CISSP (Chapter 8 - Business Continuity and Disaster Recovery) Flashcards
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
What action should take place to restore a system and its data files after a system failure?A. Restore from storage media backup.B. Perform a parallel test.C. Implement recovery procedures.D. Perform a walk-through test.
C. In this and similar situations, recovery procedures should be followed, which most likely include recovering data from the backup media. Recovery procedures could include proper steps for rebuilding a system from the beginning, applying the necessary patches and configurations, and ensuring that what needs to take place to ensure productivity is not affected. Some type of redundant system may need to be put into place.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
What is one of the first steps in developing a business continuity plan?A. Identify a backup solution.B. Perform a simulation test.C. Perform a business impact analysis.D. Develop a business resumption plan.
C. A business impact analysis includes identifying critical systems and functions of a company and interviewing representatives from each department. Once management’s support is solidified, a business impact analysis needs to be performed to identify the threats the company faces and the potential costs of these threats.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
How often should a business continuity plan be tested?A. At least every ten yearsB. Only when the infrastructure or environment changesC. At least every two yearsD. Whenever there are significant changes in the organization and annually
D. The plans should be tested if there have been substantial changes to the company or the environment. They should also be tested at least once a year.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
During a recovery procedure test, one important step is to maintain records of important events that happen during the test. What other step is just as important?A. Schedule another test to address issues that were identified during that procedure.B. Make sure someone is prepared to talk to the media with the appropriate responses.C. Report the events to management.D. Identify essential business functions.
C. When recovery procedures are carried out, the outcome of those procedures should be reported to the individuals who are responsible for this type of activity, which is usually some level of management. If the procedures worked properly, management should know it, and if problems were encountered, management should definitely be made aware of them. Members of management are the ones who are responsible overall for fixing the recovery system and will be the ones to delegate this work and provide the necessary funding and resources.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which of the following actions is least important when quantifying risks associated with a potential disaster?A. Gathering information from agencies that report the probability of certain natural disasters taking place in that areaB. Identifying the company’s key functions and business requirementsC. Identifying critical systems that support the company’s operationsD. Estimating the potential loss and impact the company would face based on how long the outage lasted
A. The question asked you about quantifying the risks, which means to calculate the potential business impact of specific disasters. The core components of a business impact analysis are• Identifying the company’s key functions and business requirements• Identifying critical systems that support the company’s operations• Estimating the potential loss and impact the company would face based on how long the outage lastedGathering information from agencies that report the probability of certain natural disasters taking place in that area is an important piece in determining the probability of these threats, but it is considered least necessary when quantifying the potential damage that could be experienced.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
The purpose of initiating emergency procedures right after a disaster takes place is to prevent loss of life and injuries, and to _______________.A. Secure the area to ensure that no looting or fraud takes placeB. Mitigate further damageC. Protect evidence and cluesD. Investigate the extent of the damages
B. The main goal of disaster recovery and business continuity plans is to mitigate all risks that could be experienced by a company. Emergency procedures first need to be carried out to protect human life, and then other procedures need to be executed to reduce the damage from further threats.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which of the following is the best way to ensure that the company’s backup tapes can be restored and used at a warm site?A. Retrieve the tapes from the offsite facility, and verify that the equipment at the original site can read them.B. Ask the offsite vendor to test them, and label the ones that were properly read.C. Test them on the vendor’s machine, which won’t be used during an emergency.D. Inventory each tape kept at the vendor’s site twice a month.
A. A warm site is a facility that will not be fully equipped with the company’s main systems. The goal of using a warm site is that, if a disaster takes place, the company will bring its systems with it to the warm site. If the company cannot bring the systems with it because they are damaged, the company must purchase new systems that are exactly like the original systems. So, to properly test backups, the company needs to test them by recovering the data on its original systems at its main site.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which best describes a hot-site facility versus a warm- or cold-site facility?A. A site that has disk drives, controllers, and tape drivesB. A site that has all necessary PCs, servers, and telecommunicationsC. A site that has wiring, central air-conditioning, and raised flooringD. A mobile site that can be brought to the company’s parking lot
B. A hot site is a facility that is fully equipped and properly configured so that it can be up and running within hours to get a company back into production. Answer B gives the best definition of a fully functionally environment.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which is the best description of remote journaling?A. Backing up bulk data to an offsite facilityB. Backing up transaction logs to an offsite facilityC. Capturing and saving transactions to two mirrored servers in-houseD. Capturing and saving transactions to different media types
B. Remote journaling is a technology used to transmit data to an offsite facility, but this usually only includes moving the journal or transactionlogs to the offsite facility, not the actual files.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which of the following is something that should be required of an offsite backup facility that stores backed-up media for companies?A. The facility should be within 10 to 15 minutes of the original facility to ensure easy access.B. The facility should contain all necessary PCs and servers and should have raised flooring.C. The facility should be protected by an armed guard.D. The facility should protect against unauthorized access and entry.
D. This question addresses a facility that is used to store backed-up data; it is not talking about an offsite facility used for disaster recovery purposes. The facility should not be only 10 to 15 minutes away, because some types of disasters could destroy both the company’s main facility and this facility if they are that close together, in which case the company would lose all of its information. The facility should have the same security standards as the company’s security, including protection against unauthorized access.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which item will a business impact analysis not identify?A. Whether the company is best suited for a parallel or full-interrupt testB. What areas would suffer the greatest operational and financial loss in the event of a particular disaster or disruptionC. What systems are critical for the company and must be highly protectedD. What amount of outage time a company can endure before it is permanently crippled
A. All the other answers address the main components of a business impact analysis. Determining the best type of exercise or drill to carry out is not covered under this type of analysis
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which areas of a company are recovery plans recommended for?A. The most important operational and financial areasB. The areas that house the critical systemsC. All areasD. The areas that the company cannot survive without
C. It is best if every department within the company has its own contingency plan and procedures in place. These individual plans would “roll up” into the overall enterprise BCP.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Who has the final approval of the business continuity plan?A. The planning committeeB. Each representative of each departmentC. ManagementD. External authority
C. Management really has the final approval over everything within a company, including these plans.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
Which is the proper sequence of steps followed in business continuity management?A. Project initiation, strategy development, business impact analysis, plan development, implementation, testing, and maintenanceB. Strategy development, project initiation, business impact analysis, plan development, implementation, testing, and maintenanceC. Implementation and testing, project initiation, strategy development, business impact analysis, and plan developmentD. Plan development, project initiation, strategy development, business impact analysis, implementation, testing, and maintenance
A. These steps outline the processes that should take place in the correct order from beginning to end in business continuity management.
CISSP (Chapter 8 - Business Continuity and Disaster Recovery)
What is the most crucial requirement in developing a business continuity plan?A. Business impact analysisB. Implementation, testing, and following throughC. Participation from each and every departmentD. Management support
D. Management’s support is the first thing to obtain before putting any real effort into developing these plans. Without management’s support, the effort will not receive the necessary attention, resources, funds, or enforcement.