Preparing for business continuity Flashcards

1
Q

An organization is not actively involved in business continuity planning. What is it likely to overlook until a disaster results in a major outage?

A. Data encryption
B. Single points of failure
C. Vulnerability scans
D. Penetration tests

A

B. Single points of failure are often overlooked until a disaster occurs. Business continuity planning helps an organization plan for disasters and continuity of operations but it does not include data encryption, vulnerability scans, or penetration tests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following provides fault tolerance through disk mirroring?

A. RAID-0
B. RAID-1
C. RAID-5
D. Clustering

A

B. RAID-1 uses two disks and is also known as disk mirroring. RAID-0 does not provide fault tolerance. RAID-5 uses three or more disks and is known as striping with parity. Clustering provides fault tolerance to servers, not disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An administrator is improving the availability of a server and needs to ensure that a hard drive failure does not result in the failure of the server. What will support this goal? (Choose all that apply.)

A. Hardware RAID-0
B. Hardware RAID-1
C. Software RAID-1
D. Software RAID-5

Gibson, Darril (2011-11-10). CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide (p. 340). . Kindle Edition.

A

B, C, D. RAID-1 and RAID-5 provide fault tolerance for disk subsystems and will increase availability. While hardware RAID is quicker than software RAID, both will provide fault tolerance. RAID-0 increases performance but it does not provide fault tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What can remove a server as a single point of failure?

A. RAID-1
B. Mirroring
C. Clustering
D. UPS 5.

A

C. Failover clustering removes a server as a single point of failure by including additional servers that can take over the service if the server fails. RAID-1 (also called mirroring) removes a drive (not a server) as a single point of failure. UPS provides fault tolerance for power failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Several servers in your server room are connected to an UPS. What does this provide?

A. Continuity of operations
B. Disaster recovery
C. Fault tolerance
D. Long term power if commercial power fails

A

C. An uninterrupted power supply (UPS) provides fault tolerance and allows the servers to continue to operate for a short period even if commercial power fails. Continuity of operations (COOP) focuses on restoring critical functions at an alternate site such as a hot, warm, or cold site. Disaster recovery restores systems after a recovery is not the same as fault tolerance. Generators (not UPS) provide long-term power if commercial power fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What helps ensure availability in the event of an extended power outage?

A. UPS
B. Failover clusters
C. RAID
D. Generators

A

D. Generators provide long-term power if commercial power fails. An uninterrupted power supply (UPS) provides fault tolerance for a short period. RAID increases availability for disk systems, and failover clusters remove servers as a single point of failure, but neither will help in an extended power outage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You need to implement a backup strategy that allows the fastest recovery of data. What provides the best solution?

A. A full backup daily
B. A full/ differential strategy
C. A full/ incremental strategy
D. A differential/ incremental strategy

A

A. The fastest strategy is a full backup every day of the week because a failure only requires restoring a single tape. A full/ differential strategy will reduce the time required to do backups after the full and would require only two tapes to restore. A full/ incremental strategy minimizes the time required to do backups but usually requires restoring more tapes, resulting in a longer recovery time. All backup strategies must include a full so a differential/ incremental strategy will not work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An organization regularly performs backups of critical systems. Where should it keep a copy of the backups for retention?

A. Off-site
B. With the backed up systems
C. On a mirrored drive of the backed up system D. On a cluster

A

A. A copy of backups should be kept in an off-site location for retention purposes. If the backups are kept with the backed up systems or on system drives, they can be destroyed if the system is destroyed, such as in a fire. A cluster provides fault tolerance for a server but the servers are commonly located in the same place.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An organization wants to verify that a tape backup can be restored in its entirety. What should it do?
A. Perform test restores of random files on the backup
B. Perform test restores of the full backup C. Copy the backup to the hot site
D. Copy the backup to the cold site

A

B. The only way to verify the entire tape can be restored is to restore the entire backup. Randomly restoring an individual file does not verify the entire backup tape. While an organization may store an off-site backup of tapes at a hot site, this won’t verify the tape. Cold sites would not have any systems or data, so backups would not be copied there.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Of the following choices, what identifies RPOs and RTOs?

A. Failover clusters
B. BIA
C. RAID
D. DRP

A

B. A business impact analysis (BIA) identifies the Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs). Failover clusters reduce the likelihood of a single point of failure when a server fails, and a Redundant Array of Independent Disks (RAID) increases availability for hard drives. A disaster recovery plan (DRP) helps an organization prepare for potential disasters and includes a hierarchical list of critical systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
An organization is creating a business continuity plan (BCP). What will identify business requirements used in the development of the plan?      
A. BIA      
B. RPO      
C. RTO      
D. HSM
A

A. A business impact analysis (BIA) identifies critical business functions and requirements and is created as part of the BCP. Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) are part of the BIA. A hardware security module (HSM) is a removable or external device that provides encryption services, but it does not identify security requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A business impact analysis (BIA) determined that a critical business function has a Recovery Time Objective (RTO) of an hour. What site will meet this objective?

A. Hot site
B. Cold site
C. Warm site
D. RTO site

A

A. A hot site includes all the elements to bring a critical function operational the quickest and will meet the RTO objective of ensuring a function is restored within an hour. A cold site takes the longest to restore. Because the RPO is one hour (sixty minutes), the site must be operational in fifty-nine minutes or less, and a warm site will take longer than this to become operational. The Recovery Time Objective (RTO) is related to the BIA, but there is no such thing as an RTO site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following continuity-of-operations solutions is the most expensive?

A. Hot site
B. Cold site
C. Warm site
D. Clustered site

A

A. A hot site includes all the elements to bring a critical function operational the quickest and will meet the RTO objective of ensuring a function is restored within an hour. A cold site takes the longest to restore. Because the RPO is one hour (sixty minutes), the site must be operational in fifty-nine minutes or less, and a warm site will take longer than this to become operational. The Recovery Time Objective (RTO) is related to the BIA, but there is no such thing as an RTO site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly