Implementing Business Continuity & Disaster Recovery Flashcards
A security engineer is trying to identify appropriate groups to help determine which groups should be part of incident response. Which guide could they use?
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61, “Computer Security Incident Handling Guide,” identifies the groups that are necessary when responding to an incident.
What is COBIT?
The Control Objectives for Information and Related Technologies (COBIT) is a framework created and maintained by Information Systems Audit and Control Association (ISACA). COBIT frames IT risk from a business leadership viewpoint.
A major retail company needs to set up alternate sites so that despite any unforeseen circumstances, the business has as little impact on its operation as possible. Which of the following would be the best setup?
A hot site is by far the most expensive and complicated option to implement but results in close to real-time activation with little to no service disruption.
What is a mobile site?
A mobile site can be described as a data center in a box and is a technique employed by the military.
A mid-size company is considering a backup alternative solution for their small data center operations but is running a skeleton crew. They are starting to look at cloud solutions. Which solution should be their focus?
DRaaS
Disaster Recovery as a Service (DRaaS) would be a suitable choice for a company with a small data center and limited personnel. DRaaS offers a turnkey solution where the cloud provider manages disaster recovery process, reducing the need for in-house resources. This would free up their limited staff to focus on other tasks.
What is SaaS?
Software as a Service (SaaS) represents the lowest amount of responsibility for the customer as the facilities, utilities, physical security, platform, and applications are the provider’s responsibility.
What is Paas?
Platform as a Service (PaaS) provides a selection of operating systems that the customer can load and configure. The underlying infrastructure, facilities, utilities, and physical security are the responsibility of the provider.
What is IaaS?
Infrastructure as a Service (IaaS) provides hardware hosted at a provider facility using the provider’s physical security controls and utilities, such as power. The underlying infrastructure, facilities, utilities and physical security are the responsibility of the provider.
A security architect is looking for examples of standards and regulations with descriptions of Business Continuity and Disaster Recovery (BCDR) capabilities. What are some examples?
SOX
GLBA
FFIEC
The Sarbanes-Oxley (SOX) Act regarding fraudulent accounting is one example of standards and regulations with descriptions of Business Continuity and Disaster Recovery (BCDR) capabilities.
The Gramm-Leach-Bliley (GLBA) Act regarding personal financial information is another example of standards and regulations with descriptions of Business Continuity and Disaster Recovery (BCDR) capabilities.
The Federal Financial Institutions Examination Council (FFIEC) regarding financial institutions is another example of standards and regulations with descriptions of Business Continuity and Disaster Recovery (BCDR) capabilities.
A security practitioner is conducting a privacy impact assessment (PIA) as part of a business continuity plan. What should the practitioner assess?
Sensitivity
Collection methods
Sharing methods
A large part of this assessment includes analyzing the sensitivity level of privacy data. A system containing full names will need to be handled differently from one containing social security numbers or other similar government-supplied identifiers.
Another large part of this assessment includes collection methods, including how the company uses and maintains data. This helps to ensure that these processes continue in the event of a disaster.
A privacy impact assessment should also document whether the company shares the data and the parties included in the sharing arrangement.
A data center manager is planning for disaster recovery. What key element should the manager first gain that is critical to success?
Senior leadership’s participation and sponsorship of Business Continuity and Disaster Recovery (BCDR) activities are essential for successful preparedness.
Before taking staff resources away from business development projects to work on BCDR planning, first requires senior leadership support. Some organizations may have significant plans in place, but the organizations may not have properly tested them.
A military unit is going into a foreign country and setting up a small data center for their operations but wants to have an alternate option that is flexible and versatile. Which of the following options would best suit their needs?
A mobile site can be described as a data center in a box and is a technique employed by the military.
A security analyst is leading a disaster recovery simulation and wants to determine whether all parties involved in the response know what to do and how to work together to complete the exercise. What simulation should they perform?
Tabletop Exercise
The tabletop exercise will identify a specific objective or goal and then use it to determine whether all parties involved in the response know what to do and how to work together to complete the exercise.
A security analyst is setting up documents for the outputs of the test or incident, along with recommendations based on the outputs and findings. Which standard should the analyst reference?
NIST 800-84
NIST SP 800-84, the “Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities,” includes an after-action report template that helps with documentation and findings.
A security consultant works for a U.S.-based company and sets up a data recovery site in Germany. The security consultant is beginning the first verification of a data center failover scenario. What are some common issues the consultant might expect to encounter?
Recovery failure
Data loss
Software not working
Failure to recover can be a common issue for various reasons. For example, the entire data center had syncing issues, or the Storage Area Network could have issues syncing, or disks were corrupt at the recovery site.
Data loss is another common issue for similar reasons. An administrator should monitor the health status of disaster recovery (DR) devices to help avoid issues.
Software may not work when brought up from recovery for various reasons. For example, server configurations may not have deployed exactly the same, or the configurations are the same but need changes made for the DR environment.
