02- Disaster Recovery and Risk Management QUIZ Flashcards
An effective risk management plan will not include which of the following? A. Risk avoidance B. Risk response planning C. Risk monitoring D. Priority
Answer: D
Priority is a Disaster Recovery strategy.
Identify the method not used for performing a qualitative project risk analysis.
A. Risk tolerance
B. Probability impact matrix
C. Historic records
Answer: A
It is the measure of willingness of a stakeholder to avoid risk.
Choose the one that does not belong to the four points of main studies used in order to manage a given risk. A. Strength B. Weakness C. Threats D. DMZ
Answer: D
It is an example of risk domain.
Which one is not a Risk domain? A. DMZ B. Private network C. DRP D. Mobile Users
Answer: C
The DRP (disaster recovery plan) is a policy that defines how an organization will recover from a disaster, whether it is natural
or manmade disaster.
“Loss of data availability” helps determine which of the following:
A. The impact of a given risk
B. The likelihood of a risk
Answer: A
Loss of data availability is one set of questions to help determine the impact of a given risk.
______ includes a list of responsible people who will perform the steps for recovery, inventory
for the hardware and software, and steps to recover from a disaster.
A. Mitigation
B. DRP
C. Transference
D. Response strategy
Answer: B
The DRP (disaster recovery plan) includes a list of responsible people who will perform the steps for recovery, inventory for the
hardware and software, and steps to recover from a disaster.
Which of the following can function like the primary site within minutes?
A. Hot Site
B. Warm Site
C. Cold Site
Answer: A
Hot site is an identical site to the primary site equipped with systems and services just like the primary. Data is duplicated to the
hot site and can function just like the primary one in just a few minutes.
In simple terms, Disaster Recovery Plan is:
A. A plan used when the main computer systems fails
B. Prepared to deal with natural disasters only
C. For backup data only
D. Plan for business continuity only
Answer: A
Disaster Recovery Plan’s first objective is to ensure the security of the people at all cost. The DRP is a policy that defines how an
organization will recover from a disaster.
After a disaster, _____ is the maximum duration of time and a service level within which the
recovery procedure must be completed in order to avoid unacceptable consequences
associated with a break in business continuity.
A. MTD
B. RTO
C. BCP
Answer: B
Recovery Time Objective is the maximum duration of time and a service level within which the recovery procedure must be
completed in order to avoid undesirable consequences associated with a break in business continuity.
Identify the standards in DRP to backup data. A. Journaling B. Electronic vaulting C. Mitigation D. Likelihood
Answer: A and B
Journalling is a less expensive method used to protect data. When a disaster strikes, Journaling is used to write the transactions
that were missing in the full backup tape. Electronic vaulting is an alternate location to preserve backed up data. In case of a
disaster, the backup data stored in the electronic vault is restored.
The switching process is very fast in:
A. Warm site
B. Hot site
C. Cold site
Answer: B
Hot site has all the services and systems as that of the primary location and can switch to a full functional one within minutes.
DRP ranks a given disaster and acts based on its rank. Which one of the following is of the highest priority? A. Short term B. Mid term C. Long term
Answer: A
DRP assigns high rank, when a line of service is fully affected, and requires immediate action to recover.
_________ decides which services are sensitive for the regular operations to continue.
A. BCP
B. DRP
C. RTO
Answer: A
Business continuity plan (BCP) decides which services are sensitive for the regular operations to continue.
The risk formula is Risk = Likelihood x Weakness.
True
False
Answer: False
Risk = Likelihood x Impact
Identification of risk domains and risk exposure are done in the Analysis of Security Risk.
True
False
Answer: True
Analyze Security Risk involves identification of risk domains and risk exposure, SWOT analysis list and rank of the risks.
LearnSmart |