my class

Question 1

A __________ consists of multiple servers using ______________.

Answer 1

web farm, network load balancing

Question 2

Bob is the project manager for his company’s security countermeasure implementation project. Michael informs Bob that task #12 (implementing a failover cluster) will not finish on time. Because task #12 is on the project’s __________, Bob knows that the project will not complete on time and sets up a meeting to inform the stakeholders.

Answer 2

critical path

Question 3

Which of the following is not commonly included in a cost-benefit analysis (CBA)?

Answer 3

A business continuity plan (BCP)

Question 4

All of the following would be specified in a password policy, except:

Answer 4

password management.

Question 5

Which tool is most commonly used to prioritize mitigation efforts?

Answer 5

Threat likelihood/impact matrix

Question 6

What are overlapping countermeasures?

Answer 6

Different countermeasures that attempt to mitigate the same risk

Question 7

What is the primary tool used to ensure countermeasures are implemented?

Answer 7

Plan of action and milestones (POAM)

Question 8

Which approach to firewall rules starts off by blocking all traffic and then adding rules to allow approved traffic?

Answer 8

Implicit deny

Question 9

After being fired, an employee becomes disgruntled. The managers never disabled his login information, and his best friend still works at the company. The disgruntled employee gives his friend his login information for the company’s private network and convinces the friend to delete important files from the company’s database. You are confused when you review the audit logs and see that the disgruntled employee has been logging in from within the office every day for the past week. What has been lost in this scenario?

Answer 9

Nonrepudiation

Question 10

Which of the following terms is best defined as a weakness?

Answer 10

Vulnerability

Question 11

___________ prevents individuals from denying they took an action.

Answer 11

Nonrepudiation

Question 12

What is the purpose of a risk mitigation plan?

Answer 12

To implement countermeasures

Question 13

The National Institute of Standards and Technology (NIST) publishes SP 800-53. This document describes a variety of IT security controls, such as access control, incident response, and configuration management. Controls are grouped into families. Which NIST control family helps an organization recover from failures and disasters?

Answer 13

Contingency Planning (CP)

Question 14

Which of the following is a physical control that is most likely to be used with a proximity card?

Answer 14

A locked door

Question 15

Purchasing insurance is the primary way for an organization to __________ or ___________ risk.

Answer 15

share, transfer

Question 16

Which of the following is not a true statement about AES?

Answer 16

AES is the primary asymmetric encryption protocol used today.

Question 17

A hacker wants to launch an attack on an organization. The hacker uses a tool to capture data sent over the network in cleartext, hoping to gather information that will help make the attack successful. What tool is the hacker using?

Answer 17

A packet analyzer

Question 18

What changes plaintext data to ciphered data?

Answer 18

Encryption

Question 19

__________ provide the detailed steps needed to carry out ___________.

Answer 19

Procedures, policies

Question 20

Which of the following is not one of the three primary objectives of controls?

Answer 20

Eliminate

Question 21

What is the purpose of nonrepudiation techniques?

Answer 21

To prevent people from denying they took actions

Question 22

Some controls are identified based on the function they perform. What are the broad classes of controls based on function?

Answer 22

Preventative, detective, corrective

Question 23

Which of the following is most likely to describe how to perform test restores?

Answer 23

A backup plan

Question 24

A business continuity plan (BCP) is an example of a(n):

Answer 24

security plan.

Question 25

Lower recovery time objectives (RTOs) are __________ but __________.

Answer 25

achievable, costly

Question 26

What is the primary hazard of attempting to recover without a business impact analysis (BIA)?

Answer 26

Wasted effort due to a lack of direction as to which resources are most critical

Question 27

ABC Wholesale Pet Supply sells pet supplies to retailers. Every transaction results in a duplicate hardcopy paper shipping document and invoice. The person picking up the order signs the documents and takes one copy. Two other copies stay at the warehouse. How would using multiple hardcopies of each transaction affect ABC's recovery point objective (RPO)?

Answer 27

Duplicate hardcopies of transactions increase complexity and decrease tolerable data loss.

Question 28

A business impact analysis (BIA) identifies an impact that can result from a:

Answer 28

disruption in a business.

Question 29

What are critical resources?

Answer 29

Those that are required to support critical business functions (CBFs)

Question 30

After developing a business impact analysis (BIA) for her organization, Maria was asked by her manager to update the BIA recommendations with a higher recovery time objective (RTO). What is the most likely reason management would argue for a higher RTO?

Answer 30

Lower RTOs are more expensive.

Question 31

What is the primary purpose of identifying critical resources in the business impact analysis (BIA) process?

Answer 31

Identify all IT assets that support critical business functions (CBFs).

Question 32

By identifying critical business functions (CBFs) first, you use a ________ approach.

Answer 32

top-down

Question 33

Which term is sometimes referred to as the maximum tolerable period of disruption (MTPD)?

Answer 33

Maximum acceptable outage (MAO)

Question 34

What are the first two steps in the business impact analysis (BIA) process?

Answer 34

Identify the environment and identify stakeholders

Question 35

Which of the following is not a direct cost?

Answer 35

Costs to regain market share

Question 36

Which of the following is not an indirect cost?

Answer 36

Cost to re-create or recover data

Question 37

Which of the following can determine that a business function is critical?

Answer 37

Any stakeholder

Question 38

Your team is developing a business impact analysis (BIA). You have identified the critical business functions (CBFs) and associated processes. What should you do next?

Answer 38

Map processes to IT systems.

Question 39

A business continuity plan (BCP) program manager within a large organization:

Answer 39

usually manages multiple BCP projects.

Question 40

Which business continuity plan (BCP) test type brings all participants together in a conference room or similar environment to walk through BCP scenarios?

Answer 40

Tabletop exercise

Question 41

Which key planning principle guides the development of a business continuity plan (BCP)?

Answer 41

Length of time expected before returning to normal operations

Question 42

What is the overall goal of business continuity plan (BCP) exercises?

Answer 42

To demonstrate how the BCP will work

Question 43

Having supplies on hand for continued production:

Answer 43

may conflict with other organizational planning principles.

Question 44

Who is the most common person to authorize business continuity plan (BCP) activation in the order of succession if the chief executive officer (CEO) is unavailable?

Answer 44

Chief information officer (CIO)

Question 45

What is the primary difference between a functional exercise and a full-scale exercise?

Answer 45

A full-scale exercise is more realistic than a functional exercise.

Question 46

What step of a business continuity plan (BCP) comes after providing training?

Answer 46

Testing and exercising plans

Question 47

What is the primary determination as to whether an incident is included in a business continuity plan (BCP)?

Answer 47

Probability of occurrence and impact

Question 48

Which of the following is a business continuity plan (BCP) phase that focuses on returning to normal operations?

Answer 48

Reconstitution phase

Question 49

When an emergency is declared, the ____________ contact(s) appropriate teams or team leads.

Answer 49

business continuity plan (BCP) coordinator

Question 50

Regarding business continuity, what is the first phase of activity if a disruption occurs?

Answer 50

The notification and activation phase

Question 51

What business continuity plan (BCP) team is responsible for declaring the severity of an incident?

Answer 51

DAT

Question 52

Functional descriptions of systems are often used for documenting:

Answer 52

critical business functions (CBFs).

Question 53

What is the primary benefit of a business continuity plan (BCP)?

Answer 53

To better prepare the organization to respond to an interruption

Question 54

In a business continuity plan (BCP), if a system houses data, the data must be protected according to:

Answer 54

its level of classification.

Question 55

How are business continuity plans (BCPs) and disaster recovery plans (DRPs) related?

Answer 55

A DRP is a part of the larger BCP.

Question 56

Which of the following is not one of the three commonly used business continuity plan (BCP) teams?

Answer 56

Critical contractor

Question 57

Who is responsible for activating the business continuity plan (BCP)?

Answer 57

BCP coordinator

Question 58

What is the purpose of a business continuity plan (BCP)?

Answer 58

To ensure that mission-critical elements of an organization continue to operate during and after a disruption

Question 59

Which of the following mainly applies to any organization that handles health information?

Answer 59

HIPAA

Question 60

What is a service level agreement (SLA)?

Answer 60

A document that identifies an expected level of performance

Question 61

Which of the following is a significant part of control evaluation to determine which controls to implement?

Answer 61

Cost-benefit analysis (CBA)

Question 62

Devaki is the office manager for a small medical practice in California. Part of her duties is to ensure the practice is in compliance with any relevant regulations or standards. Self-pay patients pay for services via cash, check, or payment card. Which of the following does Devaki need to ensure compliance with?

Answer 62

HIPAA and PCI DSS

Question 63

The primary risks associated with the User Domain of a typical IT infrastructure are related to:

Answer 63

social engineering.

Question 64

The Remote Access Domain of a typical IT infrastructure allows __________ to access the ________ network.

Answer 64

remote users, private

Question 65

Health Insurance Portability and Accountability Act (HIPAA) fines for mistakes can be as high as __________ a year.

Answer 65

$25,000

Question 66

Wen is performing a cost-benefit analysis (CBA). He needs to determine whether the organization should move workloads from the in-house data center to the cloud. The projected benefit is $50,000. The cost of the control is $1,500. What is the control value?

Answer 66

$48,500

Question 67

Tonya has been asked to research compliance and then provide a report to upper management. Management wants to know what the organization must do to comply with a regulation that protects the privacy of citizens in the European Union. Which of the following will Tonya research?

Answer 67

General Data Protection Regulation (GDPR)

Question 68

__________ is the biggest problem you can face if you do not identify the scope of your risk management project.

Answer 68

Scope creep

Question 69

MAO is sometimes referred to as:

Answer 69

MTPOD.

Question 70

Which of the following is not true of the WAN Domain of a typical IT infrastructure?

Answer 70

Internal-facing servers are configured in the demilitarized zone between two firewalls.

Question 71

A disaster recovery plan (DRP) simulation:

Answer 71

goes through the steps and procedures in a controlled manner.

Question 72

What is the difference between fault tolerance and disaster recovery?

Answer 72

Fault tolerance mitigates component failures, and disaster recovery restores operations after a major loss.

Question 73

Which type of alternate location is the hardest to test for disaster readiness?

Answer 73

Cold site

Question 74

Which of the following is the most important consideration of a disaster recovery plan (DRP)?

Answer 74

Protecting personnel

Question 75

What does the scope section of a disaster recovery plan (DRP) define?

Answer 75

What is and is not covered in the plan

Question 76

What key element is necessary for a disaster recovery plan (DRP) to succeed in a time of crisis?

Answer 76

Management support

Question 77

What communication elements are important to the success of a disaster recovery plan (DRP)?

Answer 77

Recall, users, customers, and a communication plan

Question 78

The recovery time objective (RTO) is derived from what value from the business impact analysis (BIA)?

Answer 78

Maximum acceptable outage (MAO)

Question 79

Which term is defined as the minimum level of services that are acceptable to an organization to meet its operational business needs?

Answer 79

Minimum business continuity objective (MBCO)

Question 80

What causes a disaster recovery plan (DRP) to be activated?

Answer 80

Realizing criteria specified in the DRP

Question 81

What is the primary purpose of a disaster recovery plan (DRP)?

Answer 81

To restore critical business processes or systems to operation

Question 82

Critical business functions (CBFs) support:

Answer 82

mission-critical operations.

Question 83

A redundant backup site is:

Answer 83

hosted by a third-party vendor.

Question 84

What is critical data?

Answer 84

Data that supports critical business functions (CBFs)

Question 85

Why should an organization regularly review and update its disaster recovery plan (DRP)?

Answer 85

To ensure the plan reflects changes to IT systems

Question 86

Disaster recovery procedures begin after ___________ and ___________.

Answer 86

activating the disaster recovery plan (DRP), assessing the damage

Question 87

What is the primary reason for testing a disaster recovery plan (DRP)?

Answer 87

To ensure it performs as expected

Question 88

___________ increases the availability of systems even when an isolated outage occurs, while ___________ provides the procedures to recover systems after a major failure.

Answer 88

Fault tolerance, disaster recovery

Question 89

Isabella is preparing to write a disaster recovery plan (DRP). What must she have before she proceeds with writing?

Answer 89

A clear idea of her primary concerns

Question 90

Wren is defining the scope for his organization's disaster recovery plan (DRP). What items should he consider?

Answer 90

Hardware, software, data, and connectivity

Question 91

True or False? Asymmetric encryption uses a public key and a private key.

Answer 91

True

Question 92

True or False? A backup plan is often included as part of a business continuity plan (BCP).

Answer 92

False

Question 93

True or False? Planned controls have been approved but not installed.

Answer 93

True

Question 94

True or False? Certificates in a public key infrastructure (PKI) are used for decoding encrypted data.

Answer 94

False

Question 95

True or False? Every control must meet all three primary objectives of controls: prevent, detect, and recover.

Answer 95

False

Question 96

True or False? The term "rules of behavior" refers to an acceptable use policy (AUP).

Answer 96

True

Question 97

True or False? True or False? The two primary terms related to recovery requirements are RTO and RPO.

Answer 97

True

Question 98

True or False? Starting with clear objectives is a best practice for performing a business impact analysis (BIA).

Answer 98

True

Question 99

True or False? Critical success factors (CSFs) include elements necessary to perform the mission of an organization.

Answer 99

True

Question 100

True or False? In regards to system recovery, RPO stands for recovery policy objective.

Answer 100

False

Question 101

True or False? In a small organization, a single person can be responsible for the planning, implementation, and execution of a business continuity plan (BCP).

Answer 101

False

Question 102

True or False? Regarding business continuity, recovery planning often takes the format of a business impact analysis (BIA).

Answer 102

False

Question 103

True or False? Scope creep can occur if the scope of a business continuity plan (BCP) is not defined.

Answer 103

True

Question 104

True or False? Criticality of operations identifies the order of importance of each of the seven domains of the typical IT infrastructure.

Answer 104

False

Question 105

True or False? The clear intent of a DRP should be mission-critical functions first and personnel next.

Answer 105

False

Question 106

True or False? A disaster recovery plan (DRP) starts by identifying critical assets.

Answer 106

False

Question 107

True or False? By addressing critical business functions (CBFs), disaster recovery plans (DRPs) help ensure that critical servers and services continue.

Answer 107

True

Question 108

True or False? A warm site is a compromise between a hot site and a cold site.

Answer 108

True

Question 109

True or False? Ensuring business impact analyses (BIAs) have been completed is a best practice when implementing a DRP.

Answer 109

True

Question 110

True or False? A cost-benefit analysis (CBA) helps determine if a countermeasure should be used.

Answer 110

True

Question 111

True or False? Planned countermeasures are the same as in-place countermeasures.

Answer 111

False

Question 112

True or False? Because you have scheduled everything when you completed the risk assessment, there is no need to update the plan of action and milestones (POAM) during risk mitigation planning.

Answer 112

False

Question 113

True or False? An implicit deny policy starts by allowing all traffic through a firewall.

Answer 113

False

Question 114

True or False? The maximum tolerable period of disruption (MTPOD) directly impacts the maximum acceptable outage (MAO) time.

Answer 114

False

Question 115

True or False? A service level agreement (SLA) often includes the minimum uptime or the maximum downtime of a service or system.

Answer 115

True

Question 116

True or False? How an organization starts its risk mitigation process depends entirely on upper management preference.

Answer 116

False

Question 117

True or False? Installing antivirus software is a primary protection implemented in the User Domain of a typical IT infrastructure.

Answer 117

False