Chapter 9 – Operations Management

Question 1

What is OS Logging?

Answer 1

Integral toolsets for monitoring performance and events; set OS logs to alert admins when usage approaches a level of capacity utilization, performance degradation, CPU usage, memory usage, disk space, disk I/O timing.

Question 2

What is the ASHRAE recommended temperature range for data centers?

Answer 2

64-81 degrees F.

Question 3

What is the ASHRAE recommended humidity range for data centers?

Answer 3

Dew point 42-59 degrees F; 60% relative humidity.

Question 4

What is Maintenance Mode?

Answer 4

All operational instances are removed from the system/device before entering this mode; prevent all new logins; ensure logging is continued; begin enhanced logging.

Question 5

What does CI/CD stand for?

Answer 5

Continuous Integration/Continuous Delivery; incorporates heavy use of automation to shorten software delivery pipeline; includes administrative and technical controls.

Question 6

What is ISO/IEC 20000-1?

Answer 6

Defines a set of operational controls and standards organizations can use to manage IT services; used to manage ITSM using approaches of ITIL and ISACA COBIT framework.

Question 7

What is the goal of IT Service Management (ITSM)?

Answer 7

To identify user needs, design IT service to meet those needs, deploy it, then enter a cycle of continuous improvements.

Question 8

What is the focus of Business Continuity (BC) efforts?

Answer 8

Maintaining critical operations.

Question 9

What is the focus of Disaster Recovery (DR) efforts?

Answer 9

Resumption of operations due to disaster.

Question 10

What is the difference between an event and a disaster?

Answer 10

An event is an unscheduled impact to the operating environment lasting three days or less; disasters last longer.

Question 11

What is the most important planning and effort in BC/DR?

Answer 11

Health and human safety; notification, evacuation, protection, and egress will need to be prioritized.

Question 12

What does MAD stand for?

Answer 12

Maximum Allowable Downtime; how long an interruption will stop operations.

Question 13

What is MTTR?

Answer 13

Mean Time to Repair; average amount of time it takes to repair a system/device that is down.

Question 14

What is RTO?

Answer 14

Recovery Time Objective; BC/DR goal for recovery of operation, measured in time; must be less than the MAD.

Question 15

What is RPO?

Answer 15

Recovery Point Objective; BC/DR goal for limiting loss of data from unplanned event, measured in time.

Example: An organization resumes critical operations at an alternate operating site with the last full backup; if they back up every day, RPO will be 24 hours.

Question 16

What is ALE?

Answer 16

Annual Loss Expectancy; amount an organization should expect to lose annually based on any one type of incident; ARO x SLE = ALE.

Question 17

What does ARO stand for?

Answer 17

Annual Rate of Occurrence; rate of occurrence of a specific event/incident.

Question 18

What does SLE stand for?

Answer 18

Single Loss Expectancy; amount of expected damage/loss from any single specific security incident.

Question 19

What is the purpose of a UPS?

Answer 19

Should last long enough for graceful shutdown of affected system, can provide line conditioning, adjusting power to optimize for the devices it serves and smooth power fluctuations.

Question 20

What is the role of generators in power supply?

Answer 20

Supply close to immediate power when utility electricity is interrupted and have automatic transfer switches; minimum of 12 hours of fuel for all generators.

Question 21

What is Tabletop Testing?

Answer 21

Essential participants work together at a scheduled time; InfoSec equivalent of role-playing games; least impact on production of testing alternatives.

Question 22

What is a Dry Run?

Answer 22

Whole organization takes part in a scenario at a scheduled time; impacts productivity.

Question 23

What is a Full Test?

Answer 23

Entire organization takes part in an unscheduled, unannounced practice scenario, performing full BC/DR activities; includes system failover, facility evacuation, used for detecting shortcomings in the plan; greatest impact on productivity.