Domain 2 - BC / DR and Incident Response

Question 1

What is the Continuity of Operations Plan (COOP)?

Answer 1

Details how we keep operating in a disaster

Question 2

What is the crisis communications plan?

Answer 2

How we communicate internally and externally

Question 3

What is a cyber incident response plan?

Answer 3

How we respond in cyber events

Question 4

What is the Occupant Emergency Plan (OEP)?

Answer 4

How we protect our facilities, our staff, and the environment in a disaster event

Question 5

What is the Business Recovery Plan?

Answer 5

It lists the steps we need to take in order to restore normal business operations after a disruptive event.

Question 6

What is the continuity of Support Plan?

Answer 6

It narrowly focuses on support of specific IT systems and applications.

Question 7

What is the Crisis Management Plan (CMP)?

Answer 7

It provides effective coordination of management of the organization in an emergency.

Question 8

What are the three disaster categories?

Answer 8

Natural

Human

Environmental (Not nature)

Question 9

Is the Disaster Recovery Plan a sub-plan of the Business Continuity Plan?

Answer 9

Yes

Question 10

What is the disaster recovery plan lifecycle?

Answer 10

Mitigation

Preparation

Response

Recovery

Question 11

What is the definition of RPO?

Answer 11

The acceptable amount of data that cannot be recovered.

Think restore point intervals.

Question 12

What is the definition for Maximum Tolerable Downtime (MTD) in Disaster Recovery?

Answer 12

The maximum amount of downtime for any given system.

You want to be certain you can rebuild the system before the MTD limit is reached.

Question 13

What is Work Recovery Time (WRT) in Disaster Recovery?

Answer 13

It is the time required to configure the software for a recovered system.

Question 14

What is the Minimum Operating Requirements in Disaster Recovery?

Answer 14

It is the bare minimum specifications that a system can run on.

Question 15

What is a redundant site in Disaster Recovery?

Answer 15

It is an identical site to production and receives a real-time copy of the data.

Question 16

What is a hot site in Disaster Recovery?

Answer 16

Similar to a redundant site, but it only houses critical applications and systems. Manual failover

Question 17

What is a warm site in Disaster Recovery?

Answer 17

Similar to a hot site, but the data is not real-time or even near real-time. Takes between 4 - 24 hours to restore. Manual failover

Question 18

What is a cold site in Disaster Recovery?

Answer 18

A smaller, but full data center with redundancies. Restoration can take weeks.

Question 19

Incident management is what kind of function?

Answer 19

An Administrative function

Question 20

What is an event in incident management?

Answer 20

It is an observable change in state

Question 21

Wha is a problem in incident management?

Answer 21

An incidence with an unknown cause.

Question 22

What is an inconvenience in incident management?

Answer 22

A non-disruptive failure

Question 23

What is a disaster in incident management?

Answer 23

Our entire facility is unusable for 24 hours

Question 24

What is a catastrophe in incident management?

Answer 24

Our entire facility is destroyed.

Question 25

Should senior management be on the cyber incident response team?

Answer 25

Yes

Question 26

What are the eight steps of incident management?

Answer 26

Preparation

Detection

Response

Mitigation

Reporting

Recovery

Remediation

Lessons Learned

Question 27

In what phase of the incident management plan do users begin interacting with affected systems?

Answer 27

The Response phase

Question 28

What is the mitigation phase of the incident management plan?

Answer 28

It’s when the cause of the incident is identified and now steps can be taken to bring the system back to operational status