Topic 5: Risk analysis, disaster recovery (DR) and business continuity planning (BCP)

Question 1

Which of the statements below best describe Disaster Recovery?

A. returning to a position of full operation after an emergency.

B. maintaining business processes to some degree while in a state of emergency.

C. implementation of a remediation plan during a state of emergency.

D. operating backup systems during a state of emergency

Answer 1

A. returning to a position of full operation after an emergency.

Question 2

What is the primary focus of DR/BCP?

A. integrity.

B. confidentiality.

C. disclosure.

D. availability

Answer 2

D. availability

Question 3

What are the 3 risk control remedies?

A. reduction, assignment, acceptance.

B. reduction, acceptance, ignore.

C. acceptance, assessment, transference.

D. reduction, reuse, recycling

Answer 3

A. reduction, assignment, acceptance.

Question 4

A risk matrix is the same thing as a threat matrix.

This statement is:

A. True

B. False

Answer 4

A. True

Question 5

This type of analysis is scenario-driven and doesn’t attempt to assign numeric values to the components (assets and threats) of the risk analysis. What type of analysis is it?

A. quantitative.

B. qualitative.

C. speculative.

D. cumulative

Answer 5

B. qualitative.

Question 6

Which of the following RAID versions offers the least amount of performance degradation when a disk in the array fails?

A. RAID 0

B. RAID 1

C. RAID 4

D. RAID 5

Answer 6

B. RAID 1 is known as mirroring. If one drive fails, the other will still function and there will be no downtime and no degraded performance. All the rest of the answers are striping-based and therefore have either downtime or degraded performance associated with them. RAID 5 is the second best option because in many scenarios it will have zero downtime and little degraded performance. RAID 0 will not recover from a failure; it is not fault tolerant.

Question 7

Which of the following can facilitate a full recovery within minutes?

A. Warm site

B. Cold site

C. Reestablishing a mirror

D. Hot site

Answer 7

D. A hot site can facilitate a full recovery of communications software and equipment within minutes. Warm and cold sites cannot facilitate a full recovery but may have some of the options necessary to continue business. Reestablishing a mirror will not necessarily implement a full recovery of data communications or equipment.

Question 8

What device should be used to ensure that a server does not shut down when there is a power outage?

A. RAID 1 box

B. UPS

C. Redundant NIC

D. Hot site

Answer 8

B. A UPS (uninterruptible power supply) ensures that a computer will keep running even if a power outage occurs. The number of minutes the computer can continue in this fashion depends on the type of UPS and battery it contains. A backup generator can also be used, but it does not guarantee 100% uptime, because there might be a delay between when the power outage occurs and when the generator comes online. RAID 1 has to do with the fault tolerance of data. Redundant NICs (network interface cards, also known as network adapters) are used on servers in the case that one of them fails. Hot sites are completely different places that a company can inhabit. Although the hot site can be ready in minutes, and although it may have a mirror of the server in question, it does not ensure that the original server will not shut down during a power outage.

Question 9

Which of the following tape backup methods enables daily backups, weekly full backups, and monthly full backups?

A. Towers of Hanoi

B. Incremental

C. Grandfather-father-son

D. Differential

E. Snapshot

Answer 9

C. The grandfather-father-son (GFS) backup scheme generally uses daily backups (the son), weekly backups (the father), and monthly backups (the grandfather). The Towers of Hanoi is a more complex strategy based on a puzzle. Incremental backups are simply one-time backups that back up all data that has changed since the last incremental backup. These might be used as the son in a GFS scheme. Differential backups back up everything since the last full backup. A snapshot is a backup type, not a method; it is primarily designed to image systems.

Question 10

To prevent electrical damage to a computer and its peripherals, the computer should be connected to what?

A. Power strip

B. Power inverter

C. AC to DC converter

D. UPS

Answer 10

D. A UPS (uninterruptible power supply) protects computer equipment against surges, spikes, sags, brownouts, and blackouts. Power strips, unlike surge protectors, do not protect against surges.

Question 11

Which of the following would not be considered part of a disaster recovery plan?

A. Hot site

B. Patch management software

C. Backing up computers

D. Tape backup

Answer 11

B. Patching a system is part of the normal maintenance of a computer. In the case of a disaster to a particular computer, the computer’s OS and latest service pack would have to be reinstalled. The same would be true in the case of a disaster to a larger area, like the building. Hot sites, backing up computers, and tape backup are all components of a disaster recovery plan.

Question 12

Which of the following factors should you consider when evaluating assets to a company? (Select the two best answers.)

A. Their value to the company

B. Their replacement cost

C. Where they were purchased from

D. Their salvage value

Answer 12

A and B. When evaluating assets to a company, it is important to know the replacement cost of those assets and the value of the assets to the company. If the assets were lost or stolen, the salvage value is not important, and although you may want to know where the assets were purchased from, it is not one of the best answers.

Question 13

You are using the following backup scheme: A full backup is made every Friday night at 6 p.m., and differential backups are made every other night at 6 p.m. Your database server fails on a Thursday afternoon at 4 p.m. How many tapes will you need to restore the database server?

A. One

B. Two

C. Three

D. Four

Answer 13

B. You need two tapes to restore the database server—the full backup tape made on Friday and the differential backup tape made on the following Wednesday. Only the last differential tape is needed. When restoring the database server, the technician must remember to start with the full backup tape.

Question 14

Of the following, what is the worst place to store a backup tape?

A. Near a bundle of fiber-optic cables

B. Near a power line

C. Near a server

D. Near an LCD screen

Answer 14

B. Backup tapes should be kept away from power sources, including power lines, CRT monitors, speakers, and so on. And the admin should keep backup tapes away from sources that might emit EMI. LCD screens, servers, and fiber-optic cables have low EMI emissions.

Question 15

Critical equipment should always be able to get power. What is the correct order of devices that your critical equipment should draw power from?

A. Generator, line conditioner, UPS battery

B. Line conditioner, UPS battery, generator

C. Generator, UPS battery, line conditioner

D. Line conditioner, generator, UPS battery

Answer 15

B. The line conditioner is constantly serving critical equipment with clean power. It should be first and should always be on. The UPS battery should kick in only if there is a power outage. Finally, the generator should kick in only when the UPS battery is about to run out of power. Often, the line conditioner and UPS battery will be the same device. However, the line conditioner function will always be used, but the battery comes into play only when there is a power outage, or brownout.

Question 16

What is the best way to test the integrity of a company’s backed up data?

A. Conduct another backup

B. Use software to recover deleted files

C. Review written procedures

D. Restore part of the backup

Answer 16

D. The best way to test the integrity of backed up data is to restore part of that backup. Conducting another backup will tell you if the backup procedure is working properly, and if isn’t, after testing the integrity of the backup and after the restore, a person might need to use software to recover deleted files. It’s always important to review written procedures and amend them if need be.

Question 17

Your company has six web servers. You are implementing load balancing. What is this an example of?

A. UPS

B. Redundant servers

C. RAID

D. Warm site

Answer 17

B. Load balancing is a method used when you have redundant servers. In this case, the six web servers will serve data equally to users. The UPS is an uninterruptible power supply, and RAID is the redundant array of inexpensive disks. A warm site is a secondary site that a company can use if a disaster occurs; a warm site can be up and running within a few hours or a day.

Question 18

Your company has a fiber-optic connection to the Internet. Which of the following can enable your network to remain operational even if the fiber-optic line fails?

A. Redundant network adapters

B. RAID 5

C. Redundant ISP

D. UPS

Answer 18

C. A secondary ISP enables the network to remain operational and still gain Internet access even if the fiber-optic connection (or whatever connection) fails. This generally means that there will be a second ISP and a secondary physical connection to the Internet. Redundant network adapters are used on servers so that the server can have a higher percentage of uptime. RAID 5 is used for redundancy of data and spreads the data over three or more disks. A UPS is used in the case of a power outage.

Question 19

Which action should be taken to protect against a complete disaster in the case that a primary company’s site is permanently lost?

A. Back up all data to tape, and store those tapes at a sister site in another city.

B. Back up all data to tape, and store those tapes at a sister site across the street.

C. Back up all data to disk, and store the disk in a safe deposit box at the administrator’s home.

D. Back up all data to disk, and store the disk in a safe in the building’s basement.

Answer 19

A. In the case that a building’s primary site is lost, data should be backed up to tape stored at a sister site in another city. Storing information across the street might not be good enough, especially if the area has to be evacuated. Company information should never be stored at an employee’s home. And of course if the data were stored in the primary building’s basement and there were a complete disaster at the primary site, that data would also be lost.

Question 20

Of the following backup types, which describes the backup of files that have changed since the last full or incremental backup?

A. Incremental

B. Differential

C. Full

D. Copy

Answer 20

A. An incremental backup backs up only the files that have changed since the last incremental or full backup. Generally it is used as a daily backup. Differential backups are meant to be used to back up files that have changed since the last full backup. A full backup backs up all files in a particular folder or drive, depending on what has been selected; this is regardless of any previous differential or incremental backups. Copies of data can be made, but they will not affect backup rotations that include incremental, differential, and full backups. Technically, this question could be answered “Incremental” or “Differential,” but “Incremental” is the accepted (and therefore best) answer. The CompTIA objectives expect a person to understand that an incremental backup will back up anything that was created/changed since the last incremental backup, or the last full backup if that was the last one completed.

Question 21

Michael’s company has a single web server that is connected to three other distribution servers. What is the greatest risk involved in this scenario?

A. Fraggle attack

B. Single point of failure

C. Denial-of-service attack

D. Man-in-the-middle attack

Answer 21

B. The greatest risk involved in this scenario is that the single web server is a single point of failure regardless that it is connected to three other distribution servers. If the web server goes down or is compromised, no one can access the company’s website. A Fraggle is a type of denial-of-service attack. Although denial-of-service attacks are a risk to web servers, they are not the greatest risk in this particular scenario. A company should implement as much redundancy as possible.

Question 22

Which of the following defines a business goal for system restoration and acceptable data loss?

A. RPO

B. Warm site

C. MTBF

D. MTTR

Answer 22

A. An RPO (recovery point objective) defines acceptable data loss. A warm site is a secondary site that will have computers and phones ready for users, but data and services need to be configured and loaded before work can commence. MTBF is the mean time between failure, which defines the average number of failures per million hours, and is usually a number derived from multiple customers of a product. MTTR is the mean time to repair. Both of these are more similar to RTO as opposed to RPO.

Question 23

Which of the following uses multiple computers to share work?

A. RAID

B. VPN concentrator

C. Load balancing

D. Switching

Answer 23

C. Load balancing uses multiple computers to share work, for example, in a load-balancing cluster configuration. RAID uses multiple hard drives to increase speed or create fault tolerance. VPN concentrators allow for remote access of multiple employees over the Internet. Switching (in its simplest form) is the moving of data across the LAN.

Question 24

You have been tasked with increasing the level of server fault tolerance, but you have been given no budget to perform the task. Which of the following should you implement to ensure that servers’ data can withstand hardware failure?

A. RAID

B. Hardware load balancing

C. A cold site

D. Towers of Hanoi

Answer 24

A. RAID should be employed; specifically a fault-tolerant version of RAID (1, 5, 6, and so on). This will ensure that data will still be accessible if one drive fails. Load balancing uses multiple computers to share the load of processing data—often in the form of CPU and RAM collectives—but it does not ensure that data will be accessible in the case of a failure. A cold site is not fault tolerant because it takes at least a day or two to get it up and running. Towers of Hanoi is a tape backup schedule, and as such is not fault tolerant either.

Question 25

Which of the following provides for the best application availability and can be easily expanded as an organization’s demand grows?

A. RAID 6

B. Server virtualization

C. Multi-CPU motherboards

D. Load balancing

Answer 25

D. Load balancing is the best option for application availability and expansion. You can cluster multiple servers together to make a more powerful supercomputer of sorts—one that can handle more and more simultaneous access requests. RAID 6 is meant more for data files, not applications. It may or may not be expandable depending on the system used. Multi-CPU motherboards are used in servers and power workstations, but are internal to one system. The CPUs are indeed used together, but will not help with expandability, unless used in a load-balancing scenario.