CISSP (Domain 8 - Business Continuity and Disaster Recover Planning)

Question 1

Business Continuity Planning (BCP)

Answer 1

• Short-term
• project scope, planning, business impact analysis, recovery strategy, recovery plan development, implementation
• put in place for business to funcation

Question 2

Disaster Recovery Planning (DRP)

Answer 2

• Long-term

- recovery plan development, implementation, restoration

Question 3

NIST 800-34

Answer 3

Business Continuity Standard

Question 4

Business Continuity Planning (BCP) - Senior Management Responsibilities (7 Things)

Answer 4

• Support and finalize plans
• Setting the business continuity policy
• Prioritizing critical business functions
• Allocating sufficient resources and personnel
• Providing oversight for and approving the BCP
• Directing and reviewing test results
• Ensuring maintenance of a current plan

Question 5

Business Continuity Planning (BCP) - Senior

Functional Management Responsibilities (5 Things)

Answer 5

• Develop and document maintenance and testing strategy
• Identify and prioritize mission-critical systems
• Monitor progress of plan development and execution
• Ensure period tests
• Create the various teams necessary to execute the plans

*Department Head

Question 6

Business Continuity Planning (BCP) - Committee

Answer 6

• Execute the BIA
• Coordinate with department representatives
• Develop analysis group
• Findings are input to BR/DR

Question 7

Business Continuity Planning (BCP) - Rescue Team

Answer 7

Deals with the immediacy of disaster

• Employee evacuation
• Crashing the server room

Question 8

Business Continuity Planning (BCP) - Recovery Team

Answer 8

Gets the alternative facility up and running

Question 9

Business Continuity Planning (BCP) - Salvage Team

Answer 9

Return of operations to the original or permanent facility

Question 10

7 Phases of a Business Continuity Planning (BCP)

Answer 10

• Project initiation
• Business impact analysis
• Risk analysis
• Risk mitigation
• Implementation
• Test
• Maintenance

Question 11

Business Impact Analysis (BIA)

Answer 11

• See how company would be affected by different identified threats
• Quantitative and Qualitative information gathered
• First step in disaster recovery planning

Question 12

3 Priority Goals of Business Impact Analysis (BIA)

Answer 12

• Prioritize critical functions
• Determine requirements/applications which serve core business functions
• Estimate amount of downtime company can handle

Question 13

Management Should Establish Recovery Priorities for Business Processes That Identify These 5 Things

Answer 13

• Essential personnel
• Technologies
• Facilities
• Communications systems
• Vital records and data

Question 14

Recovery Point Objective (RPO) - BIA Key Metric

Answer 14

Maximum sustainable data loss based on backup schedules and data needs

• Weekly, hourly, daily?

Question 15

Recovery Time Objective (RTO) - BIA Key Metric

Answer 15

Duration of time required to bring critical systems back online

• System recovery time

Question 16

Work Recovery Time (WRT) - BIA Key Metric

Answer 16

Duration of time needed to recover lost data (Based on RPO) and to enter data resulting from work backlogs

• Manual workload

Question 17

Maximum Tolerable Downtime (MTD) - BIA Key Metric

Answer 17

Duration of Recovery Time Objective (RTO) and Work Recovery Time (WRT)

• Max time a business can tolerate the downtime of a particular business function

Question 18

3 Threats to Disaster Recovery and Continuity Planning

MNT

Answer 18

• Man-made: Fires, Terrorism, Hackers, Riots
• Natural: Tornado, Flood, Earthquake
• Technical: Power outage, device failure, virus infection

Question 19

3 Categories of Disruptions

Answer 19

• Non-disaster: Device malfunction, disruption of service
• Disaster: Entire facility unusable for a day or longer
• Catastrophe: Destroys facility

Question 20

Short-term Loss Criteria (4 Things)

Answer 20

• loss in profits
• Loss in productivity
• Increase in operational expenses
• Violations of contract agreements

Question 21

Loss Criteria

Answer 21

Once threats are identified and critical business functions are understood, a specific loss criteria must be developed

Question 22

Long-Term Loss Criteria (4 Things)

Answer 22

• Delayed income costs
• Loss in repudiation and public confidence
• Loss of compensation advantages
• Hidden Costs (Not always insurance expenses)

Question 23

Results from Business Impact Analysis (BIA) (5 Things)

Answer 23

• Identified critical departments and required resources
• Identified threats and risks
• Impact company can handle dealing with each risk
• Outage time that would not be critical
• Recovery alternatives
• then document for management approval and create recovery plans

Question 24

4 Disaster Recovery Plan Objectives

Answer 24

• Protect company if parts or all of services become unusable
• Improve responsiveness by employees in different situations
• Guarantee reliability of standby systems
• If employee knows what they are expected to do during disaster, management can address larger picture

Question 25

Goals Must Contain These 4 things for a Useful Disaster Recovery Plan
(RAPI)

Answer 25

• Responsibility: Each individual involved knows what they need to do (training/drills)
• Authority: Importation to know who is in charge
• Priorities: Know what is critical vs. what is nice to have. Different departments need different items
• Implementation and Testing: Plan put into action

Question 26

Number 1 Priority in Disaster Recovery

Answer 26

Safety of People

Question 27

2 Priorities in Disaster Recovery Planning Testing

Answer 27

• Protect company as a whole

- Minimize property damage

Question 28

Written Recovery Plan Should Include - Disaster Recovery Plan (10 Things)

Answer 28

• Activation criteria and Procedure
• People: operations, technical, business requirements
• Facility issues: main facility and backup sites
• Utilities: power, telecommunications
• Hardware: servers, workstations
• Vendor assistance and service providers
• Software: operating systems, applications, data
• Supplies: hvac, ups, office supplies
• Recovery and emergency procedures
• Critical documentation and/or records

Question 29

Activation Criteria Based On (3 Things)

Answer 29

• Extent of damage (physical, cost, operational)
• Criticality of the system to the organization
• Expected Duration Longer Than RTO

Question 30

3 Phases Following a Disruption

NA/RP/R

Answer 30

• Notification/Activation: Notify personnel and perform damage assessment
• Recovery Phase - Failover: Actions taken for recovery
• Reconstitution - Failback: Outlines actions taken to return to normal state

Question 31

Data Recovery Options are Driven by Metrics Established In ….

Answer 31

Business Impact Analysis (BIA)

Question 32

Electronic Vaulting - Transaction Redundancy

Answer 32

Copy of modified file sent to remote location where an original backup is stored

Question 33

Remote Journaling - Transaction Redundancy

Answer 33

Moves transaction logs to a remote location, not actual files

Question 34

During Restoration of Operations What Should be Recovered First

Answer 34

Less critical departments should be returned first to test out infrastructure

Question 35

2 Things for Disaster Recovery Planning Testing

Answer 35

• Demonstrate if a company can actually recover (set a goal)

- Performed at least once a year (point out issues, gain confidence)

Question 36

Checklist Test - DR

Answer 36

Copies of plan distributed to different departments and functional managers review

*Finds what missing

Question 37

Structured Walk-Through (Table Top) Test - DR

Answer 37

Representatives from each department go over the plan

*Gives people chance to review what they will be doing

Question 38

Simulation Test

Answer 38

Going through a disaster scenario, up to real relocation

Question 39

Parallel Test

Answer 39

Systems moved to alternate site and processing takes place there

Question 40

Full-Interruption Test

Answer 40

Original site shutdown and all processing moved to other facility