Ch.13

Question 1

The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:

Question 1 options:

Business continuity planning and testing

Disaster planning

Business management planning and testing

Enterprise disaster planning

Answer 1

Business continuity planning and testing

Question 2

When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it’s operational and financial position, what should be performed?

Question 2 options:

Business risk analysis

Business alert assessment

Business productivity analysis

Business impact analysis (BIA)

Answer 2

Business impact analysis (BIA)

Question 3

What type of plans include procedures to address redundancy and fault tolerance as well as data backups?

Question 3 options:

Enterprise recovery

Disaster recovery

Business recovery

Emergency recovery

Answer 3

Disaster recovery

Question 4

Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?

Question 4 options:

recovery site

recovery point

single point of failure

cascade point of failure

Answer 4

single point of failure

Question 5

A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:

Question 5 options:

service level agreement

recovery point objective

recovery time objective

service point agreement

Answer 5

service level agreement

Question 6

Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:

Question 6 options:

symmetric network

symmetric server

asymmetric network

asymmetric server

Answer 6

asymmetric server

Question 7

In what type of server cluster can services fail over from downed servers to functional servers?

Question 7 options:

symmetric network

asymmetric network

symmetric server

symmetric network

Answer 7

symmetric server

Question 8

How can an administrator keep devices powered when power is interrupted?

Question 8 options:

uninterruptible power supply

redundant power supply

uninterruptible system supply

replica power supply

Answer 8

uninterruptible power supply

Question 9

A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:

Question 9 options:

cold site

hot site

spare site

warm site

Answer 9

warm site

Question 10

A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a:

Question 10 options:

bollard

mantrap

Faraday cage

Newton cage

Answer 10

Faraday cage

Question 11

Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:

Question 11 options:

Computer forensics

Penetration testing

Vulnerability testing

Risk management

Answer 11

Computer forensics

Question 12

According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?

Question 12 options:

65

75

85

95

Answer 12

85

Question 13

What kind of data can be lost when a computer is turned off?

Question 13 options:

Volatile

Static

Non-volatile

Persistent

Answer 13

Volatile

Question 14

A snapshot of the current state of a computer that contains all current settings and data is known as what option below:

Question 14 options:

system standard

system view

system image

system baseline

Answer 14

system image

Question 15

What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?

Question 15 options:

baseline

mirror image

logical image

thin image

Answer 15

mirror image

Question 16

What term is used to describe a documentation of control over evidence, which is used to ensure that no unauthorized person was given the opportunity to corrupt the evidence?

Question 16 options:

chain of value

chain of use

chain of property

chain of custody

Answer 16

chain of custody

Question 17

Multiple sectors on a disk, when combined, are referred to as a:

Question 17 options:

cluster

track

slice

platter

Answer 17

cluster

Question 18

The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?

Question 18 options:

Disk slack

RAM slack

ROM slack

Edge slack

Answer 18

RAM slack

Question 19

What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?

Question 19 options:

RAM slack

Edge slack

Drive file slack

Sector slack

Answer 19

Drive file slack

Question 20

What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?

Question 20 options:

​RAID 0

​RAID 1

​RAID 2

​RAID 5

Answer 20

​RAID 5