.01 - .14 Data storage resiliency and disaster recovery methods Flashcards
1
Q
A
2
Q
A
3
Q
A
4
Q
A
5
Q
A
6
Q
A
7
Q
A
8
Q
A
9
Q
A
10
Q
A
11
Q
A
12
Q
A
13
Q
A
14
Q
A
15
Q
A
16
Q
A
17
Q
A
18
Q
A
19
Q
A
20
Q
A
21
Q
A
22
Q
A
23
Q
A
24
Q
Which of the following is the most cost-effective strategy for backing up enormous quantities of data when a system needs to be available seven days a week?
Implementing a duplicate storage area network (SAN) and replicating the data to a second SAN
Deploying storage infrastructure at a hot site
Making a full backup weekly and an incremental backup every night
Implementing a fault-tolerant disk-to-disk backup solution
A
Implementing a fault-tolerant disk-to-disk backup solution
Fault tolerance is the ability of a system to suffer a fault but continue to operate. Fault tolerance permits the backup of data to be performed without impacting system performance and allows enormous data to be backed up in a short backup window. In case of a failure, the fault-tolerant system can fail over immediately to the other disk set.
Making a full backup weekly and an incremental backup every night
This method would not enable the system to be available seven days a week. The only feasible way for a system to remain online is to duplicate the data to a server backed up to tape or implement a disk-to-disk solution that is effectively the same thing.
Implementing a duplicate storage area network (SAN) and replicating the data to a second SAN
This method provides redundancy and data protection but not a backup solution. There is a risk that a fire or flood at the site could lead to data loss since the two systems are at the same site.
Deploying storage infrastructure at a hot site
This method provides a great deal of redundancy and availability to enable the system to stay operational; it does not address the need for long-term data storage. In addition, this is not an efficient method of backing up data.
Reference: 7113.02
There are security mechanisms for limiting and controlling access to and use of computer system resources such as fault-tolerant techniques (e.g., disk mirroring and RAID technology) and redundancy techniques (duplicate equipment) against data loss and denial of service.
Fault tolerance is the ability of a system to suffer a fault but continue to operate.
Redundant array of inexpensive or independent disks (RAID) technology uses several disks in a single logical subsystem. To protect data against a single point of failure and to reduce or eliminate downtime from disk failure, database servers may employ disk shadowing or data mirroring. The main purpose of RAID is to provide backup so if one disk fails, all the data is immediately available. Fault tolerance is achieved by adding redundant components such as additional disks within a RAID array or additional servers within a failover clustered configuration.
RAID provides performance enhancement and fault-tolerant capabilities through hardware or software solutions, breaking up data and writing data to a series of multiple disks concurrently to improve performance.
Fault-tolerant hardware increases system resilience. Fault management is the detection, reporting, diagnosis, correction, and prevention of faults and fault conditions. A fault is a malfunction or abnormal pattern of behavior that is causing or will cause an outage, error, or degradation of communications services.
Relevant Terms
Backup
Reference
7113.01
7113.02
25
Which of the following file backup strategies is preferred when an efficient and continuous availability is required?
Full
Differential
Grandfather-father-son
Incremental
Incremental
Only the incremental backup copy files have changed since the last backup or full backup, and it is an efficient method.
The other answer choices are incorrect:
Full backup takes copies of all files and folders to the backup media to create one backup set. It takes more time to back up and is less error-prone but requires more media capacity.
Differential backups copy all data files that have changed since the last full backup. Thus, only two files are needed to restore the entire system: the last full backup and the last differential backup.
Grandfather-father-son daily backups (son) are created over a week. The last backup taken during the week becomes the backup for that week (father). The earlier daily backup media are then rotated for reuse as backup media for the second week. By the end of the month, the last weekly backup is retained as the backup for that month (grandfather).
## Footnote
7113.10 table
26
Which of the following backup schemes involves storing copies of all files modified since the most recent full backup?
Differential backups
Partial backup
Incremental backups
Database backup
Differential backups
Differential backups
The correct answer is “differential backups.” Differential backups include storing copies of all files modified since the most recent full backup irrespective of any incremental or differential backups created during the subsequent time.
Differential backup is faster, needs less media capacity than a full backup, and requires only the last full and differential backup sets to create a complete restoration. Thus, the differential backup needs less time to restore than incremental backups; however, it is slower and needs more media capacity than incremental backups as data backed up are cumulative.
The other answer choices are incorrect:
An incremental backup focuses only on backing up data sets (files and folders) that have changed since the last incremental or full backup. The need for continuous, uninterrupted online system availability leaves a reduced time window for full backups, which justifies the use of incremental backups.
Partial backup and database backup are not part of the main schemes for backup.
## Footnote
7113.10 table
27
Fire has swept through the premises of an organization's computer room. The company has lost its entire computer system. The best thing the organization could have done is to:
plan for mutual agreements—negotiate with other similar organizations to back each other.
plan for cold-site arrangements.
plan for warm-site arrangements since everything was ready to go.
take daily backups to an offsite storage facility.
take daily backups to an offsite storage facility.
Daily backups taken to an offsite storage facility can minimize damage. A whole company can suffer when disaster strikes. A crucial component of disaster recovery planning (DRP) is the availability of adequate data. Duplication of critical data, information, and documentation, including offsite storage such as backup data and paper records, is a condition for any recovery.
The other answer choices are incorrect: Hot/warm/cold sites and mutual agreements require backups to continue with business operations. “No backup, no recovery” should be practiced.
Reference: 7113.06
Media and documentation backup
A crucial component of disaster recovery planning is the availability of adequate data. Duplication of critical data, information, and documentation, including offsite storage such as backup data and paper records, is a condition for any recovery. The type of data to be stored offsite depends on factors such as legal, business, and regulatory requirements.
Offsite storage locations should be identified to store the magnetic media, paper documentation, and forms needed to run the backup computer in the event of a disaster. Care should be taken to select an offsite storage location, whether it is a part of the organization or an outside commercial storage center situated locally or remotely to the primary site.
## Footnote
7113.11 Table
28
Which of the following is a significant benefit of an automated tape management system?
It increases the labor associated with tape handling.
It requires no external tape labels.
It assists in identifying ways to increase tape usage.
It improves the quality of the file retention process.
It improves the quality of the file retention process.
Reference: 7113.09
A tape management system (TMS) is software that manages the usage and retention of computer backup tapes. TMS provides additional security features by requiring a password to access and retrieve data to ensure data integrity.
The most important benefits of implementing an automated tape management system are as follows:
It improves the quality of the file retention process since the system keeps an inventory of all tape files at an onsite storage vault identified by serial number and maintains file creation dates and retention periods.
It reduces (not increases) the labor associated with tape handling since the system shows tape file movement to and from onsite and offsite storage.
It assists in identifying ways to reduce (not increase) tape usage since the system provides an automatic control of tape dataset usage and retention with audit trail reporting.
The other options are incorrect.
External labels for tape files contain information such as job identification, file names, and tape/reel number.
The automated tape management system does not require an external label indicating the file name and other attributes because the system checks for the correct file name internally.
The tape needs only a number on the outside of the reel for operator identification.
## Footnote
Reference
7113.09
29
Which of the following combinations of backup schemes provides the fastest backup creation time?
Full backups and differential backups
Partial backups and incremental backups
Incremental backups and differential backups
Full backups and incremental backups
Full backups and incremental backups
Full backup takes copies of all files and folders to the backup media to create one backup set. It takes more time to back up and is less error-prone but requires more media capacity. Incremental backups are created faster than differential backups due to the number of files necessary to back up each time.
The differential backup needs less time to restore than incremental backups; however, it is slower and needs more media capacity than incremental backups as data backed up are cumulative. The partial backup does not include all the filegroups.
## Footnote
7113.10
30
Which of the following is most appropriate to implement an incremental backup scheme?
Limited media capacity
A random selection of backup sets is required.
Online cloud media are preferred.
Reduced recovery time for critical data
Limited media capacity
TableLimited media capacity
An incremental backup focuses only on backing up data sets (files and folders) that have changed since the last incremental or full backup, therefore minimizing media storage.
The answer choice “reduced recovery time for critical data” is incorrect. A full backup or differential backup is required in this situation.
The answer choice “online cloud media are preferred” is incorrect. Incremental backup could be used regardless of the media selected.
The answer choice “a random selection of backup sets is required” is incorrect. A random selection of backup sets may not be viable with an incremental backup since only fragments of the data are backed up daily.
## Footnote
7113.10
31
Which of the following backup types is the most efficient for reducing the time required for backup and the amount of storage media used?
Differential
None of the answer choices are correct.
Full
Incremental
Incremental
Incremental backups are the most efficient for minimizing backup time and storage media usage. They focus on backing up data sets that have changed since the last backup, whether a full or a previous incremental backup. This approach ensures that only the changes made since the last backup are backed up, reducing time and media usage.
The other options are incorrect:
Differential backups capture all files modified since the most recent full backup. While they require less storage media than a full backup, they are not as efficient in terms of time since they back up all changes since the last full backup.
Full backups copy all files and folders, offering a complete data snapshot. While comprehensive, they are less efficient regarding time and storage media usage because they require more storage space and take longer to complete.
| 7113>Data Backup, Storage, and Restoration>Backup schemes
## Footnote
7113.10
Table
32
Which of the following controls is appropriate to prevent data loss?
Backup generators
Powerline conditioners
Uninterruptible power supply equipment
Mirroring
Mirroring
Disk mirroring and server mirroring are appropriate to ensure data integrity to prevent data loss. They are fault-tolerant mechanisms, copying and storing data in two places (disks and servers).
Powerline conditioners, uninterruptible power supply equipment, and backup generators are incorrect because they are needed to provide continuity of the electric power supply and do not save data to a second location. Powerline conditioners smooth out power fluctuations. Uninterruptible power supply (UPS) equipment provides relief from short power outages. Backup generators support relief from long power outages.
Term: Fault Tolerant Control
Fault tolerant control is the ability of a processor to maintain effectiveness after some subsystems have failed. These are hardware devices or software products such as disk mirroring or server mirroring aimed at reducing loss of data due to system failures or human errors. This is a technical and preventive control and ensures availability control.
Reference: 7113.02
There are security mechanisms for limiting and controlling access to and use of computer system resources such as fault-tolerant techniques (e.g., disk mirroring and RAID technology) and redundancy techniques (duplicate equipment) against data loss and denial of service.
Fault tolerance is the ability of a system to suffer a fault but continue to operate.
Redundant array of inexpensive or independent disks (RAID) technology uses several disks in a single logical subsystem. To protect data against a single point of failure and to reduce or eliminate downtime from disk failure, database servers may employ disk shadowing or data mirroring. The main purpose of RAID is to provide backup so if one disk fails, all the data is immediately available. Fault tolerance is achieved by adding redundant components such as additional disks within a RAID array or additional servers within a failover clustered configuration.
RAID provides performance enhancement and fault-tolerant capabilities through hardware or software solutions, breaking up data and writing data to a series of multiple disks concurrently to improve performance.
Fault-tolerant hardware increases system resilience. Fault management is the detection, reporting, diagnosis, correction, and prevention of faults and fault conditions. A fault is a malfunction or abnormal pattern of behavior that is causing or will cause an outage, error, or degradation of communications services.
33
A large e-commerce platform is being audited to ensure it meets its availability service commitments per the Trust Services Criteria (TSC). In a SOC 2® engagement, which of the following actions is most effective for the auditor to detect deficiencies in design and deviations in controls related to the service organization's availability of service commitments?
Reviewing the financial records of the service organization
Assessing the quality of customer support provided by the services organization
Conducting interviews with internal teams of the service
Analyzing control documentation and conducting tests on system redundancy mechanisms
Analyzing control documentation and conducting tests on system redundancy mechanisms
This action involves examining control design and operational effectiveness to detect deficiencies and deviations in controls related to service availability. It assesses whether the organization's documented controls and redundancy mechanisms align with its availability service commitments and whether they function as intended.
The other answer choices are incorrect:
Reviewing financial records is not directly related to detecting deficiencies in the design and deviations in the operation of controls for service availability. Financial records are more pertinent to financial controls and may not provide insights into availability controls.
Assessing customer support quality is valuable but primarily relates to customer service standards and may not directly address controls for service availability. Availability controls focus on system uptime and accessibility.
While conducting interviews with internal teams can provide valuable information, it is not the most effective action for detecting deficiencies in the design and deviations in the operation of availability controls. Interviews may complement the assessment but do not substitute for thoroughly examining control documentation and conducting tests on redundancy mechanisms more directly related to availability service commitments.
Term: SOC 2 Type 1 Report
In a SOC 2® Type 1 report, the service auditor provides an opinion as to whether the service organization’s description “fairly presents” the system that was designed and implemented, and whether the controls were suitably designed to meet the criteria as of a specified date.
Term: SOC 2 Type 2 Report
In a SOC 2® Type 2 report, the service auditor provides an opinion on whether the service organization’s description “fairly presents” the system that was designed and implemented; the controls were suitably designed to meet the criteria; the controls operated effectively during the specified period of time; and the service organization is in compliance with the commitments in its statement of privacy practices, if the report covers the privacy principle.
Term: Trust Services
Trust Services consist of professional attestation and advisory services based on principles and criteria that address the risk and opportunities of IT-enabled systems and privacy programs, including electronic commerce (e-commerce) systems. Trust Services principles and criteria are issued by the AICPA and the Canadian Institute of Chartered Accountants (CICA) and are organized into four broad areas: policies, communications, procedures, and monitoring.
## Footnote
Reference
7113.14
34
Which of the following is the main purpose of a redundant array of inexpensive or independent disks (RAID)?
To provide backup if one disk fails
To add redundant components such as additional disks within a RAID array
To provide performance enhancement and fault-tolerant capabilities through hardware or software solutions
All of the answer choices are correct.
All of the answer choices are correct. A redundant array of inexpensive or independent disks (RAID) technology uses several disks in a single logical subsystem. To protect data against a single point of failure and to reduce or eliminate downtime from disk failure, database servers may employ disk shadowing or data mirroring.
The main purpose of RAID is to provide backup, so if one disk fails, all the data is immediately available. Fault tolerance is achieved by adding redundant components such as additional disks within a RAID array or additional servers within a failover clustered configuration. RAID provides performance enhancement and fault-tolerant capabilities through hardware or software solutions, breaking up data and writing data to a series of multiple disks concurrently to improve performance.
Reference: 7113.02
There are security mechanisms for limiting and controlling access to and use of computer system resources such as fault-tolerant techniques (e.g., disk mirroring and RAID technology) and redundancy techniques (duplicate equipment) against data loss and denial of service.
Fault tolerance is the ability of a system to suffer a fault but continue to operate.
Redundant array of inexpensive or independent disks (RAID) technology uses several disks in a single logical subsystem. To protect data against a single point of failure and to reduce or eliminate downtime from disk failure, database servers may employ disk shadowing or data mirroring. The main purpose of RAID is to provide backup so if one disk fails, all the data is immediately available. Fault tolerance is achieved by adding redundant components such as additional disks within a RAID array or additional servers within a failover clustered configuration.
RAID provides performance enhancement and fault-tolerant capabilities through hardware or software solutions, breaking up data and writing data to a series of multiple disks concurrently to improve performance.
Fault-tolerant hardware increases system resilience.
Fault management is the detection, reporting, diagnosis, correction, and prevention of faults and fault conditions. A fault is a malfunction or abnormal pattern of behavior that is causing or will cause an outage, error, or degradation of communicat
## Footnote
Relevant Terms
Backup
Reference
7113.01
7113.02
35
Which of the following statements about backups is true?
The type of data transfer does not matter for timely backups.
Backups are most important for mainframe computers.
Lack of procedures is not a problem for conducting backups.
Backups provide for continuity of operations.
Backups provide for continuity of operations.
Backups and storage media are used to store and maintain software application files and related data for backup purposes to ensure that an organization's critical activities and supporting applications are not interrupted during a disaster.
The other answer choices are incorrect:
“Lack of procedures is not a problem for conducting backups”: Depending on the organization's size and anticipated risks, the time spent backing up data could be minimal compared with the time and effort that would be necessary to restore it. Files may require days, weeks, or months to recreate from hardcopy records. Therefore, adequate procedures must guide backup operations.
“Backups are most important for mainframe computers”: Other computers require backups like the mainframe.
“The type of data transfer does not matter for timely backups”: The type of data transfer dictates the time frame required to back up. Small files take less time than large files.
Reference: 7113.03
Backup and restoration
Secondary storage media are used to store and maintain software application files and related data for backup purposes to ensure that an organization's critical activities and supporting applications are not interrupted in the event of a disaster. The secondary storage media are removable media (CDs, DVDs), mirrored disks (local or remote), or network storage.
36
Which of the following include(s) information availability controls?
Database tuning
Storage media
Service-level agreements
Backup and recovery
Backup and recovery
Management aims to gather useful information and make it available to authorized users. System backup and recovery procedures and alternative computer equipment and facilities will help ensure the recovery is as timely as possible.
The other answer choices are incorrect:
Storage media has nothing to do with information availability. Data will be stored somewhere on some medium.
Database tuning is modifying the database parameters to enable the database to process user information more quickly and would have little impact on the availability of the information.
A service-level agreement is an agreement between users and IS (information systems) that may include availability requirements. IS would then need to implement controls to comply with the agreement.
## Footnote
Relevant Terms
Backup
Reference
7113.01
7113.02
37
When conducting a SOC 2® examination, which of the following is a key consideration regarding availability controls?
Monitoring user access
Encrypting sensitive data
Verifying financial transactions
Ensuring timely system recovery
Ensuring timely system recovery
When conducting a SOC 2 examination, a key consideration regarding availability controls is ensuring timely system recovery. Availability controls are designed to ensure that systems and services are available and operational when needed. Timely system recovery measures, such as disaster recovery plans and backup systems, are critical to minimizing downtime and ensuring that services can be quickly restored during disruptions or failures. This aspect of availability controls focuses on minimizing service interruptions and maintaining service commitments.
The other answer choices are incorrect:
Monitoring user access is an important aspect of security controls, particularly those related to confidentiality and access control. While monitoring user access is essential for overall security, it is not the primary focus when assessing availability controls in a SOC 2 examination.
Encrypting sensitive data is primarily a data security control that addresses data confidentiality rather than availability. While encryption is a valuable security measure, it does not directly pertain to assessing availability controls, which focus on ensuring system uptime and accessibility.
Verifying financial transactions is unrelated to availability controls. Financial transaction verification is typically associated with financial systems and controls rather than availability considerations. Availability controls aim to ensure that systems and services are available and operational per service commitments.
## Footnote
Relevant Terms
Availability (Trust Services Criteria)
SOC 2 Type 1 Report
SOC 2 Type 2 Report
System and Organization Controls (SOC) Reports
Reference
7113.14
38
What is the greatest risk in the practice of data file backup using the traditional backup approach?
File backups are forgotten occasionally.
A third-party courier may not comply with the transportation schedule.
Wrong tapes or cartridges are returned occasionally from offsite storage.
Everything that should be in offsite storage is not there.
Everything that should be in offsite storage is not there.
If everything that should be in offsite storage is not there, it defeats the entire backup objective. This situation does not help test application systems at the backup facility during a simulation or real disaster.
The other answer choices are incorrect: Although they are also risks, their severity levels are less than the correct answer choice. They are normal errors or omissions. They can be corrected with checklist assessments, automation, or quality reviews.
| Data Backup Storage
## Footnote
Reference
7113.03
7113.04
39
In a SOC 2® engagement, what is the primary focus when assessing controls related to the availability of service commitments and system requirements?
Ensuring data confidentiality
Validating data accuracy
Verifying compliance with legal regulations
Evaluating system uptime
Evaluating system uptime
In a SOC 2 engagement, the primary focus when assessing controls related to availability service commitments and system requirements is evaluating system uptime and availability. Availability controls aim to ensure that systems and services are available and operational when needed by clients and users. Therefore, assessing and evaluating system uptime and availability is a central aspect of a SOC 2 examination.
The other answer choices are incorrect:
Ensuring data confidentiality is not the primary focus when assessing controls related to availability service commitments and system requirements in a SOC 2 engagement. While data confidentiality is important, the primary concern in this context is the availability and uptime of the systems and services.
Validating data accuracy is related to data integrity, one of the Trust Services Criteria in a SOC 2 examination. However, the primary focus of this question is on assessing controls related to availability service commitments and system requirements, which primarily concern the availability and uptime of systems rather than data accuracy.
Verifying compliance with legal regulations, while important for overall compliance and security, is not the primary focus when assessing controls related to availability service commitments and system requirements in a SOC 2 engagement. SOC 2 primarily evaluates controls that ensure systems and data availability, security, and processing integrity.
## Footnote
Relevant Terms
Availability (Trust Services Criteria)
SOC 2 Type 1 Report
SOC 2 Type 2 Report
System and Organization Controls (SOC) Reports
Reference
7113.14
40
Which of the following criteria is important in evaluating a potential offsite storage facility?
The number of employees
Compatibility of computer equipment
A mantrap
Site security should not be identified from the outside.
Site security should not be identified from the outside.
The selection of an offsite storage facility is an important process that should be done with proper care. Media management, environmental factors, site physical security, and transportation capabilities are very important because they can make a big difference in facility selection.
The offsite facility must be as secured and controlled as the primary site:
The offsite facility should have adequate physical access controls such as locked doors and active surveillance.
The offsite facility should not be identifiable from the outside to prevent deliberate sabotage of the offsite facility.
The offsite facility should have the same standard environmental monitoring and control as the primary site; this includes monitoring the heat, humidity, temperature, power supply, and UPS (uninterruptible power supply), and the installation of good smoke and water detectors to achieve the ideal conditions for storing optical and magnetic media.
The other answer choices are incorrect: Compatible computer equipment is needed for a hot site, not for an offsite storage facility. The number of employees and a mantrap are less important than other criteria. (A mantrap is a physical security access control system comprised of a small space with two sets of interlocking doors.)
| Data Backup Storage
## Footnote
Relevant Terms
Security
Reference
7113.05
41
A vital data backup and storage program must meet which of the following requirements?
Auditing
Accounting
Insurance
Regulatory
Regulatory
Laws and regulations may impact how an organization can handle and manage data backup and storage and should be considered in establishing and developing methods for data handling. Regulatory requirements dictate the length of the time an organization must retain a particular record or document to support its business activities.
The other answer choices are incorrect. Regulatory requirements do not directly dictate insurance, accounting, and auditing. Auditors review compliance with such regulatory requirements. Before records retention, each organization must identify what records and documents are vital to its operations.
| Data Backup Storage
## Footnote
Relevant Terms
Backup
Documentation
Reference
7113.01
42
The frequency of file backups should depend primarily on the criticality of the application system:
rules.
documentation.
edits.
functions.
functions.
The frequency of file backup must depend on the criticality of the application system functions and data. Critical data should be backed up using the “grandfather-father-son” method. Backup of operating systems software and application programs must be performed whenever they are modified or updated.
The other answer choices are incorrect: Whether the application system has rules, documentation, or edits does not matter when it comes to the frequency of backup.
| Data Backup Storage
## Footnote
Relevant Terms
Backup
Reference
7113.11
43
The frequency of file backups should depend primarily on the criticality of the application system:
rules.
edits.
documentation.
functions.
functions.
The frequency of file backup must depend on the criticality of the application system functions and data. Critical data should be backed up using the “grandfather-father-son” method. Backup of operating systems software and application programs must be performed whenever they are modified or updated.
The other answer choices are incorrect: Whether the application system has rules, documentation, or edits does not matter when it comes to the frequency of backup.
## Footnote
Relevant Terms
Backup
Reference
7113.11
44
Which of the following is most appropriate to implement an incremental backup scheme?
Reduced recovery time for critical data
Online cloud media are preferred.
A random selection of backup sets is required.
Limited media capacity
Limited media capacity
An incremental backup focuses only on backing up data sets (files and folders) that have changed since the last incremental or full backup, therefore minimizing media storage.
The answer choice “reduced recovery time for critical data” is incorrect. A full backup or differential backup is required in this situation.
The answer choice “online cloud media are preferred” is incorrect. Incremental backup could be used regardless of the media selected.
The answer choice “a random selection of backup sets is required” is incorrect. A random selection of backup sets may not be viable with an incremental backup since only fragments of the data are backed up daily.
Limited media capacity.
This is the scenario that best matches the strengths of incremental backups. Because incremental backups only save changes since the last backup, they require significantly less storage space than full backups. This makes incremental backups particularly suitable for situations where storage media capacity is limited.
In conclusion, the option "Limited media capacity" is the most appropriate scenario for implementing an incremental backup scheme, as it leverages the key advantage of incremental backups: efficiency in storage space usage.
## Footnote
Relevant Terms
Backup
Reference
7113.10
