Disaster Recovery and Incident Response Flashcards
Which plan or policy helps an organization determine how to relocate to an emergency site?
Disaster-recovery plan
Backup site plan
Privilege management policy
Disaster-recovery plan
The disaster-recovery plan deals with site relocation in the event of an emergency, natural disaster, or service outage
Although you’re talking to her on the phone, the sound of the administrative assistant’s screams of despair can be heard down the hallway. She has inadvertently deleted a file that the boss desperately needs. Which type of backup is used for the immediate recovery of a lost file?
Onsite storage
Working copies
Incremental backup
Working copies
Working copies are backups that are usually kept in the computer room for immediate use in recovering a system or lost file
You’re trying to rearrange your backup procedures to reduce the amount of time they take each evening. You want the backups to finish as quickly as possible during the week. Which backup system backs up only the files that have changed since the last backup?
Full backup
Incremental backup
Differential backup
Incremental backup
An incremental backup backs up files that have changed since the last full or partial backup
Which backup system backs up all the files that have changed since the last full backup?
Full backup
Incremental backup
Differential backup
Differential backup
A differential backup backs up all of the files that have changed since the last full backup
You’re a consultant brought in to advise MTS on its backup procedures. One of the first problems you notice is that the company doesn’t use a good tape-rotation scheme. Which backup method uses a rotating schedule of backup media to ensure long-term information storage?
Grandfather, Father, Son method
Full Archival method
Backup Server method
Grandfather, Father, Son method
The Grandfather, Father, Son backup method is designed to provide a rotating schedule of backup processes. It allows for a minimum usage of backup media, and it still allows for long-term archiving
Which site best provides limited capabilities for the restoration of services in a disaster?
Hot site
Warm site
Cold site
Warm site
Warm sites provide some capabilities in the event of a recovery. The organization that wants to use a warm site will need to install, configure, and reestablish operations on systems that may already exist at the warm site
You’re the head of information technology for MTS and have a brother in a similar position for ABC. The companies are approximately the same size and are located several hundred miles apart. As a benefit to both companies, you want to implement an agreement that would allow either company to use resources at the other site should a disaster make a building unusable. What type of agreement between two organizations provides mutual use of their sites in the event of an emergency?
Backup-site agreement
Warm-site agreement
Reciprocal agreement
Reciprocal agreement
A reciprocal agreement is between two organizations and allows one to use the other’s site in an emergency
The process of automatically switching from a malfunctioning system to another system is called what?
Fail-safe
Redundancy
Failover
Failover
Failover occurs when a system that is developing a malfunction automatically switches processes to another system to continue operations
Which of the following types of penetration testing focuses on the system, using techniques such as port scans, traceroute information, and network mapping to find weaknesses?
Active reconnaissance
Passive reconnaissance
Operational reconnaissance
Active reconnaissance
Active reconnaissance is a type of penetration testing that focuses on the system, using techniques such as port scans, traceroute information, and network mapping to find weaknesses
Your company is about to invest heavily in a new server farm and have made an attractive offer for a parcel of land in another country. A consultant working on another project hears of this and suggests that you get the offer rescinded because the laws in that country are much more stringent than where you currently operate. Which of the following is the concept that data is subject to the laws of where it is stored?
Data sovereignty
Data subjugation
Data dominion
Data sovereignty
Data sovereignty is the concept that data is subject to the laws of where it is stored
Which of the following would normally not be part of an incident response policy?
Outside agencies (that require status)
Outside experts (to resolve the incident)
Contingency plans
Contingency plans
A contingency plan wouldn’t normally be part of an incident response policy. It would be part of a disaster-recovery plan
Which of the following is the process used during data acquisition for the preservation of all forms of relevant information when litigation is reasonably anticipated?
Chain of custody
Order of volatility
Legal hold
Legal hold
The process that is used during data acquisition for the preservation of all forms of relevant information when litigation is reasonably anticipated is known as legal hold
Which of the following types of vulnerability scans uses actual network authentication to connect to systems and scan for vulnerabilities?
Credentialed
Validated
Endorsed
Credentialed
A credentialed vulnerability scan uses actual network credentials to connect to systems and scan for vulnerabilities
What is another name for working copies?
Functional copies
Operating copies
Shadow copies
Shadow copies
Working copies are also known as shadow copies
Which of the following is a reversion from a change that had negative consequences?
Backup
ERD
Backout
Backout
A backout is a reversion from a change that had negative consequences