Domain : Business Continuity and Disaster

Question 0

Event management process = communication and escalation process. What are the 7 steps?

Answer 0

1 - Trigger/Event
2 - Report to communications center
3 - Reprot to assessment team
4 - Assess event
5 - Action Required
6 - Contact custom development respone team
7 - implement recovery strategy and plans

Question 1

A BC & DR plan should include: (7)

Answer 1

1 - plan activation procedures
2- details of the appropriate recovery strategies
3 - methods for managing recovery efforts
4 - in-depth actions plans for teams and individuals
5 - guidelines on how to handle human resource issues
6 - strategies for communication with internal and external stakeholders
7 - methods of documenting and paying recovery costs

Question 2

In a disaster response situation, which four distinct groups play major roles?

Answer 2

1- company execs
2 - emergency management team
3 - primary site restoration team
4 - one or more emergency response teams

Question 3

Whats the role of company execs?

Answer 3

• lead the organization through an emergency and hold overall responsibility for its recovery
• anticipating problems and resolving for long-term
• prioritize org’s strategy and principles, not just following established processes
• involved with the recovery command center - but mainly through strategic response
• executing plan, deciding how events will impact the business, assisting others to resolve issues, and communicating with the media

Question 4

Roles of Emergency Management Team

Answer 4

-Tactical response
-Assesses damage caused by event, declares it a disaster if necessary
-Sets emergency plans in motion.
-Administers and manages day-to-day activities of recovery
-sets up and controls one or more central command centers
keeps company exects up to date with recovery progress, business impact, current plan of action

Question 5

Emergency response teams are made up of _____. ______ manage these individuals

Answer 5

individuals who carry out the actual recovery processes and tasks
Response team leaders

Question 6

Members of emergency response team are responsible for (4):

Answer 6

1 - Retrieval of backup. (required records and information from orgs off-site storage facility)
2 - Procedure execution (based on predetermined priority of each task. like assigning team members to shifts or traveling to alternate sites)
3 - Communication (establish with team members at alt site. Keep command centers up to date with recovery status and keeping emergency mgt team informed.
4 - Assisting primary site restoration (lists of software, hardware, other equip that must be replaced)

Question 7

Primary site restoration team is responsible for: ____

It includes ___ and __ staff, with support potentially from ___ and ____.

Answer 7

Preparing original site to resume normal ops and helping the org to transition back into normal operations.
Facilities and technology
Legal staff and isnurance agents

Question 8

Responsibilities of primary site restoration team (6)

Answer 8

1 - contacting the organization’s lawyer or legal team
2 - contacting organziation’s insurance agent (if relevant)
3 - pictures of damage ASAP, before removed, repaired, replaced
4 - acquiring, building, renovating site to physically prepare it for resumption of normal ops
5 - recovering lost/damaged info and records
6 - replacing/repairing damaged tech components like computer hardware and network infrastructure

Question 9

Communication plan describes the process for communicating with ___, ____, ___, and ___ while recovery is underway

Answer 9

employees
customers
vendors
media

Question 10

Recover communication should include details in what categories (4)?

Answer 10

1 - Status
2 - Recovery locations
3 - Deliveries
4 - Contacts co-ordinator

Question 11

Describe requirements of recovery communication plan status component.

Answer 11

Need to keep stakeholders up to date.
Specify contact details and methods for doing this
Specify employees that are to communicate only official approved statements to external stakeholders

Question 12

Recovery Communications plan - what should be covered in “recovery locations”

Answer 12

Plans should specify a method for employees to communicate between locations (i.e. conference bridges)

Question 13

Recovery Communications plan - what should be documented for “Deliveries”

Answer 13

Your org still needs to receive delivers - the plans should include a list of these and a plan informt hem of alternate site addresses during recvoery phase

Question 14

Members of an emergency response team are responsible for: (4)

Answer 14

1 - retrieval of backups (records and info)
2 - procedure execution
3 - communication (staff at alt sites; keeping command centers up to date)
4 - assisting in primary site restoration (lists of assets that must be replaced)

Question 15

What is the primary site restoration team responsible for?

Answer 15

• prepping orignial stie to resume normal ops.
• facilities and tech staff; support from legal and insurance
• must contact legal; insurance agent
• must take pictures of damaged areas before removed/repaired/replaced

Question 16

Which types of information should a recovery communications plan contain?

Answer 16

• information about a conference bridge between two geographically-dispersed backup sites
• detials of a telephone hotline that will announce the latest status updates
• details of how a temporary switchboard operation sill be setup and managed.

Question 17

Which are essential components of a BC and DR plan?

Answer 17

• process by which events are communicated/escalated
• details of R&R
• info on how to communicate with employees, customers, vendors, media

Question 18

After drawing you the test, you should….?

Answer 18

test

Question 19

Test type 1: Call exercise

Answer 19

call everyone on the list. Either one makes all, or each makes 5. You understand how long it takes to contact and also how many people are available.

Question 20

Test type 2: Walkthrough exercise

Answer 20

Walkthrough exercise (largely academic; get everyone together and walkthrough the doc step by step. Related: tabletop. Hypothetical situation and role play. This familiarizes everyone with the entire process; identify gaps and weaknesses.

Question 21

Test type 3: Simulated or Actual exercises

Answer 21

Test the recovery processes at the alternate site. Simulated: simulates the recovery process. Actually: literally carry out the process without affecting the current process.

Use these exercises for training; give team members experience of the procedures they’ll need to carry out. Also, use them to test readiness of the alternate site and identifyu any gaps or weaknesses in the recovery plan.

Question 22

Test Type 4: Compact Exercise

Answer 22

Comprehensive test; starts with a call exercise, followed by a walkthrough, then simulated/actual. Upon completion of each, publish thte results and identify issues that need to be addressed such as weaknesses in the recovery plan. Follow up with issues and plan accordingly.

You do this if you want to perfectthe recovery plan or thoroughly test the recovery plan. Can include real emergency personnel.

Question 23

Why would the have test call centers?

Answer 23

• test equipment
• confirm gents are able to operate comfortably
• ensure that routing to the alternaitive site works correctly
• see if the plan has left out any important considerations that would be required

Question 24

After documenting the plan, you should establish a ….. program. This should:

Answer 24

Training and Awareness.
1- make all staff members aware of hte program and their roles in it.
2 - train staff members who’ll need to execute the plan
3 - assure custoemrs by informing them that a plan is in place

Question 25

To ensure the plan should remain relevant and accurate, you should update it after which triggers:

Answer 25

1- after each testing exercise is completed
2 - after any significant change in the production environment (IT infrastructure or systems)
3 - after changes tothe business enviornment (change in suppliers or ackquisition of a better recovery site)

Question 26

Dual Data Centers

Answer 26

Two fully functional sites that both support an organization’s functions

Question 27

Cold Sites

Answer 27

Empty spaces containing no technical equipment or resources

Question 28

Warm Sites

Answer 28

Sites containing cabling and networks, but no computers

Question 29

Hot sites

Answer 29

Fully configured sites with environments that mirror actual production sites

Question 30

What principle must you apply when choosing an appropriate recovery strategy?

Answer 30

Ensure that the ifnancial benefit of a chose strategy equals or outweihgs the total cost of the strategy

Question 31

Telecommuting

Answer 31

Using telecommunications links to let some employees work from home or another location

Question 32

Mulitple sites

Answer 32

Continually running operaitons from more than oen fully equipped location

Question 33

Internal Operations Transfer

Answer 33

Temporarily transferring time-sensitive operations to another organizational location

Question 34

Backup sites

Answer 34

Building dedicated facilities to house operations that are affected by disaster.

Question 35

Which of the following teams is responsible forgetting the alternate identified site into operation in the aftermath of a disaster?

a) salvage team
b) mitigation team
c) restoration team
d) assessment team

Answer 35

c) Restoration team. It’s responsible for getting the alternate identified site into operation so that it functions as a working environment. This team *(like a salvage team) needs to knwo how to do many tasks such as installing operating systems, handling wiring requirements, setting up workstations, servers, etc.

Question 36

Explain daily overnight differential backupsand a full backup each weekend. How doe sthis work?

Answer 36

• A full backup resets all of the archive flags on each file to be seen as “unchanged.” Every time a file is modified, that file flips the flag to “changed”
• An incremental backup backs up all of the files that have changed and resets their flags back to “unchanged” However, a Differential backup copies all of the modified files but leaves their status as “changed”. Hence, only the most recent differential and weekend’s full bakcup is needed to restore the backup.

Question 37

What is the most widely used model for recovery sites?

Answer 37

Warm sites.
-less expensive than a hot site; since it’s not compleyely configured and conan be set up to be operational in a reasonable time frame.

Question 38

What are the issues with hot and cold sites?

Answer 38

Hot: expensive
Cold: takes a long to time be upa nd ready to use

Question 39

What are reciprocal agreements?

Answer 39

Alternatives to offsite facilities. In this agreeement two companies agree to allow each over to use the other’s facilities in the event of a disaster. Although this is a cheap option it is not very effective due to associated problems.

Question 40

What is remote journaling?

Answer 40

A method to transmit data offsite. This typically moves the transaction log and journal to an offsite facility rather than moving the actual files. In case of a disaster, the logs can be used to recreate the lost data. This si quite efficient in case of recovering a database where a sequence of changes to its records allows its creation.

Question 41

Synchronous replicatin is used if a system ______. In synchronous repliaction, the primary and secondary copies are always _______, whereas with asynchronous replication the twoare a few milliseconds _____.

Answer 41

Needs to be continuously available.
identitical
out of sync

Question 42

Describe the differential backup process

Answer 42

Only does a backup of all the files that have undergone a change since the last full backup was done. The archive bit value is not changed. In case of full and incremental backups, the archive bit value is changed.