Domain 2: Business Continuity, Disaster Recovery, and Incident Response

Question 1

Business Continuity Planning (BCP) / Continuity Of Operations Planning (COOP)

Answer 1

The set of controls designed to keep a business running in the face of adversity, whether natural or man-made

• Directly impacts the #3 goal of security = Availability
• When planning, proactively as whatbusiness activities, systems, and controlswill it configure

Question 2

Business Impact Assessment (BIA)

Answer 2

• A risk assessment that uses a quantitative or qualitative process
• Begins by identifying organization’s mission essential functions and then traces those backwards to identify the critical IT systems that support those functions

Question 3

In Clouding

Answer 3

Business Continuity Planning requires collaboration between cloud providers and customers

Question 4

Redundancy

Answer 4

The level of protection and against the failure of a single component

Question 5

Single Point of Failure (SPOF) Analysis

Answer 5

• Provides a mechanism to identify and remove single points of failure from their systems
• The SPOF analysis continues until the cost of addressing risk outweighs the benefit
• SPOF can be used in many areas other than the IT Infrastructure, it can be applied in management of HR, 3rd party vendor reliance etc)

Question 6

Continued Operation of Systems (COS)

Answer 6

• Can be ensured in 2 ways:

1. High Availability

• Uses multiple systems to protect against service failure (Different from AWS Cloud as in that it does not just apply to AZs but rather everything including multiple firewalls etc)

2. Fault-Tolerance

• Makes a single system resilient against technical failures

Question 7

Load Balancing

Answer 7

Spreads demand across available systems

Question 8

Common Points of Failure

Answer 8

Power Supply
Storage Media
Networking

Question 9

Power Supply

Question 10

Storage Media

Question 11

Networking