7 - Business Continuity and Disaster Recovery Plan

Question 1

1. Once a business continuity plan is developed and approved by senior management, what final critical element must be addressed?a. Filing of the plan with local emergency servicesb. Performing a qualitative risk analysisc. Creating awareness of the plan throughout the organizationd. Perform a structured walk-through test

Answer 1

C: This is the final required step in business continuity planning.

Question 2

2. Each time the business continuity plan is updated or revised, what must be done?a. Perform a new cost/benefit analysisb. A checklist test must be performedc. Update your countermeasuresd. Destroy all copies of all old version of the plan.

Answer 2

D: This is a required step to ensure that only one version of the plan is distributed within the organization. 9. What is the primary objective of a disaster recovery plan?

Question 3

3. What is the primary objective of a disaster recovery plan?a. To recover critical processes in a timely mannerb. Manage public relations after a crisisc. To minimize financial loss during normal operations outaged. Re-design the security infrastructure of the organization after an emergency

Answer 3

A: This is the primary objective of a disaster recovery plan.

Question 4

4. Which of the following is not an objective of a disaster recovery plan?a. Protecting the organization from significant loss due to the failure of its IT infrastructureb. Empowering personnel for decision making during a crisis situationc. Minimizing risks to the organization from delays in providing servicesd. Guaranteeing the reliability and availability of standby systems through testing and evaluation

Answer 4

B: An objective of a disaster recovery plan is to minimize decision making during a crisis.

Question 5

5. The security issue that addresses ongoing processing activity in the face of minor disruptive events is known as?a. business continuity planningb. disaster recovery planningc. mission critical relocation planningd. redundancy development planning

Answer 5

A: Business continuity planning is the security issue that addresses ongoing processing activity in the face of minor disruptive events.

Question 6

6. Who is ultimately responsible for the business continuity planning?a. Disaster recovery teamb. IT staffc. End usersd. Senior management

Answer 6

D: Senior management is ultimately responsible for the success or failure of the business continuity plan. 5. Which of the following is not one of the three primary goals of business impact analysis?

Question 7

7. Which of the following is not one of the three primary goals of business impact analysis?a. Plan testing and verificationb. Criticality prioritizationc. Downtime estimationd. Resource requirements

Answer 7

A: Business impact analysis is the disaster equivalent of risk analysis, it does not have an implementation plan associated with it and there such a plan does not need testing or verification.

Question 8

8. Which of the following is not an aspect of quantitative loss criteria associated with business impact analysis?a. Financial loss due to violations of contract agreementsb. Loss of competitive advantage or market sharec. Financial losses due to capital expenditured. Losses associated with financial liability expenditures

Answer 8

B: This is a qualitative loss criteria.

Question 9

9. Business continuity planning is designed to handle what sort of conditions?a. Moderate disruptive eventsb. Major disruptive events to very destructive eventsc. Daily work activitiesd. Total destruction of a company and its assets

Answer 9

A: Business continuity planning is designed to handle moderate disruptive events.

Question 10

10. Which of the following is not a goal of business continuity planninga. Reduce the risk of financial lossb. Reformulate the security policy to more adequately prepare for intrusion attempts during the recovery processc. Recover from a disruptive event quicklyd. Mitigate the risks associated with a disruptive event

Answer 10

B: This is not a goal of business continuity planning. This is part of the normal review and improvement process of the formalized security structure.

Question 11

11. What is the top priority of business continuity planning?a. Quick and efficient recovery of the organizationb. Minimizing financial losses due to a disruptive eventc. Safety of the personneld. Managing public opinion about the organization during a crisis

Answer 11

C: The top priority of business continuity planning is the safety of personnel.

Question 12

12. Which of the following is considered an essential element of due care and due diligence?a. creation of InfoSec teamsb. business continuity and disaster recovery planningc. delegating implementation tasks to subordinatesd. senior management sign off on all security planning

Answer 12

B: Business continuity and disaster recovery planning are considered essential elements of due care and due diligence.

Question 13

13. Business continuity planning should address all but which of the following?a. local area network componentsb. telecommunicationsc. employee personal possessionsd. applications and software

Answer 13

C: Employee personal possessions are the responsibility of the employees, not the organization and its business continuity planning.

Question 14

14. Which of the following is not an event that would be considered to trigger application of the business continuity plan?a. fire in the data centerb. earthquake resulting in broken communication linesc. floods affecting the basement levels onlyd. an intrusion attack that compromises a Web server

Answer 14

D: Intrusion attacks are not events that trigger the business continuity plan. Instead, intrusion attacks trigger normal InfoSec or CIRT response teams.

Question 15

15. Which of the following is not a goal or objective of business continuity planning?a. reduce the risks associated with a disruptive eventb. minimize costs associated with recovering from a disruptive eventc. promptly recover from a disruptive eventd. provide a procedural guide so minimal decisions are made during an event.

Answer 15

B: Business continuity planning does not deal with recovering from disruptive events, rather maintaining business activity during a disruptive event. Disaster recovery planning deals with recovery.

Question 16

16. Which of the following should be accomplished first when acting out a business continuity plan?a. Restore critical functionsb. Restore non-critical functionsc. Maintain personnel safetyd. Locate an alternate site

Answer 16

C: Maintaining personnel safety is always the first and top priority.

Question 17

17. What is the primary difference between a disaster recovery plan and a business continuity plan?a. The severity of the damage to the area caused by a disasterb. The use of a secondary sitec. The cost of maintenanced. The interruption of mission critical processes

Answer 17

D: The primary difference is whether mission critical processes are interrupted. If they are, then disaster recovery is used, if not, then business continuity is used.

Question 18

18. Although the activities themselves can be delegates, who is ultimately responsible for all phases of business continuity planning?a. Senior managementb. InfoSec teamsc. Systems auditord. Department managers

Answer 18

A: Senior management is always ultimately responsible for all aspects of security and maintaining productivity in their organization, even though the actual tasks to accomplish this may be delegated.

Question 19

19. Which of the following is not a goal of business impact assessment?a. criticality prioritizationb. establishing resource requirementsc. personnel safetyd. downtime estimation

Answer 19

C: Personnel safety is the most important factor for business continuity and disaster recovery planning. However, it is not a factor or goal of a business impact assessment.

Question 20

20. The Maximum Tolerable Downtime estimation is an indication of whata. how long the business continuity plan takes to developb. how long the business continuity plan takes to implementc. how long the migration to the secondary site will taked. how long can mission critical processes be down and still allow the organization to recover

Answer 20

D: The Maximum Tolerable Downtime estimation is an indication of how long can mission critical processes be down and still allow the organization to recover.

Question 21

21. The business continuity planning task of identifying key business processes, ordering those processes, and evaluating event impact is known as? a. criticality prioritizationb. business impact assessmentc. vulnerability assessmentd. quantative analysis

Answer 21

B: Business impact assessment is the business continuity planning task of identifying key (critical) business processes, ordering (prioritizing) those processes, and evaluating event impact.

Question 22

22. When performing a business impact analysis, which of the following is the least useful assessment material item to gather?a. organizational chartb. mission statementc. definition of business unitsd. outline of relationships within the organization

Answer 22

B: The mission statement is inconsequential and useless to the act of business impact analysis.

Question 23

23. Which of the following is not one of the four aspects or elements of a business continuity plan?a. business impact assessmentb. scope and plan initiationc. business continuity plan developmentd. testing

Answer 23

D: While testing is important, it is not one of the four primary elements of a business continuity plan. In fact, testing seems to be mentioned only in relation to disaster recovery planning.

Question 24

24. When updating or maintaining a business continuity plan, which of the following is most important?a. only a single version of the plan should exist throughout the organizationb. each department should develop and maintain their own planc. the business continuity plan cannot make recommendations outside of the organization’s security policyd. keeping the cost of the plan to a minimum

Answer 24

A: Only a single version of the business continuity plan should exist throughout the organization.

Question 25

25. The process of making employees aware of the business continuity plan is found in what stage or element of the business continuity plan development process?a. business impact assessmentb. plan approval and implementationc. business continuity plan developmentd. scope and plan initiation

Answer 25

B: Staff awareness is an aspect of the plan approval and implementation element of the business continuity plan development process.

Question 26

26. Which of the following is not an event that would be considered to trigger application of the disaster recover plan?a. a terrorist bomb that destroys most of your primary siteb. a wind storm that completely severs your power and communicationsc. a hurricane that floods your data centerd. a rupture in a gas main 10 miles from your primary facility

Answer 26

D: When an event causes concern but does not effect your primary facility, it will not trigger the disaster recovery plan.

Question 27

27. A disaster recovery plan may be triggered by all but which of the following?a. A mud slide burying your primary siteb. Intermittent loss of access to a entertainment Web sitec. A fire that destroys your entire data centerd. A robbery where your primary servers are stolen

Answer 27

B: Internet communication interruptions that are not related to your mission critical processes will not trigger the disaster recovery plan.

Question 28

28. The scope of the business continuity plan should be which of the following?a. people, infrastructure, key personnel, equipmentb. media relations, human resources, people, facilitiesc. office supplies, people, infrastructure, facilitiesd. Infrastructure (IT), facilities, supplies and equipment

Answer 28

C: The scope of the business continuity plan should be everything necessary to support your mission critical services, such as office supplies, people, infrastructure, facilities.

Question 29

29. Which of the following is not an option for alternate site Selection within disaster recovery planning?a. mutual aid agreementsb. subscription servicesc. service bureausd. adjacent building rental

Answer 29

D: Adjacent building rental is the poorest choice for an alternate site since it is so close to the original site that it is susceptible to the same disasters that could destroy the primary site.

Question 30

30. What is a mutual aid agreement?a. two parties agree to support the other’s critical business functions in the event of a disasterb. two parties agree to share the cost of maintaining an alternate sitec. two parties agree to work together in building secondary locationsd. an insurance company agrees to pay for IT relocation services

Answer 30

A: two parties agree to support the other’s critical business functions in the event of a disaster

Question 31

31. Which of the following is the most cost effective alternate site location but which is most likely to be useless when actually needed?a. hot siteb. mutual aid agreementsc. portable hot sited. service bureau contract

Answer 31

B: A mutual aid agreement is the cheapest forms of alternate site location, but since most companies barely have the capacity to support their own mission critical processes, when needed in a disaster these agreements are usually worthless.

Question 32

32. When business impact analysis is completed, what is the end result?a. a quantitative risk analysis reportb. an auditor’s final qualitative reportc. a business continuity pland. a organizational security policy

Answer 32

C: The end result of business impact analysis is a business continuity plan.

Question 33

33. Which of the following is not an element of the vulnerability assessment process of business impact analysis?a. quantitative analysisb. qualitative analysisc. defining critical areas and dependenciesd. selecting countermeasures

Answer 33

D: Countermeasure Selection is associated with risk analysis, not business impact analysis vulnerability assessment.

Question 34

34. Which of the following is not a goal of disaster recovery planning?a. Maintaining critical functions through a minor disruptive eventb. Protecting an organization from major IT failurec. Minimizing the risk to an organization from the interruption of mission critical processesd. Maintaining reliable backup and restoration solutions through testing and simulation

Answer 34

A: Maintaining critical functions through a minor disruptive event is business continuity planning, not disaster recovery planning.

Question 35

35. Which of the following is the best type of leadership that should assume control while the disaster recovery plan is being carried out?a. committeeb. proceduralc. interactived. democratic

Answer 35

B: A disaster recovery plan should minimize the need for personnel to make decisions during and after a disaster. Thus a procedural leadership would simply follow the directions as outlined in the disaster recovery plan.

Question 36

36. The primary goal of the data processing continuity aspect of disaster recovery planning is?a. maintain data integrity throughout the disasterb. maintain functional networking access throughout the disasterc. ensure workers can complete their work tasksd. moving the entire IT infrastructure over to a secondary location

Answer 36

C: The primary goal of the data processing continuity aspect of disaster recovery planning is to ensure workers can complete their work tasks.

Question 37

37. Which of the following is not an advantage to a service bureau contract for an alternate processing site?a. resource contention during a large emergencyb. testing is often possiblec. cost effectived. offers quick response and reasonable availability

Answer 37

A: Service bureau contracts for alternate processing sites becomes a disadvantage when the resources are over allocated and they are insufficient to handle all clients during a large emergency.

Question 38

38. Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for?a. rolling mobile backup sitesb. hot sitec. multiple processing centersd. service bureau contracts

Answer 38

B: Vendor re-supply of hardware is an acceptable practice for all forms of alternate site locations except for hot sites.

Question 39

39. Which of the following should not be true regarding an alternate site?a. located far away from the primary siteb. facility should be far enough away not to be affected by the same disasterc. located very close to the primary sited. should support the mission critical processes of the organization

Answer 39

C: The alternate site should not be very close to the primary site, otherwise it will be susceptible to the same disaster that affects the primary site.

Question 40

40. Which of the following is not a disadvantage of a hot site?a. duplicate copy of sensitive datab. costc. fully configured systems with all supporting utilities and infrastructured. requires constant maintenance

Answer 40

C: The fact that a hot site has fully configured systems with all supporting utilities and infrastructure is an advantage not a disadvantage.

Question 41

41. Which of the following is an advantage of a warm site as compared to a hot site?a. applications may not be fully installedb. systems are not fully configuredc. communications links are not installedd. moderate administrative and maintenance costs

Answer 41

D: A warm site has considerably less administrative and maintenance costs since it is not a duplicate production environment.

Question 42

42. What type of site can make adequate recovery impossible?a. cold siteb. service bureauc. multiple production centersd. mobile hot backup site

Answer 42

A: A cold site can make adequate recovery impossible because installing and configuring the infrastructure can take longer than the maximum time to recovery an organization can withstand.

Question 43

43. What is the most common but least effective Selection of an alternate backup site?a. service bureaub. cold sitec. mobile backup sited. multiple processing centers

Answer 43

B: A cold site is the most common form of alternate backup site, but is also the least effective solution since most companies cannot withstand the down time to bring a cold site up and running.

Question 44

44. Which of the following is not true about cold sites?a. equipment will need to be brought inb. communication lines may not be installedc. a duplicate copy of critical data is hosted thered. HVAC is probably installed

Answer 44

C: A cold site has no means to support a duplicate copy of critical data.

Question 45

45. What is the primary benefit of using multiple processing centers?a. each location is owned and managed by a different entityb. each location is within a small geographic areac. if a location is compromised, the remaining locations may not have sufficient capabilities to handle the additional loadd. the mission critical applications of an organization are spread among numerous physical locations

Answer 45

D: The primary benefit of using multiple processing centers is that mission critical applications of an organization are spread among numerous physical locations.

Question 46

46. Which type of disaster recovery test is performed by individuals separately rather than by a group of personnel working together as a team?a. checklist testb. simulation testc. structured walk through testd. parallel test

Answer 46

A: A checklist test is performed by individuals separately rather than by a group of personnel working together as a team.

Question 47

47. Which of the following disaster recovery tests can be performed simultaneously with any of the other tests?a. Simulation testb. Checklist testc. Parallel testd. Full interruption test

Answer 47

B: A checklist test can also be performed simultaneously with any other test to keep the plan current. The checklist is usually the first test to be performed to check for omissions or changes needed to the plan.

Question 48

48. Which form of disaster recovery test performs all activities of the plan up to but not including point of starting processing at the alternate site?a. full interruption testb. structured walk through testc. simulation testd. parallel test

Answer 48

C: A simulation test performs all activities of the plan up to but not including point of starting processing at the alternate site.

Question 49

49. Another name for electronic vaulting is?a. remote journalingb. parallel processingc. database shadowingd. batch processing

Answer 49

D: Batch processing is another name for electronic vaulting.

Question 50

50. The act of parallel processing transactions is also known as?a. remote journalingb. electronic vaultingc. batch processingd. database shadowing

Answer 50

A: Remote journaling is the act of parallel processing transactions.

Question 51

51. Which of the following is not a reason to test a disaster recovery plan?a. testing verifies the accuracy of the proceduresb. testing minimizes legal liabilityc. testing trains personneld. testing verifies the processing capability of the alternate site

Answer 51

B: Testing does not minimize legal liability, rather the overall act of designing and implementing a plan minimizes legal liability.

Question 52

52. When designing the test document (i.e. the procedure for the test) for a disaster recovery plan, all but which of the following must be included?a. the length of the testb. the participants in the testc. the cost in productivity of the testd. the resources or services to be included in the test

Answer 52

C: The productivity loss due to the test is not an element of the test document. Rather it is a side effect of performing a test that must be absorbed by the organization in order to gain a better disaster recovery plan.

Question 53

53. Which of the follow types of disaster recovery plan tests should be performed first to discover any omissions or modifications that may be needed for your plan?a. structured walk through testb. simulation testc. parallel testd. checklist test

Answer 53

D: A checklist test allows for department heads or functional managers to review the plan and indicate if anything has been omitted or needs to be modified. The planning team can then implement those changes to the plan.

Question 54

54. According to a disaster recovery plan, the recovery team is responsible for which of the following?a. returning to the primary siteb. get non-critical processing operations up at the primary sitec. ensure that threat to personnel at the primary site has been eliminatedd. implementing the disaster recovery plan

Answer 54

D: Implementing the disaster recovery plan is the responsibility of the recovery team.

Question 55

55. Which of the following is a responsibility of the salvage team?a. return primary site back to normal operating conditionsb. implement the disaster recovery plan to get business functions operational at the alternate sitec. ensure personnel safety at the alternate sited. minimize the risk of disaster effect at the primary site

Answer 55

A: The primary responsibility of the salvage team is to return the primary site back to normal operating conditions.

Question 56

56. When should the salvage team return to the primary site?a. as soon as critical processes are operating at the alternate siteb. after threat to personal safety is eliminatedc. immediately to recover the backup mediad. within 24 hours of the disaster

Answer 56

B: The salvage team should return to the primary site only after threat to personal safety is eliminated.

Question 57

57. Which form of disaster recovery test performs all activities of the plan but processing at the primary facility does not stop?a. full interruption testb. structured walk through testc. simulation testd. parallel test

Answer 57

D: A parallel test performs all activities of the plan but processing at the primary facility does not stop.

Question 58

58. Which form of disaster recovery test performs all activities of the plan up to the point of terminating processing at the primary site?a. full interruption testb. structured walk through testc. simulation testd. parallel test

Answer 58

D: A parallel test performs all activities of the plan up to point of terminating processing at the primary site.

Question 59

59. Which form of disaster recovery test is an on-paper only walk through of the plan in a group meeting?a. full interruption testb. structured walk through testc. simulation testd. parallel test

Answer 59

B: A structured walk through test is an on-paper only walk through of the plan in a group meeting.

Question 60

60. The best method to test that a disaster recovery plan is fully capable of handling a serious disaster is to use which of the following testing methods?a. simulation testb. structured walk through testc. full interruption testd. parallel test

Answer 60

C: A full interruption test is the best method to test that a disaster recovery plan is fully capable of handling a serious disaster. However, doing so can cause a disaster of its own.

Question 61

61. Which of the following is the least important activity to perform once a disaster recovery plan is developed?a. post the plan on the public Web serverb. test the plan for viabilityc. train staff on using the pland. retain only a single version of the plan

Answer 61

A: The disaster recovery plan is not information that should be shared with the general public.

Question 62

62. When seeking senior management signoff on the final version of a disaster recovery plan, which of the following is least important?a. whether the plan is sufficient to recover all aspects of the organizationb. the details of disaster recovery plans from other organizationsc. whether the plan has been tested for viabilityd. the level of detail the procedures include for recovering

Answer 62

B: The details of plans from other organizations is the least important factor when obtaining final senior management signoff of a disaster recovery plan.

Question 63

63. Testing a business continuity plan performs all but which of the following?a. personnel trainingb. staff awarenessc. design improvementsd. viability testing

Answer 63

C: The results of a test may indicate that the plan needs to be improved, but actual design improvements are not the result of the testing process itself.

Question 64

64. When is the emergency considered over in the event of activation of the disaster recovery plan?a. when mission critical operations are functioning at the alternate siteb. when threat to human safety is eliminatedc. when all operations are back at the primary sited. when the organization has maintained viability for three months after the disaster

Answer 64

C: The emergency is over when all operations are back at the primary site.

Question 65

65. Why is an emergency not considered over until the organization fully returns to the primary site?a. human safety is not protected until the primary site is restoredb. legal requirements for insurance mandate thisc. the alternate site can never fully support the operations of the organizationd. because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site

Answer 65

D: An emergency is not over until the organization fully returns to the primary site because a vulnerability exists when shifting mission critical applications from the alternate back to the primary site.

Question 66

66. When returning to the primary site after the alternate site has been used for mission critical processing, what is the first step?a. return non-mission critical functions to the primary siteb. interrupt all operations at the alternate sitec. return mission critical functions to the primary sited. verify safety of the alternate site

Answer 66

A: The first step in returning to the primary site is to get non-mission critical functions operating. This will ensure that the restored IT infrastructure will be able to support the full load of the mission critical operations.

Question 67

67. Which arrangement does not need to be done before a disaster occurs?a. establish an alternate or backup siteb. establish a media contactc. make preparations to continue writing paychecksd. create a rendezvous point for all employees

Answer 67

B: There is no need to establish media contacts before a disaster.

Question 68

68. Which of the following represent the true scope of threats to an organization that may trigger the use of a business continuity plan or a disaster recovery plan?a. man-made, technical, accidentalb. natural, technical, circumstantialc. man-made, natural, technicald. natural, mythical, theoretical

Answer 68

C: The scope of threats are man-made, natural, and technical.

Question 69

69. The most critical part of a disaster recovery plan to ensure that it will be effective in restoring the organization is?a. vulnerability assessmentb. project initiationc. senior management signoffd. ongoing maintenance

Answer 69

D: Ongoing maintenance ensures that a disaster recovery plan remains viable.

Question 70

70. Which of the following provides the most useful or meaningful information?a. testing a disaster recovery plan and learning whether it passed or failed overallb. testing a disaster recovery plan and learning what aspects failedc. testing a business continuity plan and learning which staff members failed to follow procedured. testing a business continuity plan and restoring files from the most recent full backup

Answer 70

B: Testing a disaster recovery plan and learning what aspects failed offers the most useful and meaningful information from this list of Selections.

Question 71

71. A business continuity plan should address which sets of threats?a. intrusion attacks and man-made disastersb. hardware failures and natural disastersc. natural and man-made disastersd. technical failures and human error

Answer 71

C: A business continuity plan should address the threats of natural and man-made disasters.

Question 72

72. When selecting an alternate site for a disaster recovery plan, which of the following is the most important consideration factor?a. locationb. sizec. costd. capability of supporting business processing

Answer 72

D: The ability for an alternate site to support business processing is the most important aspect when selecting an alternate site.

Question 73

73. What is the most important element or aspect of business continuity planning or disaster recovery planning?a. vulnerability assessmentb. criticality prioritizationc. maintaining critical processes across any disruptive eventd. management support

Answer 73

D: The most important element is management support.

Question 74

74. In the event of a minor disaster, which of the following activities should occur to restore systems and recover data files?a. initiate the business continuity planb. restore files from backupc. initiate a full interruption testd. perform a vulnerability analysis

Answer 74

A: Initiating the business continuity plan is the activity that should take place after a minor disaster to restore systems and recover data files.

Question 75

75. Qualitative and quantitative elements can be found in which of the following?a. senior management approvalb. business impact analysisc. simulation testingd. criticality prioritization

Answer 75

B: Business impact analysis includes qualitative and quantitative elements.

Question 76

76. When designing a business continuity plan to prevent single points of failure, which of the following is the most important?a. use RAIDb. test backupsc. establish redundancyd. install surge protectors

Answer 76

C: Prevention of single points of failure involves implementation of redundancy throughout the IT infrastructure.

Question 77

77. The owner of the business continuity plan and the disaster recovery plan in your organization is?a. CIRTb. Internal auditorc. departmental network administratord. senior management

Answer 77

D: The senior manager is the owner of the business continuity and disaster recovery plans for an organization.

Question 78

78. When performing a business impact analysis, which of the following is necessary?a. outlining critical operation dependenciesb. contracting with a service bureauc. selecting countermeasuresd. defining staff responsibilities

Answer 78

A: Business impact analysis includes defining or outlining the dependencies of critical business operations.

Question 79

79. What is the primary disadvantage of dividing the IT infrastructure of an organization among multiple sites or processing centers?a. Decreased risk of downtime due to multiple operation centersb. Most cost effective than maintaining a hot sitec. Administrationd. All facilities are owned or controlled by the organization

Answer 79

C: Administration of multiple sites is the primary disadvantage of employing a multi-site IT infrastructure.

Question 80

80. The primary factor when selecting a secondary or backup facility site for use during a disaster is?a. Costb. Source of hardware replacement componentsc. Use of service bureaus to provide backup servicesd. Distance from primary facility

Answer 80

D: The backup or secondary facility should be far enough away from the primary facility so that it is not affected by the same disaster but close enough that it can be reached by personnel within an acceptable amount of time (usually 1/2 day’s travel).

Question 81

81. Which of the following is described by the use of a live process that duplicates transactions and entire files from a primary server to backup/secondary servers at alternate/backup sites?a. Database shadowingb. Remote Journalingc. Electronic vaultingd. Batch dump processing

Answer 81

A: Database shadowing maintains duplicate servers by relying on remote journaling as well as the transfer of entire files from the primary server to the backup servers.

Question 82

82. When testing a disaster recovery plan, which of the following is true?a. A plan can be trusted before it is testedb. Every element of the plan should be testedc. Only simulations of the plan should be attempted when testingd. Tests should always involve the disruption of the production environment

Answer 82

B: Every element of the plan should be tested.

Question 83

83. Which of the following is the most often overlooked aspect of disaster recovery?a. maintaining employee compensation mechanismsb. protecting human safetyc. restoring and maintaining critical business functionsd. alternate site Selection

Answer 83

A: The most often overlooked aspect of disaster recovery is maintaining a mechanism by which to continue issuing employee paychecks.

Question 84

84. The best location for a data center in an alternate site is?a. ground floorb. center of buildingc. sub-basementd. penthouse

Answer 84

B: The center of the building is always the best choice for a data center in any type of site.

Question 85

85. What is the main drawback to mutual aid agreements?a. Agreements are made with companies with similar IT infrastructure needsb. Offers a crisis protection scheme that does not require significant preparation expense.c. Assumes the infrastructure of one organization can sustain the operations of both organizations during a crisis.d. Both parties in the agreement agree to support each other during a crisis.

Answer 85

C: This is the primary drawback to mutual aid agreements.

Question 86

86. What type of alternate processing facility has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure?a. Secondary siteb. Cold sitec. Warm sited. Hot site

Answer 86

D: A hot site is an alternate processing facility that has A/C, fully functional file and print servers, and up-to-date workstations configured to mirror the primary production IT infrastructure.

Question 87

87. Which of the following is an advantage of a hot site?a. Minimized downtimeb. Costc. Service provider overselling its capacityd. Site security

Answer 87

A: This is an advantage of a hot site. A hot site minimizes downtime due to a disaster at the primary facility. Downtime is usually limited to travel time between the two facilities and a minimal reconfiguration effort.

Question 88

88. Which of the following is a benefit of a cold site?a. Installation of communication linksb. Costc. Pre-installation of basic infrastructured. Ability to adequately and efficiently recover from a disaster

Answer 88

B: A cold site is very cost effective, because it is little more than rent on an empty facility.

Question 89

89. Which of the following is not an important consideration for a disaster recovery plan?a. Interfacing with external groups such as emergency services, utility providers, customers, etc.b. Preparations to continue paying salaries even with interrupted productionc. Maintaining manager vacations and Christmas bonuses during a crisisd. Maintaining adequate insurance to cover all liabilities

Answer 89

C: This is not an important consideration of a disaster recovery plan.

Question 90

90. Part of emergency response awareness, all employees should have minimal training in all but which of the following?a. First aidb. Use of a fire extinguisherc. Evacuation routesd. Management of toxic gases

Answer 90

D: Management of toxic gases is an activity that requires specialized training and equipment. This is not a normal awareness activity for employees.

Question 91

91. Which of the following is not an important element or aspect of business continuity planning (BCP) or disaster recovery planning (DRP)?a. Minimum operational IT system requirementsb. Obtaining replacement hardwarec. Restoring critical operations d. Maintaining a reliable backup solution

Answer 91

A: This is not an aspect of either BCP or DRP.

Question 92

92. Which testing procedure exercised every phase of the plan up to but not including initiating alternate processing?a. Structured walk-through testb. Parallel testc. Simulation testd. Full-interruption test

Answer 92

C: A simulation test exercises every phase of the plan up to but not including initiating alternate processing

Question 93

93. What is the best way to test a plan in order to determine whether the entire plan will function as expected or fail?a. Structured walk-through testb. Parallel testc. Simulation testd. Full-interruption test

Answer 93

D: A full-interruption test is the only way to verify that every element of the plan will function as designed.

Question 94

94. The salvage team returns to the original production site when?a. Once the possibility of personal injury is eliminatedb. While personnel evacuation is taking placec. Only after the recovery site is shut downd. The salvage team never returns to the original production site

Answer 94

A: The salvage team only returns to the original production site only after the possibility of personal injury is eliminated.

Question 95

95. When is an emergency over in terms of the disaster recovery plan?a. Once the organization is fully operational at the backup siteb. Once the organization fully returns to the original production sitec. Once the possibility of personal injury is eliminatedd. Once critical production systems are restored at the recovery site

Answer 95

B: An emergency is only over after the organization fully returns to the original production site.

Question 96

96. What policy or plan is the final option when a disaster strikes and all other plans fail?a. Mutual aid agreementb. Business continuity planc. Disaster recovery pland. Insurance policy

Answer 96

D: The last option is an insurance plan.

Question 97

97. Which backup or protection mechanisms can be used to quickly restore a database from the secondary location due to a virus corruption of the data at the primary location?a. Sending an employee to the second site to physically move the duplicate system back to the primary siteb. Create a drive image from the secondary site, then use the drive image to restore the primary sitec. Off-site tape storaged. Electronic vaulting

Answer 97

D: The use of electronic vaulting is the fastest mechanism to restore a damaged system at the primary site from the backup stored at the secondary site. Electronic vaulting consists of online storage of backups, which can be quickly accessed and restored.

Question 98

98. What factor should determine whether restoring telecommunications is a critical function of the disaster recovery plan?a. Whether the organization can function productively without itb. Whether the service can be installed in a timely mannerc. Whether the service is pre-installed at the secondary locationd. Whether the budget will support an emergency response for the service

Answer 98

A: Whether the organization can function productively without a service is the determining factor for defining the restoration of a service, such as telecommunications, is a critical element of a disaster recovery plan.

Question 99

99. When storing backup tapes at an off-site facility for an organization which controls highly classified military assets, which of the following is the most important aspect to consider?a. The format of the backup tapesb. The number of backup tapes stored offsitec. The useful life of the stored datad. Whether the same route is traveled at the same time each day between the facility and the off-site storage location

Answer 99

D: The travel route is the most important aspect to consider from this list. If the data is highly classified, then very high security standards need to be maintained. This would include varying the route and the time which backup tapes are transferred offsite to prevent timed attacks against the transfer vehicles.

Question 100

100. Which of the following network devices offers the least redundancy or fault tolerance?a. Switchb. UPSc. FDDId. Hub

Answer 100

D: A hub is not redundant or fault tolerant.

Question 101

101. In order to minimize losses due to a disaster, what must occur?a. A hot site must be available for immediate transfer of production operationsb. Minimizing the disaster recovery time periodc. All personnel should be thoroughly trained in contingency activitiesd. Ensuring non-critical functions are restored first

Answer 101

B: Minimizing the disaster recovery time period will directly reduce the losses associated with the disaster.

Question 102

102. What factor determines the frequency at which a disaster recovery plan should be tested?a. Budgetb. Management choicec. Asset movement and changed. Employee turnover

Answer 102

C: The rate of asset movement and change determines how frequently the DRP should be tested. The more assets change and move, the more often the DRP should be tested.

Question 103

103. What is the final element of disaster recovery planning?a. Impact analysisb. Plan developmentc. Plan maintenanced. Plan testing

Answer 103

C: Plan maintenance is the final element of DRP, maintenance is ongoing.

Question 104

104. The most important characteristic of a disaster recovery team coordinator is?a. Security certificationsb. Extensive IT infrastructure experiencec. Background and training in business managementd. The ability to communicate well with both technical and non-technical personnel

Answer 104

D: The most important characteristic of a disaster recovery team coordinator is the ability to communicate well with both technical and non-technical personnel.

Question 105

105. Which method is the best way to maintain a business continuity plan or a disaster recovery plan?a. Thorough testing and end-user evaluationb. Management oversight and refinementc. A combination of top-down and bottom-up approachesd. External independent analysis and review

Answer 105

C: The best method for maintaining a recovery plan is to use both top-down (management) and bottom-up (test results) approaches.

Question 106

106. A disaster recovery plan is primarily concerned with protecting against?a. Financial lossesb. Asset lossesc. Equipment lossesd. Market share losses

Answer 106

A: A DRP is primarily concerned with protecting against financial losses.

Question 107

107. What is the best way to test a disaster recovery plan?a. During a crisisb. Unannounced c. Using simulationsd. Immediately after a disaster occurs

Answer 107

B: The best way to test a DRP is like an unannounced fire drill. A few key managers should be aware of the test, but all aspects of the DRP should be implemented to ensure they operate as designed.

Question 108

108. A traffic accident results in a delivery van crashing into your server cage located in the corner of your building. All systems within the cage are damaged beyond repair. What would have been the best course of action to prepare for such an emergency?a. Arrange for a cold site backup facilityb. Adequately train employees in security awarenessc. Raise anti-van shieldd. Implemented a daily offsite electronic vault backup system.

Answer 108

D: The best preparatory action for such a disaster is an offsite backup solution.

Question 109

109. When performing contingency planning for a SOHO LAN, which of the following should be considered?a. Remote access connectivity for telecommutersb. Backup solutionsc. Hot site alternate processing facilityd. Rolling mobile backup sites with self-contained A/C and fully installed servers

Answer 109

B: A SOHO (small office, home office) LAN should concern itself with backup solutions as part of its contingency plan.

Question 110

110. What type of site is most effective in providing a short recovery time?a. Cold siteb. Warm sitec. Hot sited. A partner site via mutual aid agreement

Answer 110

C: A hot site is most effective in providing a short recovery time.

Question 111

111. A disaster recovery contingency plan is most concerned with addressing what sorts of issues, hindrances, or threats?a. Administrativeb. Logicalc. Physicald. Technical

Answer 111

C: A disaster recovery contingency plan is most concerned with addressing physical threats.

Question 112

112. The business continuity planning documentation and the formalized security policy documentation are?a. The same documentb. Separate but complementary documentsc. Mutually exclusive documentsd. Regulated documents by the government

Answer 112

B: The business continuity planning documentation and the formalized security policy documentation are separate but complementary documents.

Question 113

113. Which of the following is typically not included or considered when developing a disaster recovery or contingency plan?a. Hardware failureb. Power lossc. Postal delivery interruptionsd. Natural disasters

Answer 113

C: Postal delivery interruptions are typically not included or even considered in disaster recovery or contingency planning.

Question 114

114. The first step that should be performed when implementing a contingency plan is to?a. Inventory the hardwareb. Perform a full backupc. Valuation of assetsd. Arrange for an offsite backup processing center

Answer 114

B: The first step that should be performed when implementing a contingency plan is to perform a full backup.

Question 115

115. If an organization does not have a disaster recovery plan and an earthquake destroys the primary processing facility, who is held liable?a. Insurance companyb. IT staffc. Senior managementd. Risk analysis team

Answer 115

C: Senior management is held liable for the lack of due care and due diligence in forming a disaster recovery plan.

Question 116

116. What is the primary limitation of disaster recovery planning?a. The inability to address all possible types of disastersb. The inability to provide adequate awareness training for employeesc. The inability to obtain senior management buyoffd. The inability to deploy adequate safeguards

Answer 116

A: This is the primary limitation of DRP.

Question 117

117. When a hardware failure occurs, what designation determines the length of time the recovery process will take?a. Cost of the repairb. Availability of replacement partsc. Mean time to repaird. Thoroughness of the business continuity plan

Answer 117

C: The mean time to repair determines how long it will take to repair a system and thus directly relates to the recovery time period.

Question 118

118. Which of the following is the least expensive option when preparing for an offsite secondary operations facility?a. Mutual aid agreementb. Hot site alternate facilityc. Warm site backup facilityd. Redundant servers on opposite ends of the organization’s main campus

Answer 118

A: Mutual aid agreement is the cheapest way to prepare for an offsite secondary operations facility.

Question 119

119. What aspect of a business continuity plan, a disaster recovery plan, or even a contingency plan is most difficult to obtain upper management buyoff?a. Financialb. Employee awareness trainingc. Plan testingd. Insurance policies

Answer 119

A: Financial is the most difficult aspect of disaster planning to obtain senior management buyoff for due to the fact that it involves a significant amount of spending to prevent possible future disasters.

Question 120

120. When selecting an insurance policy to reduce the effects of a disaster on an organization, what is the most important criteria to consider?a. Overall costb. Familiarity of the insurance company with your specific field of operationc. Total value of the organization’s assetsd. Evaluating asset value with various risks

Answer 120

D: This is the best criteria for selecting an insurance policy.