Business Continuity and Disaster Recovery Flashcards
A business is hosting high-demand content in an earthquake-prone zone. The chief information security officer has asked his leadership to prioritize what should be focused on in the event of a disaster. What should be the highest priority?
Availability of high-demand data
Integrity of organizational databases
Safety of personnel
Safety of personnel
Personnel safety should always be the highest priority. This can be facilitated using physical controls, such as locks or fire-suppression mechanisms, or through policies and procedures
You are installing a database server that requires several hard drives in a RAID array. In the event one of the drives fails, you need to be able to swap out a failed hard drive with no downtime. Which of the following types of hard drives do you require?
Cold swap
Suspend swap
Hot swap
Hot swap
A hot-swap device, such as a hard drive, can be inserted or removed without the need to shut down the server. This enables you to retain the availability of the services on that server
Your company is in the middle of budgeting for disaster recovery. You have been asked to justify the cost for offsite backup media storage. What is the primary security purpose of storing backup media at an offsite storage facility?
So that the facility can copy the data to a RAID system
For proper archive labeling and storage
To prevent a disaster onsite from destroying the only copies of your backup media
To prevent a disaster onsite from destroying the only copies of your backup media
All backup plans should require backup media to be sent to an offsite storage facility. That way, if a disaster destroys your physical location, the backup media will be safe
You have implemented a backup plan for your critical file servers, including proper media rotation, backup frequency, and offsite storage. Which of the following must be performed on a regular basis to ensure the validity and integrity of your backup system?
Periodic testing of restores
Multiple monthly backup media
Purchasing of new media
Periodic testing of restores
Regularly testing your backups by performing a test restore is the only way to ensure that your backup data is valid and the data is intact. If the information cannot be restored, your backup plan is not providing any benefit for a disaster recovery scenario
As part of your organization’s contingency plan in the event of a disaster, which of the following would be the primary component of the organization to make functional after an initial disaster incident?
Check all file servers and make sure they are running.
Retrieve all backup tapes from the offsite storage facility.
Ensure basic communications such as phone and Internet connectivity are functional.
Ensure basic communications such as phone and Internet connectivity are functional.
The most important part of the company to get operational is basic communications, such as phones, networking connectivity, and e-mail. Until these communication lines are functional, the ability to coordinate the disaster recovery effort will be greatly reduced
You must ensure that power is always available (24/7) for a critical web and database server that accepts customer orders and processes transactions. Which of the following devices should be installed?
Power conditioner
UPS
Power generator
Power generator
A power generator is required to ensure that there is always power for your server. A UPS battery typically contains only enough power to run a system for about 10 to 20 minutes, while a power conditioner or redundant power supply will not help if there is no power to run them
You are installing network cabling for the main backbone of a manufacturing facility network. The manufacturing machinery generates a significant amount of EMI. Which of the following network cabling types should you use?
STP
Fiber optic
UTP
Fiber optic
Because fiber-optic cabling uses light to transfer information over the cables, it isn’t susceptible to electromagnetic interference
You are performing a risk analysis of the environmental factors for your primary server equipment room. Which of the following environmental issues is most likely to affect an enclosed server room?
Cool temperatures
Flooding
High temperatures
High temperatures
Server rooms can quickly rise in temperature with so many systems running in an enclosed area. At high temperatures, CPUs and hard drives can shut down due to the excessive heat. Most server rooms contain air-conditioning systems that keep the temperature regulated and cooler than normal. If this air-conditioning system fails, the heat can dramatically rise within minutes
During disaster recovery planning, you must ensure you have a strategy in place for succession planning. Which of the following concepts describes succession planning?
Replacing key employees who are unavailable during a disaster
Organizing an emergency contact list
Having an alternate hot site facility in place
Replacing key employees who are unavailable during a disaster
Succession planning makes sure that you have replacements for key employees in the event they are unavailable during the disaster recovery phase. This requires that employees have the same security clearance and can immediately take over the responsibilities of another employee’s position
It has been determined that your organization is processing privacy data. Which of the following should be conducted?
Privacy implication assessment
Privacy processing assessment
Privacy impact assessment
Privacy impact assessment
A privacy impact assessment (PIA) is conducted when privacy data is being stored or processed; when conducted, the PIA will determine what type of data is being stored, how is it being stored, where is it being stored, and what might trigger a privacy lapse. Systems that require a PIA should incorporate increased controls to mitigate the risks of processing and storing privacy data