CHAPTER 18 Questions Flashcards

1
Q

James is working with his organization’s leadership to help them understand the role that disaster recovery plays in their cybersecurity strategy. The leaders are confused about the differences between disaster recovery and business continuity. What is the end goal of disaster recovery planning?

A. Preventing business interruption
B. Setting up temporary business operations
C. Restoring normal business activity
D. Minimizing the impact of a disaster

A

C. Restoring normal business activity

Once a disaster interrupts the business operations, the goal of DRP is to restore regular business activity as quickly as possible. Thus, disaster recovery planning picks up where business continuity planning leaves off. Preventing business interruption is the goal of business continuity, not disaster recovery programs. Although disaster recovery programs are involved in restoring normal activity and minimizing the impact of disasters, this is not their end goal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Kevin is attempting to determine an appropriate backup frequency for his organization’s database server and wants to ensure that any data loss is within the organization’s risk appetite. Which one of the following security process metrics would best assist him with this task?

A. RTO
B. MTD
C. RPO
D. MTBF

A

C. RPO

The recovery point objective (RPO) specifies the maximum amount of data that may be lost during a disaster and should be used to guide backup strategies. The maximum tolerable downtime (MTD) and recovery time objective (RTO) are related to the duration of an outage, rather than the amount of data lost. The mean time between failures (MTBF) is related to the frequency of failure events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Brian’s organization recently suffered a disaster and wants to improve their disaster recovery program based on their experience. Which one of the following activities will best assist with this task?

A. Training programs
B. Awareness efforts
C. BIA review
D. Lessons learned

A

D. Lessons learned

The lessons learned session captures discoveries made during the disaster recovery process and facilitates continuous improvement. It may identify deficiencies in training and awareness or in the business impact analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Adam is reviewing the fault-tolerance controls used by his organization and realizes that they currently have a single point of failure in the disks used to support a critical server. Which one of the following controls can provide fault tolerance for these disks?

A. Load balancing
B. RAID
C. Clustering
D. HA pairs

A

B. RAID

Redundant arrays of inexpensive disks (RAID) are a fault-tolerance control that allow an organization’s storage service to withstand the loss of one or more individual disks. Load balancing, clustering, and high-availability (HA) pairs are all fault-tolerance services designed for server compute capacity, not storage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Brad is helping to design a disaster recovery strategy for his organization and is analyzing possible storage locations for backup data. He is not certain where the organization will recover operations in the event of a disaster and would like to choose an option that allows them the flexibility to easily retrieve data from any DR site. Which one of the following storage locations provides the best option for Brad?

A. Primary data center
B. Field office
C. Cloud computing
D. IT manager’s home

A

C. Cloud computing

Cloud computing services provide an excellent location for backup storage because they are accessible from any location. The primary data center is a poor choice, since it may be damaged during a disaster. A field office is reasonable, but it is in a specific location and is not as flexible as a cloud-based approach. The IT manager’s home is a poor choice—the IT manager may leave the organization or may not have appropriate environmental and physical security controls in place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following statements about business continuity planning and disaster recovery planning are correct? (Choose all that apply.)

A. Business continuity planning is focused on keeping business functions uninterrupted when a disaster strikes.
B. Organizations can choose whether to develop business continuity planning or disaster recovery planning plans.
C. Business continuity planning picks up where disaster recovery planning leaves off.
D. Disaster recovery planning guides an organization through recovery of normal operations at the primary facility.

A

A. Business continuity planning is focused on keeping business functions uninterrupted when a disaster strikes.
B. Organizations can choose whether to develop business continuity planning or disaster recovery planning plans.
D. Disaster recovery planning guides an organization through recovery of normal operations at the primary facility.

The only incorrect statement here is that business continuity planning picks up where disaster recovery planning leaves off. In fact, the opposite is true: disaster recovery planning picks up where business continuity planning leaves off. The other three statements are all accurate reflections of the role of business continuity planning and disaster recovery planning. Business continuity planning is focused on keeping business functions uninterrupted when a disaster strikes. Organizations can choose whether to develop business continuity planning or disaster recovery planning plans, although it is highly recommended that they do so. Disaster recovery planning guides an organization through recovery of normal operations at the primary facility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Tonya is reviewing the flood risk to her organization and learns that their primary data center resides within a 100-year flood plain. What conclusion can she draw from this information?

A. The last flood of any kind to hit the area was more than 100 years ago.
B. The odds of a flood at this level are 1 in 100 in any given year.
C. The area is expected to be safe from flooding for at least 100 years.
D. The last significant flood to hit the area was more than 100 years ago.

A

B. The odds of a flood at this level are 1 in 100 in any given year.

The term 100-year flood plain is used to describe an area where flooding is expected once every 100 years. It is, however, more mathematically correct to say that this label indicates a 1 percent probability of flooding in any given year.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Randi is designing a disaster recovery mechanism for her organization’s critical business databases. She selects a strategy where an exact, up-to-date copy of the database is maintained at an alternative location. What term describes this approach?

A. Transaction logging
B. Remote journaling
C. Electronic vaulting
D. Remote mirroring

A

D. Remote mirroring

When you use remote mirroring, an exact copy of the database is maintained at an alternative location. You keep the remote copy up to date by executing all transactions on both the primary and remote sites at the same time. Electronic vaulting follows a similar process of storing all data at the remote location, but it does not do so in real time. Transaction logging and remote journaling options send logs, rather than full data replicas, to the remote location.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bryn runs a corporate website and currently uses a single server, which is capable of handling the site’s entire load. She is concerned, however, that an outage on that server could cause the organization to exceed its RTO. What action could she take that would best protect against this risk?

A. Install dual power supplies in the server.
B. Replace the server’s hard drives with RAID arrays.
C. Deploy multiple servers behind a load balancer.
D. Perform regular backups of the server.

A

C. Deploy multiple servers behind a load balancer.

All of these are good practices that could help improve the quality of service that Bryn provides from her website. Installing dual power supplies or deploying RAID arrays could reduce the likelihood of a server failure, but these measures only protect against a single risk each. Deploying multiple servers behind a load balancer is the best option because it protects against any type of risk that would cause a server failure. Backups are an important control for recovering operations after a disaster and different backup strategies could indeed alter the RTO, but it is even better if Bryn can design a web architecture that lowers the risk of the outage occurring in the first place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Carl recently completed his organization’s annual business continuity plan refresh and is now turning his attention to the disaster recovery plan. What output from the business continuity plan can he use to prepare the business unit prioritization task of disaster recovery planning?

A. Vulnerability analysis
B. Business impact analysis
C. Risk management
D. Continuity planning

A

B. Business impact analysis

During the business impact analysis phase, you must identify the business priorities of your organization to assist with the allocation of BCP resources. You can use this same information to drive the disaster recovery planning business unit prioritization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Nolan is considering the use of several different types of alternate processing facility for his organization’s data center. Which one of the following alternative processing sites takes the longest time to activate but has the lowest cost to implement?

A. Hot site
B. Mobile site
C. Cold site
D. Warm site

A

C. Cold site

The cold site contains none of the equipment necessary to restore operations. All of the equipment must be brought in and configured and data must be restored to it before operations can commence. This process often takes weeks, but cold sites also have the lowest cost to implement. Hot sites, warm sites, and mobile sites all have quicker recovery times.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Ingrid is concerned that one of her organization’s data centers has been experiencing a series of momentary power outages. Which one of the following controls would best preserve their operating status?

A. Generator
B. Dual power supplies
C. UPS
D. Redundant network links

A

C. UPS

Uninterruptible power supplies (UPSs) provide a battery-backed source of power that is capable of preserving operations in the event of brief power outages. Generators take a significant amount of time to start and are more suitable for longer-term outages. Dual power supplies protect against power supply failures and not power outages. Redundant network links are a network continuity control and do not provide power.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which one of the following items is a characteristic of hot sites but not a characteristic of warm sites?

A. Communications circuits
B. Workstations
C. Servers
D. Current data

A

D. Current data

Warm sites and hot sites both contain workstations, servers, and the communications circuits necessary to achieve operational status. The main difference between the two alternatives is the fact that hot sites contain near-real-time copies of the operational data and warm sites require the restoration of data from backup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Harry is conducting a disaster recovery test. He moved a group of personnel to the alternate recovery site, where they are mimicking the operations of the primary site but do not have operational responsibility. What type of disaster recovery test is he performing?

A. Checklist test
B. Structured walk-through
C. Simulation test
D. Parallel test

A

D. Parallel test

The parallel test involves relocating personnel to the alternate recovery site and implementing site activation procedures. Checklist tests, structured walk-throughs, and simulations are all test types that do not involve actually activating the alternate site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What type of document will help public relations specialists and other individuals who need a high-level summary of disaster recovery efforts while they are under way?

A. Executive summary
B. Technical guides
C. Department-specific plans
D. Checklists

A

A. Executive summary

The executive summary provides a high-level view of the entire organization’s disaster recovery efforts. This document is useful for the managers and leaders of the firm as well as public relations personnel who need a nontechnical perspective on this complex effort.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What disaster recovery planning tool can be used to protect an organization against the failure of a critical software firm to provide appropriate support for their products?

A. Differential backups
B. Business impact analysis
C. Incremental backups
D. Software escrow agreement

A

D. Software escrow agreement

Software escrow agreements place the application source code in the hands of an independent third party, thus providing firms with a “safety net” in the event a developer goes out of business or fails to honor the terms of a service agreement.

17
Q

What type of backup involves always storing copies of all files modified since the most recent full backup?

A. Differential backups
B. Partial backup
C. Incremental backups
D. Database backup

A

A. Differential backups

Differential backups involve always storing copies of all files modified since the most recent full backup, regardless of any incremental or differential backups created during the intervening time period.

18
Q
  1. You operate a grain processing business and are developing your restoration priorities. Which one of the following systems would likely be your highest priority?
    A. Order-processing system
    B. Fire suppression system
    C. Payroll system
    D. Website
A
19
Q

What combination of backup strategies provides the fastest backup restoration time?

A. Full backups and differential backups
B. Partial backups and incremental backups
C. Full backups and incremental backups
D. Incremental backups and differential backups

A

A. Full backups and differential backups

Any backup strategy must include full backups at some point in the process. If a combination of full and differential backups is used, a maximum of two backups must be restored. If a combination of full and incremental backups is chosen, the number of required restorations may be large.

20
Q

What type of disaster recovery plan test fully evaluates operations at the backup facility but does not shift primary operations responsibility from the main site?

A. Structured walk-through
B. Parallel test
C. Full-interruption test
D. Simulation test

A

B. Parallel test

Parallel tests involve moving personnel to the recovery site and gearing up operations, but responsibility for conducting day-to-day operations of the business remains at the primary operations center.