Lesson 19: Summarizing Risk Management Flashcards
A company has thirty servers that run for 125 hours, with three servers that fail. Rounding to the nearest whole number, calculate the Mean Time Between Failures (MTBF) for this scenario.
A. 125
B. 41
C. 3,750
D. 1,250
D
The calculation for Mean Time Between Failures (MTBF) is the total time divided by the number of total failures. In this scenario, the company has 30 servers that run for 125 hours (30x125), with the resulting product of 3,750. This result is then divided by the number of failures (3,750/3), which equals an MTBF of 1,250.
Analyze the metrics governing Mission Essential Functions (MEF) and determine which example demonstrates Maximum Tolerable Downtime (MTD).
A. It takes two hours to identify an outage and restore the system from backup.
B. It takes three hours to restore a system from backup and the restore point is two hours prior to the outage.
C. A business function relies on five hours for restoration; otherwise, there is an irrecoverable business failure.
D. It takes three hours to restore a system from backup, reintegrate the system, and to test functionality.
C
Management of a company practices qualitative risk when assessing a move of systems to the cloud. How does the company indicate any identified risk factors?
A. With an exposure factor (EF)
B. With an annualized loss expectancy (ALE)
C. With a classification system
D. With transference
C
A company performs risk management. Which action identifies a risk response approach?
A. A company develops a list of processes necessary for the company to operate.
B. A company develops a countermeasure for an identified risk.
C. A company conducts penetration testing to search for vulnerabilities.
D. A company determines how the company will be affected in the event a vulnerability is exploited.
B
Evaluate the metrics associated with Mission Essential Functions (MEF) to determine which example is demonstrating Work Recovery Time (WRT).
A. A business function takes five hours to restore, resulting in an irrecoverable business failure.
B. It takes two hours to identify an outage and restore the system from backup.
C. It takes three hours to restore a system from backup, and the restore point is two hours prior to the outage.
D. It takes three hours to restore a system from backup, reintegrate the system, and test functionality.
D
Select the phase of risk management a company has performed if they analyzed workflows and identified critical tasks that could cause their business to fail, if not performed.
A. Identify mission essential functions
B. Identify vulnerabilities
C. Identify threats
D. Analyze business impacts
A
A company determines the mean amount of time to replace or recover a system. What has the company calculated?
A. MTBF
B. KPI
C. MTTR
D. MTTF
C
Analyze the metrics governing Mission Essential Functions (MEF) and determine which example demonstrates Maximum Tolerable Downtime (MTD).
A. It takes two hours to identify an outage and restore the system from backup.
B. It takes three hours to restore a system from backup and the restore point is two hours prior to the outage.
C. A business function relies on five hours for restoration; otherwise, there is an irrecoverable business failure.
D. It takes three hours to restore a system from backup, reintegrate the system, and to test functionality.
C
Select the example that provides an accurate simulation of a company engaging in the identifying threats phase of risk management.
A. A company develops a list of processes that are Necessary for the company to operate.
B. A company conducts research to determine why vulnerabilities may be exploited.
C. A company conducts penetration testing to search for vulnerabilities.
D. A company determines how the company will be affected in the event a vulnerability is exploited.
B
Management of a company identifies priorities during a risk management exercise. By doing so, which risk management approach does management use?
A. Inherent risk
B. Risk posture
C. Risk transference
D. Risk avoidance
B
