Domain 4 - Business Resilience

Question 1

In the context of BCP, what the business continuity manager should FIRST perform after replacement of hardware at the primary information processing facility?

Answer 1

Should FIRST perform an update on the IT asset inventory.

Because this is the basic input for BCP/ DRP & the plan must be updated to reflect changes in IT infrastructure.

Question 2

What is an appropriate solution for full recovery of a critical database with a high RPO & a low RTO?

Answer 2

Real-time replication to a remote site is often an appropriate solution. Because it is a critical database with high RPO (meaning less data left un-archived since the last backup) & a low (short) RTO

Question 3

What does DRP focuses on?

Answer 3

1) How to survive & recover from a disastrous event
2) Addresses the technological aspect of the BCP
3) Usually focuses on alternative procedures to process transactions

Question 4

What is the responsibilities of BCP steering committee?

Answer 4

1) Agrees to terms of reference, scope & assumptions
2) Agrees to project plans & budgets
3) Resolves conflicting priorities
4) Makes business decisions on business continuity issues

The committee is a steering committee. As such, members should not actively participate in plan development, implementation or BIA. Risk assessment is part of BIA.

Question 5

What must occur to fulfill “Chain-of-Custody” requirements for data collected for later investigation?

Answer 5

1) Any access to data collected for later use as evidence must be isolated from normal access
2) Any access must be dutifully logged

Question 6

Define the level of criticality:
1) Critical
2) Vital
3) Sensitive
4) Non-critical

Answer 6

1) Critical = functions cannot be performed unless replaced by identical capabilities & cannot be replaced by manual methods

2) Vital = functions can be performed manually but only for a brief period of time

3) Sensitive = functions can be performed manually at a tolerable cost for an extended period of time

4) Non-critical = functions may be interrupted for an extended period of time at little or no cost to company

Question 7

Distributed processing adds complexity to BCP due to?

Answer 7

1) Multiple servers participating in synchronized transactions

2) Inexorably linked data tables

3) Geographic distribution requires duplication of BCP effort across multiple sites

Question 8

What is “Cold Site”?

Answer 8

1) Off-site information processing facility with electrical wiring, air conditioning & flooring but no computer or communications equipment

2) It’s generally the most reasonable option for recovering a non-critical system

Question 9

What is a “Warm Site”?

Answer 9

Warm site is an off-site location with electricity, HVAC, some necessary hardware & workstations & un-configured software

Question 10

What is “Hot Site”?

Answer 10

1) Off-site location with electricity, HVAC, all necessary hardware & workstations, & configured software

2) It is implemented as a recovery strategy when the disaster tolerance is low

3) The advantage of hot-site is that it can be made ready for operation within a short period of time