Business Continuity Planning Flashcards

1
Q

QUESTION NO: 976 Which of the following could lead to the conclusion that a disaster recovery plan may not be operational within the timeframe the business needs to recover? A. )The alternate site is a warm site B. Critical recovery priority levels are not defined C. Offsite backups are located away from the alternate site D. The alternate site is located 70 miles away from the primary site

A

Answer: B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

QUESTION NO: 977 What are the four domains of communication in the disaster planning and recovery process? A. Plan manual, plan communication, primer for survival, warning and alarms B. Plan communication, primer for survival, escalation, declaration C. Plan manual, warning and alarm, declaration, primer for survival D. Primer for survival, escalation, plan communication, warning and alarm

A

Answer: C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

QUESTION NO: 978 The underlying reason for creating a disaster planning and recover strategy is to A. Mitigate risks associated with disaster. B. Enable a business to continue functioning without impact. C. Protect the organization’s people, place and processes. D. Minimize financial profile.

A

Answer: A Explanation: “Disaster recovery has the goal of minimizing the effects of a disaster and taking the necessary steps to ensure that the resources, personnel, and business processes are able to resume operation in a timely manner.” Pg 550 Shon Harris: All-in-One CISSP Certification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

QUESTION NO: 979 Which of the following is not a direct benefit of successful Disaster Recovery Planning? A. Maintain Nance of Business Continuity B. Protection of Critical Data C. Increase in IS performance D. Minimized Impact of a disaster

A

Answer: C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

QUESTION NO: 980 Organizations should not view disaster recovery as which of the following? A. committed expense B. discretionary expense C. enforcement of legal statues D. compliance with regulations

A

Answer: B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

QUESTION NO: 981 Which of the following statements pertaining to disaster recovery is incorrect? A. A recovery team’s primary task is to get the pre-defined critical business functions at the alternate backup processing site. B. A salvage team’s task is to ensure that the primary site returns to normal processing conditions C. The disaster recovery plan should include how the company will return from the alternate site to the primary site D. When returning to the primary site, the most critical applications should be brought back first

A

Answer: D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

QUESTION NO: 982 Which of the following statements pertaining to dealing with the media after a disaster occurred and disturbed the organization’s activities is incorrect? A. The CEO should always be the spokesperson for the company during a disaster B. The disaster recovery plan must include how the media is to be handled during the disaster C. The organization’s spokesperson should report bad news before the press gets ahold of it through another channel D. An emergency press conference site should be planned ahead

A

Answer: A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

QUESTION NO: 983 What is a disaster recovery plan for a company’s computer system usually focused on? A. Alternative procedures to process transactions B. The probability that a disaster will occur C. Strategic long-range planning D. Availability of compatible equipment at a hot site

A

Answer: A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

QUESTION NO: 984 What is the most critical piece to disaster recovery and continuity planning? A. Security Policy B. Management Support C. Availability of backup information processing facilities D. Staff training

A

Answer: B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

QUESTION NO: 985 Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan? A. it is unlikely to be affected by the same contingency B. it is close enough to become operation quickly C. is it close enough to serve it’s users D. it is convenient to airports and hotels

A

Answer: A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

QUESTION NO: 986 Which of the following are PRIMARY elements that are required when designing a Disaster Recovery Plan (DRP)? A. Back-up procedures, off-site storage, and data recover. B. Steering committee, emergency response team, and reconstruction team. C. Impact assessment, recover strategy, and testing. D. Insurance coverage, alternate site, and manual procedures.

A

Answer: C Explanation: The most critical piece to disaster recovery and continuity planning is management support. They must be convinced of its necessity. Therefore, a business case must be made to obtain this support. The business case can include current vulnerabilities, regulatory and legal obligations, current status of recovery plans, and recommendations. Management will mostly concerned with cost/benefit issues, so several preliminary numbers will need to be gathered and potential losses estimated. - Shon Harris All-in-one CISSP Certification Guide pg 595 There are four major elements of the BCP process Scope and Plan Initiation - this phase marks the beginning of the BCP process. IT entails creating the scope and other elements needed to define the parameters of the plan. Business Impact Assessment - A BIA is a process used to help business units understand the impact of a disruptive event. This phase includes the execution of a vulnerability assessment Business Continuity Plan Development - This term refers to using the information collection in the BIA to develop the actual business continuity plan. This process includes the areas of plan implementation, plan testing, and ongoing plan maintenance. Plan Approval and Implementation - This process involves getting the final senior management signoff, creating enterprise-wide awareness of the plan, and implementing a maintenance procedure for updating the plan as needed. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 380-381

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

QUESTION NO: 987 Emergency actions are taken at the incipient stage of a disaster with the objectives of preventing injuries or loss of life and of: A. determining the extent of property damage B. protecting evidence C. preventing looting and further damage D. mitigating the damage to avoid the need for recovery

A

Answer: D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

QUESTION NO: 988 Who should direct short-term recovery actions immediately following a disaster? A. Chief Information Officer B. Chief Operating Officer C. Disaster Recovery Manager D. Chief Executive Officer

A

Answer: C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

QUESTION NO: 989 The environment that must be protected includes all personnel, equipment, data, communication devices, power supply and wiring. The necessary level of protection depends on the value of data, the computer systems, and the company assets within the facility. The value of these items can be determined by what type of analysis? A. Critical-channel analysis B. Critical-route analysis C. Critical-path analysis D. Critical-conduit analysis

A

Answer: C Explanation: “The environment that must be protected through physical security controls includes all personnel, equipment, data, communication devices, power supplies, and wiring. The necessary level of protection depends on the value of the data, the computer systems, and the company assets within the facility. The value of these items can be determined by a critical-path analysis, which lists each piece of the infrastructure and what is necessary to keep those pieces healthy and operational.” Pg 255 Shon Harris: All-in-One CISSP Certification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

QUESTION NO: 990 Which of the following steps should be performed first in a business impact analysis (BIA)? A. Identify all business units within the organization B. Evaluate the impact of the disruptive events C. Estimate the Recovery Time Objectives (RTO) D. Evaluate the criticality of business functions

A

Answer: A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

QUESTION NO: 991 Which of the following steps is NOT one of the four steps of a Business Impact Analysis (BIA)? A. Notifying senior management B. Gathering the needed assessment materials C. Performing the vulnerability assessment D. Analyzing the information compiled

A

Answer: A Explanation: “A BIA generally takes the form of these four steps: Pg. 383 Krutz: CISSP Prep Guide: Gold Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

QUESTION NO: 992 What methodology is commonly used in Business Continuity Program? A. Work Group Recovery B. Business Impact Analysis C. Qualitative Risk Analysis D. Quantitative Risk Analysis

A

Answer: B Explanation: A BIA is performed at the beginning of disaster recovery and continuity planning to identify the areas that would suffer the greatest financial or operational loss in the event of a disaster or disruption. It identifies the company’s critical systems needed for survival and estimates the outage time that can be tolerated by the company as a result of disaster or disruption. - Shon Harris All-in-one CISSP Certification Guide pg 597

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

QUESTION NO: 993 Which of the following steps should be performed first in a business impact analysis (BIA)? A. Identify all business units within an organization B. Evaluate the impact of disruptive events C. Estimate the Recovery Time Objectives (RTO) D. Evaluate the criticality of business functions

A

Answer: A Explanation: “The initial step of the BIA is identifying which business units are critical to continuing an acceptable level of operations.” Pg 383 Krutz: CISSP Prep Guide: Gold Edition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

QUESTION NO: 994 Which is not one of the primary goals of BIA? A. Criticality Prioritization B. Down time estimation C. Determining requirements for critical business functions D. Deciding on various test to be performed to validate Business Continuity Plan

A

Answer: D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

QUESTION NO: 995 Which of the following is used to help business units understand the impact of a disruptive event? A. A risk analysis B. A Business Impact assessment C. A Vulnerability assessment D. A disaster recovery plan

A

Answer: B Reference: “The purpose of a BIA is to create a document to be used to help understand what impact a disruptive event would have on the business.” Pg 383 Krutz : CISSP Prep Guide: Gold Edition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

QUESTION NO: 996 A Business Impact Analysis (BIA) does not: A. Recommend the appropriate recovery solution B. Determine critical and necessary business functions and their resource dependencies C. Identify critical computer applications and the associated outage tolerance D. Estimate the financial and operation impact of a disruption

A

Answer: A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

QUESTION NO: 997 What assesses potential loss that could be caused by a disaster? A. The Business Assessment (BA) B. The Business Impact Analysis (BIA) C. The Risk Assessment (RA) D. The Business Continuity Plan (BCP)

A

Answer: B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

QUESTION NO: 998 During the course of a Business Impact Analysis (BIA) you will less likely: A. Estimate the financial and operational impact of a disruption B. Identify regulatory exposure C. Determine if functions Recovery Time Objective (RTO) D. Determine the impact upon the organizations market share and corporate image

A

Answer: C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

QUESTION NO: 999 Which of the following tasks is not usually part of a Business Impact Analysis (BIA)? A. Identify the type and quantity of resources required for recovery B. Identify the critical processes and the dependencies between them C. Identify organizational risks D. Develop a mission statement

A

Answer: D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

QUESTION NO: 1000 Which of the following will a Business Impact Analysis (BIA) NOT identify? A. Areas that would suffer the greatest financial or operation loss in the event of a disaster B. Systems critical to the survival of the enterprise C. The names of individuals to be contacted during a disaster D. The outage time that can be tolerated by the enterprise as a result of a disaster

A

Answer: C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

QUESTION NO: 1001 Which one the following is the primary goal of Business Continuity Planning? A. Sustain the organization. B. Recover from a major data center outage. C. Test the ability to prevent major outages. D. Satisfy audit requirements.

A

Answer: A Explanation: Simply put, business continuity plans are created to prevent interruptions to normal business activity. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 378

27
Q

QUESTION NO: 1002 Most of unplanned downtime of information systems is attributed to which of the following? A. Hardware failure B. Natural disaster C. Human error D. Software failure

A

Answer: A

28
Q

QUESTION NO: 1003 System reliability s increased by: A. A lower MTBF and a lower MTTR B. A higher MTBF and a lower MTTR C. A lower MTBF and a higher MTTR D. A higher MTBF and a higher MTTR

A

Answer: B Explanation: One prefers to have a higher MTBF and a lower MTTR. “Each device has a mean time between failure (MTBF) and a mean time to repair (MTTR). The MTBF estimate is used to determine the expected lifetime of a device or when an element within that device is expected to give out. The MTTR value is used to estimate the time it will take to repair the device and get it back into production.” Pg 267 Shon Harris: All-in-One CISSP Certification

29
Q

QUESTION NO: 1004 Which of the following is NOT a major element of Business Continuity Planning? A. Creation of a BCP committee B. Business Impact Assessment (BIA) C. Business Continuity Plan Development D. Scope plan initiation

A

Answer: A

30
Q

QUESTION NO: 1005 Which one of the following is a core infrastructure and service element of Business Continuity Planning (BCP) required to effectively support the business processes of an organization? A. Internal and external support functions. B. The change management process. C. The risk management process. D. Backup and restoration functions.

A

Answer: C Explanation: Pg 383 Krutz Gold Edition. Backup is not BCP.

31
Q

QUESTION NO: 1006 A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of primary concern? A. Marketing/Public relations B. Data/Telecomm/IS facilities C. IS Operations D. Facilities security

A

Answer: B

32
Q

QUESTION NO: 1007 When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems? A. Executive management staff B. Senior business unit management C. BCP committee D. Functional business units

A

Answer: B

33
Q

QUESTION NO: 1008 Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical System B. Vital System C. Sensitive System D. Non-critical system

A

Answer: A

34
Q

QUESTION NO: 1009 A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of primary concern? A. Marketing/Public Relations B. Data/Telecomm/IS facilities C. IS Operations D. Facilities security

A

Answer: B

35
Q

QUESTION NO: 1010 Business Continuity Plan development depends most on: A. Directives of Senior Management B. Business Impact Analysis (BIA) C. Scope and Plan Initiation D. Skills of BCP committee

A

Answer: B

36
Q

QUESTION NO: 1011 Which primary element of BCP includes carrying out vulnerability analysis? A. Scope and Plan Initiation B. Business Impact Assessment C. Business Continuity Plan Development D. Plan Approval and Implementation

A

Answer: B

37
Q

QUESTION NO: 1012 To mitigate the impact of a software vendor going out of business, a company that uses vendor software should require which one of the following? A. Detailed credit investigation prior to acquisition. B. Source code held in escrow. C. Standby contracts with other vendors. D. Substantial penalties for breech of contract.’

A

Answer: B Explanation: The original answer was C however this is incorrect for this case. SLA and standby are good ideas but in this case B is right. “A software escrow arrangement is a unique tool used to protect a company against the failure of a software developer to provide adequate support for its products or against the possibility that the developer will go out of business and no technical support will be available for the product….Under a software escrow agreement, the developer provides copies of the application source code to an independent third-party organization. The third party then maintains updated backup copies of the source code in a secure fashion. The agreement between the end user and the developer specifies “trigger events”, such as the failure of the developer to meet terms of a service level agreement (SLA) or the liquidation of the developer’s firm.” - Ed Tittle CISSP Study Guide (sybex) pg 550

38
Q

QUESTION NO: 1013 Similarity between all recovery plans is: A. They need extensive testing B. They need to be developed by business continuity experts C. They become obsolete quickly D. The create employment opportunities

A

Answer: C

39
Q

QUESTION NO: 1014 Which of the following focuses on sustaining an organizations business functions during and after a disruption? A. Business continuity plan B. Business recovery plan C. Continuity of operations plan D. Disaster recovery plan

A

Answer: A

40
Q

QUESTION NO: 1015 What is not one of the drawbacks of a hot site? A. Need Security controls, as it usually contain mirror copies of live production data B. Full redundancy in hardware, software, communication lines, and applications lines is very expensive C. The hot sites are available immediately or within maximum allowable downtime (MTD) D. They are administratively resource intensive, as transaction redundancy controls need to be implemented to keep data up-to-date

A

Answer: C

41
Q

QUESTION NO: 1016 Which one of the following processing alternatives involves a ready-to-use computing facility with telecommunications equipment, but not computers? A. Company-owned hot site B. Commercial hot site C. Cold site D. Warm site

A

Answer: D Explanation: “Warm Site - These facilities are usually partially configured with some equipment, but not the actual computers.” - Shon Harris All-in-one CISSP Certification Guide pg 613

42
Q

QUESTION NO: 1017 What is a hot-site facility? A. A site with pre-installed computers, raised flooring, air conditioning, telecommunications, and networking equipment, and UPS B. A site is which space is reserved with pre-installed wiring and raised floors C. A site with raised flooring, air conditioning, telecommunications, and networking equipment, and UPS D. A site with ready made work space with telecommunications equipment, LANs, PCs, and terminals with work groups

A

Answer: A

43
Q

QUESTION NO: 1018 Contracts and agreements are unenforceable in which of the following alternate back facilities? A. hot site B. warm site C. cold site D. reciprocal agreement

A

Answer: D

44
Q

QUESTION NO: 1019 Which of the following computer recovery sites is the least expensive and the most difficulty to test? A. non-mobile hot site B. mobile hot site C. warm site D. cold site

A

Answer: D

45
Q

QUESTION NO: 1020 Which of the following is an advantage of the use of hot sites as a backup alternative? A. The costs associated with hot sites are low B. Hot sites can be made ready for operation within a short period of time C. Hot sites can be used for an extended amount of time D. Hot sites do not require that equipment and systems software be compatible with the primary installation being backed up

A

Answer: B

46
Q

QUESTION NO: 1021 What is not a benefit of Cold Sites? A. No resource contention with other organization B. Quick Recovery C. Geographical location that is not affected by the same disaster D. low cost

A

Answer: B

47
Q

QUESTION NO: 1022 What is the PRIMARY reason that reciprocal agreements between independent organizations for backup processing capability are seldom used? A. Lack of successful recoveries using reciprocal agreements. B. Legal liability of the host site in the event that the recovery fails. C. Dissimilar equipment used by disaster recovery organization members. D. Difficulty in enforcing the reciprocal agreement.

A

Answer: D Explanation: “Reciprocal agreements are at best a secondary option for disaster protection. The agreements are not enforceable, so there is no guarantee that this facility will really be available to the company in a time of need.” Pg 615 Shon Harris CISSP All-In-One Certification Exam Guide

48
Q

QUESTION NO: 1023 Which of the following alternative business recovery strategies would be LEAST appropriate in a large database and on-line communications network environment where the critical business continuity period is 7 days? A. Hot site B. Warm site C. Duplicate information processing facilities D. Reciprocal agreement

A

Answer: D

49
Q

QUESTION NO: 1024 A contingency plan should address: A. Potential risks B. Residual risks C. Identified risks D. All of the above

A

Answer: B

50
Q

QUESTION NO: 1025 Prior to a live disaster test, which of the following is most important? A. Restore all files in preparation for the test B. Document expected findings C. Arrange physical security for the test site D. Conduct a successful structured walk-through

A

Answer: D

51
Q

QUESTION NO: 1026 Which of the following business continuity stages ensures the continuity strategy remains visible? A. Backup, Recover and Restoration B. Testing Strategy Development C. Post Recovery Transition Data Development D. Implementation, Testing and Maintenance

A

Answer: D Explanation: Once the strategies have been decided upon, they need to be documented and put into place. This moves the efforts from a purely planning stage to an actual implementation and action phase…The disaster recovery and continuity plan should be tested periodically because an environment continually changes and each time it is tested, more improvements may be uncovered…The plan’s maintenance can be incorporated into change management procedures so that any changes in the environment will be sure to be reflected in the plan itself. - Shon Harris Allin- one CISSP Certification Guide pg 611

52
Q

QUESTION NO: 1027 During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable? A. Measurement of accuracy B. Elapsed time for completion of critical tasks C. Quantitatively measuring the results of the test D. Evaluation of the observed test results

A

Answer: C

53
Q

QUESTION NO: 1028 Which of the following recovery plan test results would be most useful to management? A. elapsed time to perform various activities B. list of successful and unsuccessful activities C. amount of work completed D. description of each activity

A

Answer: B

54
Q

QUESTION NO: 1029 Failure of a contingency plan is usually: A. A technical failure B. A management failure C. Because of a lack of awareness D. Because of a lack of training

A

Answer: B

55
Q

QUESTION NO: 1030 The first step in contingency planning is to perform: A. A hardware backup B. A data backup C. An operating system software backup D. An application software backup

A

Answer: B

56
Q

QUESTION NO: 1031 Which of the following server contingency solutions offers the highest availability? A. System backups B. Electronic vaulting/remote journaling C. Redundant arrays of independent disks (RAID) D. Load balancing/disk replication

A

Answer: D

57
Q

QUESTION NO: 1032 Which of the following statement pertaining to the maintenance of an IT contingency plan is incorrect? A. The plan should be reviewed at least once a year for accuracy and completeness B. The Contingency Planning Coordinator should make sure that every employee gets an up-todate copy of the plan C. Strict version control should be maintained D. Copies of the plan should be provided to recovery personnel for storage at home and office

A

Answer: B

58
Q

QUESTION NO: 1033 Which disaster recovery plan test involves functional representatives meeting to review the plan in detail? A. Simulation test B. Checklist test C. Parallel test D. Structured walkthrough test

A

Answer: D Explanation: “Structured walk-through: Pg 699 Hansche: Official (ISC)2 Guide to the CISSP Exam

59
Q

QUESTION NO: 1034 What is the MAIN purpose of periodically testing off-site hardware backup facilities? A. To eliminate the need to develop detailed contingency plans B. To ensure that program and system documentation remains current C. To ensure the integrity of the data in the database D. To ensure the continued compatibility of the contingency facilities

A

Answer: D

60
Q

QUESTION NO: 1035 Scheduled tests of application contingency plans should be based on the A. Size and complexity of the application. B. Number of changes to the application. C. Criticality of the application. D. Reliability of the application.

A

Answer: C Explanation: Time sensitivity and mission criticality in conjunction with budgetary limitations, level of threat and degree of risk will be major factors in the development of recommended strategies Reference: http://csrc.nist.gov/groups/SMA/fasp/documents/contingency_planning/contingencyplantemplate. doc Note: All though not directly answering the question a little inference lead to this “Priorities - It is extremely important to know what is critical versus nice to have… It is necessary to know which department must come online first, which second, and so on…It maybe more necessary to ensure that the database is up and running before working to bring the file server online.” - Shon Harris All-in-one CISSP Certification Guide pg 604

61
Q

QUESTION NO: 1036 Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix? A. Contact information for all personnel B. Vendor contract information, including offsite storage and alternate site C. Equipment ad system requirements lists of hardware, software, firmware, and other resources required to support system operations D. The Business Impact Analysis

A

Answer: D Explanation: You use the BIA as a guideline to create the contingency plan.

62
Q

QUESTION NO: 1037 The first step in contingency planning is to perform: A. A hardware backup B. A data backup C. An operating system software backup D. An application software backup

A

Answer: B

63
Q

QUESTION NO: 1038 Which of the following teams should not be included in an organization’s contingency plan? A. Damage assessment team B. Hardware salvage team C. Tiger team D. Legal affairs team

A

Answer: C Explanation: Tiger is an algorithm Excerpt is from CISSP / Shon Harris / 5th edition.