Availability, Resiliency, & Disaster Recovery

Question 1

the projected frequency of occurrences that occur in a given year (1 event / 15 years = 0.0667

Answer 1

ARO annualized rate of occurrence

Question 2

the cost of a specific loss within a given year (single loss expectancy x annualized rate of occurrence)

Answer 2

ALE annualized loss expectancy

Question 3

the damage in dollars expressed at a percentage of an asset’s value (50% of asset is at risk of damage = 50%

Answer 3

exposure factor

Question 4

the cost of an individual loss

Answer 4

SLE single loss expectancy

Question 5

location that is equipped with the necessary hardware & possibly software

Answer 5

hot site

Question 6

the practice of establishing procedures & resources designed to help an organization resume IT operations/other business functions that rely on IT, after a disaster or system disruption

Answer 6

disaster recovery

Question 7

a second location where hardware is already installed & available for use

Answer 7

hot site

Question 8

a facility where hardware would have to be delivered & installed (remote possibility of diaster)

Answer 8

cold site

Question 9

being able to perform business functions or meet business objectives

Answer 9

availability

Question 10

integration of a system of availability controls, disaster recovery plans, business continuity plans, & crisis management plans into a central set of procedures to consider whether the business can continue operations or quickly return

Answer 10

business resiliency

Question 11

an entity’s plans for restoring & continuing its IT function in the event of the destruction of program & data files & computer processing capability

Answer 11

disaster recovery

Question 12

plans that contain contingency & mitigation procedures around all business processes (relocating facilities, human resource tasks, & managing relationships with customers & suppliers)

Answer 12

business continuity plans

Question 13

helps identify & assess risks by identifying business units, departments, & processes that are essential to the survival of an entity & the organizational impact in the event of failure/disruption

Answer 13

business impact analysis

Question 14

policies that address the potential crisis an organization could face & how to properly respond

Answer 14

crisis management plans

Question 15

a facility already equipped with the necessary hardware that creates a replication of the primary data center

Answer 15

warm site

Question 16

a user-authentication control that verifies a person’s identity & then grants the appropriate access for that user based on reestablished access criteria

Answer 16

logical access control

Question 17

restrict access through the use of tangible or material mechanisms

Answer 17

physical access control

Question 18

the secure transmission of info through channels or applications that convert readable text into unreadable text during transit

Answer 18

data encryption

Question 19

Activities to prevent system disruption & loss of info

Answer 19

system availability

Question 20

backup that copies all changes made since the last full backup (incremental files)

Answer 20

incremental

Question 21

copies all changes made since the last full backup (cumulative files)

Answer 21

differential

Question 22

an exact copy of the entire database

Answer 22

full backup

Question 23

the maximum amount of time that it should take to restore operations after a system failure

Answer 23

RTO recovery time objective

Question 24

the amount of time that a company agrees to have a client’s systems & environment operational

Answer 24

AST agreed service time

Question 25

the average time it takes to repair a damaged or malfunctioning device, application, or system

Answer 25

MTTR mean time to repair

Question 26

the maximum threshold for acceptable data lost after an unplanned negative event (age of data that must be recovered to resume normal operations)

Answer 26

RPO recovery point objective