BC & DR

Question 1

The risks to the corporation are:

Answer 1

financial, reputational, and regulatory

Question 2

Maximum Tolerable Downtime (MTD)

Answer 2

describes the total time a system can be inoperable before an organization is severely impacted. It is the maximum time it takes to execute the reconstitution phase.

Question 3

Recovery Time Objective (RTO)

Answer 3

ISC2 “The maximum time a service or system can be unavailable.”

It describes the maximum time allowed to recover business or IT systems before the unavailability of the system severely affects the organization.

Question 4

Work Recovery Time (WRT)

Answer 4

describes the time required to configure a recovered systems.

Question 5

Recovery Point Objective (RPO)

Answer 5

the amount of acceptable data, measured in time that can be lost from that same event. Iit is a factor of how much data loss the mission/business process can tolerate during the recovery process.

Question 6

Electronic vaulting

Answer 6

is the batch process of electronically transmitting data that is to be backed up on a routine, regularly scheduled time interval.

A good tool for data that must be backed up on a daily or possibly even hourly basis.

It stores sensitive data offsite and it can perform the backup at very short intervals to ensure that the most recent data is backed up.

It is used to transfer bulk information to an offsite facility.

It addresses the remote backup of confidential data and smaller time between backups as an example.

Question 7

Hierarchical storage management (HSM)

Answer 7

provides a continuous online backup using various devices, including optical or tape drives.

An HSM is sometimes referred to as a jukebox.

Question 8

event management plan

Answer 8

needs to identify who is authorized to declare a disaster, how a declaration is done, and when the decision to “declare” is made, how it will be communicated to the teams that need to respond.

Question 9

executive emergency management team

Answer 9

a team that consists of the senior executives who have an overall responsibility for the recovery of the organization and services to others.

Question 10

emergency management team

Answer 10

comprised of individuals who report directly to the command center and have responsibility to oversee the recovery and restoration process being executed by the emergency response teams.

Responsible for communicating the recovery status to the executive management team.

Question 11

Command centers

Answer 11

are set up as a central location for communications and decision making during an emergency situation. equipped with a copy of the plan document

Question 12

continuity of operations plan (COOP)

Answer 12

describes the procedures required to maintain operations during a disaster.

It focuses on restoring an organization’s essential functions at an alternate site.

Establish senior management and a headquarter after disaster

Question 13

business recovery plan (BRP)

Answer 13

also known as the business resumption plan, details the steps required to restore normal business operations after recovering from a disruptive event.

Question 14

Continuity of support plan

Answer 14

focuses narrowly on support of specific IT systems and applications. Also called the IT contingency plan, emphasizing IT over general business support.

Question 15

emergency operations center (EOC)

Answer 15

the command post established during or just after an emergency event.

provide a location, equipped with all of the necessary resources to manage the organization resumption process

Question 16

Testing the disaster recovery plan should be completed for the following reasons:

Answer 16

• Testing verifies the processing capability of the alternate backup site. • Testing prepares and trains the personnel to execute their emergency duties. • Testing identifies deficiencies in the recovery procedures. • Testing verifies the accuracy of the recovery procedures.

Question 17

NIST SP 800-34

Answer 17

is the Contingency Planning Guide for Information Technology Systems.

Question 18

Structured walk-through/tabletop

Answer 18

walks through the different scenarios of the plan to ensure that nothing is left out.

The goal is to allow individuals who are knowledgeable about the systems and services targeted for recovery to thoroughly review the overall approach.

It helps to determine whether there are any noticeable omissions, gaps, or simply technical missteps that would hinder the recovery process

Question 19

Simulation test/walk-through drill

Answer 19

simulates an actual failure based on a scenario to test the reaction of personnel to which the team must respond as they are directed to by the DRP.

Question 20

Parallel processing

Answer 20

involve recovery of critical processing components at an alternate computing facility and then restore data from a previous backup. Organizations that are highly dependent upon mainframe, midrange systems, and where transactional data is a key component will often employ this type of test.

Question 21

BIA has 4 steps

Answer 21

1) Gathering the needed assessment materials.
2) Performing the vulnerability assessment.: idebtify cirtial IT systems/impacts, MTD, recovery procedures
3) Analyzing the information compiled:

o Document the process.
o Identify inter-dependability.
o Determine acceptable interruption periods

4) Documenting the results and presenting recommendations to management

Question 22

RAID 0

Answer 22

Striped set – Block-level o No parity. o Fastest RAID in reading and writing. o Used to sore temporary data.

The main purpose is to improve system performance

Question 23

RAID 1

Answer 23

Mirror

o Write performance is decreased, though the read performance can see an increase.

o Used for system disks where the core operating system files are found.

o Very costly.

Question 24

RAID Level 2

Answer 24

bit level striping. The parity information is created using a hamming code.

Question 25

RAID 3

Answer 25

Striped set with dedicated parity (byte level) –

o 3 or more drives required.

o Data is striped across multiple disks at the byte level.

o Dedicated parity drive

o More efficient with disk space than RAID 4.

Question 26

RAID 4

Answer 26

Striped set with dedicated parity (block level)

o 3 or more drives required.

o Data is striped across multiple disks at the block level.

o Dedicated parity drive.

o RAID 4 is faster than RAID 3.

Question 27

RAID 6

Answer 27

This level extends the capabilities of RAID 5 by computing two sets of parity
information.

striped set with dual distributed parity.

Allows writing the same parity information to two different disks.

Performance of this level is slightly less than that of RAID 5.

Question 28

RAID 0+1

Answer 28

The first set of disks stripes all of the data across the available drives (RAID 0 part) and those drives are mirrored to a different set of disks (the RAID 1 part).

Question 29

RAID 1+0 (10)

Answer 29

RAID 0 combined with RAID 1 two different arrays of disk used.

Each drive is mirrored to a matching drive.

When data is striped to one drive, it is immediately striped to another.

Question 30

Continuity planning project team (CPPT)

Answer 30

is comprised of stakeholders within an organization and focuses on identifying who would need to play a role if a specific emergency event were to occur. This includes people from the human resources section, public relations (PR), IT staff, physical security, linne managers, essential personnel

Question 31

Business Impact Analysis (BIA)

Answer 31

the formal method for determining how a disruption to the IT systems of an organization will impact the organization’s requirements, processes, and interdependencies with respect the business mission

Question 32

The primary goal of the BIA is to

Answer 32

determine the maximum tolerable downtime (MTD) for a specific IT asset.

Question 33

The BIA is comprised of two processes:

Answer 33

(1) Identification of critical assets, and (2) Comprehensive risk assessment. developed for every IT system within the organization, no matter how trivial or unimportant. Once the list is assembled and users and user representatives have provided input, the critical asset list can be created.

Question 34

crisis management plan (CMP)

Answer 34

designed to provide effective coordination among the managers of the organization in the event of an emergency or disruptive event. The CMP details the actions management must take to ensure that life and safety of personnel and property are immediately protected in case of a disaster.

Question 35

Business Continuity Plan (BCP)

Answer 35

Provide procedures for sustaining essential business operations while recovering from a significant disruption

Question 36

Business Recovery (or Resumption) Plan (BRP)

Answer 36

details the steps required to restore normal business operations after recovering from a disruptive event.

* include switching operations from an alternative site back to a (repaired) primary site

Question 37

Update and Maintenance of the Plan

Answer 37

 It needs to be updated on an on-going basis such as after each exercise and after each material change to the production, IT, or organization environment.

 The plan needs to have version control numbers.

 The plan needs to be published to everyone who has a role and also needs to be stored in a secure offsite location.

Question 38

Which teams should be included in the contingency plan’s development to aid in the execution of the final plan?

Answer 38

the restoration, damage assessment, and salvage teams

Question 39

What are financial considerations regarding a BIA?

Answer 39

accounting and payroll issues that may arise

Question 40

Which disaster recovery test involves examining the plan in detail?

Answer 40

a structured walk-through test

Question 41

Which test is a review of the plan to ensure that all steps are included?

Answer 41

a structured walk-through test

Question 42

Who should be responsible for directing immediate recovery procedures following a disaster?

Answer 42

the disaster recovery manager

Question 43

Which event causes most unplanned downtime for organizations?

Answer 43

a hardware failure

Question 44

What is the primary concern of the business impact analysis (BIA)?

Answer 44

identifying all business resources that could be lost

Question 45

What are the two main purposes of a disaster recovery plan?

Answer 45

to minimize property damage and to prevent loss of life

Question 46

Emergancy Response Team

Answer 46

are comprised of individuals who are responsible for executing the recovery processes necessary for the continuity or recovery of critical organization
functions in that site.

Question 47

In which order should the following steps be taken to create an emergency management plan?

Answer 47

o Form a planning team.
o Conduct a vulnerability assessment
o Develop a plan.
o Implement the plan.

Question 48

What si the purpose of Threat analysis?

Answer 48

will help provide guidance in the planning and prioritization of recovery and response capabilities, which requires a more detailed understanding of the types of threats is needed.

Question 49

What are BIA goals are?

Answer 49

determining how a disruption to the IT systems of an organization will impact the organization’s requirements, processes, with respect the business mission.

The objective is to associate the IT system components with the critical service it supports. It also aims to quantify the consequence of a disruption to the system component and how that will affect the organization.

The primary goal of the BIA is to determine the maximum tolerable downtime (MTD) for a specific IT asset. This will directly impact what disaster recovery solution is chosen

.

It provides information to improve business processes and efficiencies because it details all of the organization’s policies and implementation efforts.

Question 50

The steps of business continuity

Answer 50

 Develop the continuity planning policy statement.

 Conduct the BIA. identify and prioritize critical IT systems and components.

 Identify preventative controls. to reduce the effects of system disruptions can increase system availability and reduce contingency lifecycle costs.

 Develop recovery strategies. ensure that the system may be recovered quickly and effectively

 Develop the contingency plan. detailed guidance and procedures for restoring a damaged system.

 Test the plan, and conduct training and exercises. Testing the plan identifies planning gaps,

 Maintain the plan. Update regularly.