backup begins by taking a full backup of the data set. After that point, only incremental backups are taken.

Question 27

A Mirror backup

Answer 27

A mirror backup is a straight copy of the selected folders and files at a given instant in time.

Question 28

This type of backup is often described as a "bare metal backup" because it backs up physical disks at the volume level.

Answer 28

Disk Imaging

Question 29

The main difference between file synchronization and backup solutions is that

Answer 29

a backup will copy files in one direction, while synchronization copies files (or changes) in two directions.

Question 30

One-way synchronisation differs from traditional backups when

Answer 30

the propagation of deletions or renames is performed, because backups do not generally delete files, and a renamed file is usually copied again.

Question 31

The most common recovery strategies

Answer 31

Dual Data Center Internal Hot Site External Hot Site Warm Site Cold Site Reciprocal Agreement Mobile Unit Outsourcing/Cloud

Question 32

A business impact analysis identifies what would happen to the organization if a risk occurred, despite whatever controls were in place. The term disaster recovery commonly refers to: A. The recovery of the business operations. B. The recovery of the technology environment. C. The recovery of the manufacturing environment. D. The recovery of the business and technology environments.

Answer 32

The correct option is B Disaster recovery has been commonly used to define the process and procedures used to recover the technology supporting the business operations.

Question 33

Wassenaar Arrangement (WA) -

Answer 33

is a multilateral export control regime established in 1996 to regulate the transfer of conventional arms and dual-use goods and technologies to enhance global security and prevent their proliferation to unauthorized destinations. It includes 42 participating countries that voluntarily agree to its guidelines.

Question 34

The Center for Information on Security Trade Control (CISTEC), is the

Answer 34

Government of Japan's clearing house for information pertaining to export activities and regime compliance'.

Question 35

What are the different types of cards used in an ACS

Answer 35

Magnetic Stripe (mag stripe) cards Proximity Cards (prox cards) Smart Cards are credential cards with a microchip embedded inside.

Question 36

PIV

Answer 36

PIV (Personal Identity Verification) is a smart card-based authentication system used primarily by U.S. federal agencies. It is designed to provide strong, multi-factor authentication for access to secure government systems and facilities.

Question 37

The design process of a security plan for a new facility should begin with ________ then the ________ and finally the _______________

Answer 37

the interior, then the exterior, and finally the outer perimeter.

Question 38

What is SCIF

Answer 38

Sensitive Compartmental Information Facilities (SCIF)

Question 39

______________ are/is the most important consideration for any security plan

Answer 39

people

Question 40

Security is a dynamic process, and for it to be effective, it must be ______________

Answer 40

procedural

Question 41

How would you validate a physical security design

Answer 41

Penetration testing

Question 42

12. How must classified material and sensitive information be disposed of? A. Torn in half and thrown in the trash can. B. It should be shredded. C. Removed to a decontamination room. D. Marked declassified and thrown in a trash can.

Answer 42

The correct option is B There are several methods for proper destruction of information. An organisation can contract with a licensed and bonded shredding company, which will come to the site with a mobile shredding truck and dispose of classified material and sensitive information. One can watch the process and verify the destruction, or the documents can be shredded on site, depending on the volume of information that needs to be destroyed. Shredding services can also destroy hard drives and physical components.