Business Continuity and Disaster Recovery Planning

11/12/2016 techbus.safaribooksonline.com/print?
xmlid=9781118105948%2Ftraditional_questions_answers0024
Username:AdityaMishraBook:CISSPPractice:2,250Questions,Answers,andExplanationsforPassingtheTest.Nopartofanychapterorbookmaybe
reproducedortransmittedinanyformbyanymeanswithoutthepriorwrittenpermissionforreprintsandexcerptsfromthepublisherofthebookorchapter.
RedistributionorotherusethatviolatesthefairuseprivilegeunderU.S.copyrightlaws(see17USC107)orthatotherwiseviolatestheseTermsofServiceis
strictlyprohibited.ViolatorswillbeprosecutedtothefullextentofU.S.FederalandMassachusettslaws.
TRADITIONALQUESTIONS,ANSWERS,ANDEXPLANATIONS
1.Whichofthefollowinginformationtechnology(IT)contingencysolutionforserversminimizestherecoverytimewindow?
a.Electronicvaulting
b.Remotejournaling
c.Loadbalancing
d.Diskreplication
1.d.Withdiskreplication,recoverywindowsareminimizedbecausedataiswrittentotwodifferentdiskstoensurethattwovalidcopiesofthedataarealways
available.Thetwodisksarecalledtheprotectedserver(themainserver)andthereplicatingserver(thebackupserver).Electronicvaultingandremotejournalingare
similartechnologiesthatprovideadditionaldatabackupcapabilities,withbackupsmadetoremotetapeordiskdrivesovercommunicationlinks.Loadbalancing
increasesserverandapplicationsystemavailability.
2.WhichofthefollowingITcontingencysolutionsforserversprovideshighavailability?
a.Networkattachedstorage
b.Systembackups
c.Redundantarrayofindependentdisks
d.Electronicvaulting
2.a.Virtualizationnetworkattachedstorage(NAS)orstorageareanetwork(SAN)providehighavailabilitybecauseitcombinesmultiplephysicalstoragedevices
intoalogical,virtualstoragedevicethatcanbecentrallymanaged.Systembackupsprovidelowavailability.Aredundantarrayofindependentdisksandelectronic
vaultingprovideavailabilitylevelsbetweenhighandlow.
3.Regardingcontingencyplanning,whichofthefollowingITplatformsrequiresvendorservicelevelagreements?
a.Desktopcomputers
b.Servers
c.Distributedsystems
d.Wideareanetworks
3.d. A widearea network (WAN) is a data communications network that consists of two or more localarea networks (LANs) that are dispersed over a wide
geographicalarea.WANcommunicationlinks,usuallyprovidedbyapubliccarrier,enableoneLANtointeractwithotherLANs.Servicelevelagreements(SLAs)can
facilitatepromptrecoveryfollowingsoftwareorhardwareproblemsassociatedwiththenetwork.AnSLAalsomaybedevelopedwiththenetworkserviceprovider
(NSP) or the Internet service provider (ISP) to guarantee the desired network availability and establish tariffs if the vendor's network is unavailable. Desktop
computers,servers,anddistributedsystemarenotascomplicatedasWANsrequiringSLAs.
4.Regardingbusinesscontinuityplanning(BCP)anddisasterrecoveryplanning(DRP),whichofthefollowingcontingencysolutionsfor
wideareanetworks(WANs)increasesvulnerabilitytohackers?
a.Redundantcommunicationlinks
b.Multiplenetworkserviceproviders
c.MultipleInternetconnections
d.Redundantnetworkconnectingdevices
4.c.ItistruethatmultipleInternetconnectionsincreaseanetwork'svulnerabilitytohackers.Butatthesametime,multipleInternetconnectionsprovideredundancy,
meaningthatifoneconnectionweretofail,Internettrafficcouldberoutedthroughtheremainingconnection.So,thereisatradeoffbetweensecurityandavailability.
Theotherthreechoicesarenotvulnerabletohackers.RedundantcommunicationlinkscanincludetwoT1connectionsorthebackuplink.Multiplenetworkservice
providers(NSPs)andtheInternetserviceproviders(ISPs)providingarobustandreliableservicefromtheircorenetworks.Redundantnetworkconnectingdevices
suchasrouters,switches,andfirewallscancreatehighavailability.
5.RegardingBCPandDRP,whichofthefollowingITplatformstypicallyprovidesomeinherentlevelofredundancy?
a.Mainframesystems
b.Distributedsystems
http://techbus.safaribooksonline.com/print?xmlid=9781118105948%2Ftraditional_questions_answers0024 1/25
11/12/2016 techbus.safaribooksonline.com/print?xmlid=9781118105948%2Ftraditional_questions_answers0024
c.Desktopcomputers
d.Websites
5.b.Distributedsystemsusetheclientserverrelationshipmodeltomaketheapplicationmoreaccessibletousersindifferentlocations,andtheyrelyextensivelyon
LANandWANconnectivity.Becausealldataresidesatacompany'sheadquarterslocationandisreplicatedtothelocalsites,thedistributedsystemprovidessome
inherentlevelofredundancy.Theotherthreechoicescannotprovidethatkindofredundancy.
6.WhichofthefollowingITcontingencysolutionsprovidesrecoverytimeobjectives(RTOs)rangingfromminutestoseveralhours?
a.Synchronousmirroring
b.Asynchronousshadowing
c.Singlelocationdiskreplication
d.Multiplelocationdiskreplication
6.a.Diskreplicationcanbeimplementedlocallyorbetweendifferentlocations.Diskreplicationtechniquesareclassifiedassynchronousorasynchronous.With
synchronousmirroring,therecoverytimeobjectives(RTOs)canbeminutestoseveralhours(forshortertimeperiods),andhenceshouldbeusedforapplicationsthat
canacceptlittleornodataloss.Withasynchronousshadowing,theRTOcanrangefromseveralhourstoaday(forlongertimeperiods),dependingonthetimethatis
requiredtoimplementthechangesintheunappliedlogs.Diskreplicationinvolvestwodifferentdiskstoensurethattwovalidcopiesofthedataarealwaysavailable.
7.TheIToperationsmanagementofKPQCorporationisconcernedaboutthereliabilityandavailabilitydataforitsfourmajor,missioncritical
informationsystemsthatareusedbybusinessendusers.TheKPQcorporatemanagement'sgoalistoimprovethereliabilityand
availabilityofthesefoursystemsinordertoincreasecustomersatisfactionbothinternallyandexternally.TheIToperationsmanagement
collectedthefollowingdataondowntimehoursthatincludescheduledmaintenancehoursanduptimehoursforallthesesystems.Assume
365operatingdaysperyearand24hoursperdayforallthesesystems.TheKPQfunctionalmanagementthinksthatthesecuritygoalof
availabilityismoreimportantinensuringthecontinuityofbusinessoperationsthantheconfidentialityandintegritygoals.Thisisbecause
theavailabilitygoalwillensuretimelyandreliableaccesstoanduseofsystemrelateddataandinformation,asitisanindicatorofquantity
ofservice.
Whichofthefollowingsystemshasthehighestavailabilityinayearexpressedinpercentagesandroundedup?
a.System1
b.System2
c.System3
d.System4
7.d.System4hasthehighestavailabilitypercentage.Theoreticallyspeaking,thelowerthedowntimeforasystem,thehighertheavailabilityofthatsystem,and
higherthereliabilityofthatsystem,andviceversa.Infact,thisquestiondoesnotrequireanycalculationstoperformbecauseonecanfindoutthecorrectanswerjust
bylookingatthedowntimeanduptimedatagiveninthatthelowerthedowntimehours,thehighertheuptimehours,andthehighertheavailabilityofthesystem,
andviceversa.
CalculationsforSystem1areshownbelowandcalculationsforothersystemsfollowtheSystem1calculations.
AvailabilityforSystem1=[Uptime/(Uptime+Downtime)]100=[(8,560/8,760)]100=97.7%
ReliabilityforSystem1=[1(Downtime/Downtime+Uptime)]100=[1(200/8,760)]100=97.7%
Check:ReliabilityforSystem1=100(100Availabilitypercent)=100(10097.7)=97.7%
Thisgoestosaythattheavailabilityandreliabilitygoalsareintrinsicallyrelatedtoeachother,wheretheformerisacomponentofthelatter.
8.RegardingBCPandDRP,redundantarrayofindependentdisk(RAID)doesnotdowhichofthefollowing?
a.Providediskredundancy
b.Providepowerredundancy
c.Decreasemeantimebetweenfailures
d.Providefaulttolerancefordatastorage
8.b.Redundantarrayofindependentdisk(RAID)doesnotprovidepowerredundancyandshouldbeacquiredthroughanuninterruptiblepowersupplysystem.
However,RAIDprovidestheotherthreechoices.
9.Redundantarrayofindependentdisk(RAID)technologydoesnotusewhichofthefollowing?
b.Mirroring
c.Parity
d.Striping
9.a.Redundantarrayofindependentdisk(RAID)technologyusesthreedataredundancytechniquessuchasmirroring,parity,andstriping,notelectronicvaulting.
Electronicvaultingislocatedoffsite,whereasRAIDisplacedatlocalserverswheretheformermayusethelatter.
10.RegardingBCPandDRP,theboardofdirectorsofanorganizationisnotrequiredtofollowwhichofthefollowing?
a.Dutyofduecare
b.Dutyofabsolutecare
c.Dutyofloyalty
d.Dutyofobedience
10.b.Dutyofabsolutecareisnotneededbecausereasonableandnormalcareisexpectedoftheboardofdirectorsbecausenoonecananticipateorprotectfromall
disasters.However,thedirectorsneedtofollowtheotherthreedutiesofduecare,loyalty,andobedience.
11. Whichofthefollowingtasksisnotapartofbusinesscontinuityplan(BCP)?
a.Projectscoping
b.Impactassessment
c.Disasterrecoveryprocedures
d.Disasterrecoverystrategies
11.c.Tasksaredifferentbetweenabusinesscontinuityplan(BCP)anddisasterrecoveryplanning(DRP)becauseoftimingofthosetasks.Forexample,disaster
recoveryprocedurescomeintoplayonlyduringdisaster,whichisapartofDRP.
12.Whichofthefollowingtasksisnotapartofdisasterrecoveryplanning(DRP)?
a.Restorationprocedures
b.Procuringtheneededequipment
c.Relocatingtoaprimaryprocessingsite
d.Selectinganalternateprocessingsite
12.d.Tasksaredifferentbetweenbusinesscontinuityplan(BCP)anddisasterrecoveryplanning(DRP)becauseoftimingofthosetasks.Forexample,selectingan
alternativeprocessingsiteshouldbeplannedoutpriortoadisaster,whichisapartofaBCP.TheotherthreechoicesareapartofDRP.NotethatDRPisassociated
withdataprocessingandBCPreferstoactionsthatkeepthebusinessrunningintheeventofadisruption,evenifitiswithpencilandpaper.
13.RegardingBCPandDRP,criticalmeasurementsinbusinessimpactanalysis(BIA)includewhichofthefollowing?
a.Generalsupportsystemobjectives
b.Majorapplicationsystemobjectives
c.Recoverytimeobjectivesandrecoverypointobjectives
d.Uninterruptiblepowersupplysystemobjectives
13.c.Twocriticalmeasurementsinbusinessimpactanalysis(BIA)includerecoverytimeobjectives(RTOs)andrecoverypointobjectives(RPOs).Usually,systems
areclassifiedasgeneralsupportsystems(forexample,networks,servers,computers,gateways,andprograms)andmajorapplicationsystems(forexample,billing,
payroll,inventory,andpersonnelsystem).Uninterruptiblepowersupply(UPS)systemisanauxiliarysystemsupportinggeneralsystemsandapplicationsystems.
Regardlessofthenatureandtypeofasystem,theyallneedtofulfilltheRTOsandRPOstodeterminetheirimpactonbusinessoperations.
14.RegardingBCPandDRP,whichofthefollowingestablishesaninformationsystem'srecoverytimeobjective(RTO)?
a.Costofsysteminoperabilityandthecostofresources
b.Maximumallowableoutagetimeandthecosttorecover
c.Costofdisruptionandthecosttorecover
d.Costofimpactandthecostofresources
14.b.Thebalancingpointbetweenthemaximumallowableoutage(MAO)andthecosttorecoverestablishesaninformationsystem'srecoverytimeobjective(RTO).
RecoverystrategiesmustbecreatedtomeettheRTO.Themaximumallowableoutageisalsocalledmaximumtolerabledowntime(MTD).Theotherthreechoicesare
incorrectbecausetheydonotdealwithtimeandcostdimensionstogether.
15.RegardingBCPandDRP,whichofthefollowingdeterminestherecoverycostbalancing?
a.Costofsysteminoperabilityandthecostofresourcestorecover
b.Maximumallowableoutageandthecosttorecover
c.Costofdisruptionandthecosttorecover
d.Costofimpactandthecostofresources
15.a.ItisimportanttodeterminetheoptimumpointtorecoveranITsystembybalancingthecostofsysteminoperabilityagainstthecostofresourcesrequiredfor
restoringthesystem.Thisiscalledrecoverycostbalancing,whichindicateshowlonganorganizationcanaffordtoallowthesystemtobedisruptedorunavailable.
Theotherthreechoicesareincorrectbecausetheydonotdealwiththerecoverycostbalancingprinciple.
16.Regardingcontingencyplanning,whichofthefollowingactionsareperformedwhenmaliciousattackscompromisetheconfidentialityor
integrityofaninformationsystem?
1.Gracefuldegradation
2.Systemshutdown
3.Fallbacktomanualmode
4.Alternateinformationflows
a.1and2
b.2and3
c.3and4
d.1,2,3,and4
16. d. The actions to perform during malicious attacks compromise the confidentiality or integrity of the information system include graceful degradation,
informationsystemshutdown,fallbacktoamanualmode,alternativeinformationflows,oroperatinginamodethatisreservedsolelyforwhenthesystemisunder
attack.
17.Intransactionbasedsystems,whichofthefollowingaremechanismssupportingtransactionrecovery?
1.Transactionrollback
2.Transactionjournaling
3.Routertables
4.Compilers
a.1only
b.1and2
c.3and4
d.1,2,3,and4
17.b.Transactionrollbackandtransactionjournalingareexamplesofmechanismssupportingtransactionrecovery.Routersuseroutertablesforroutingmessagesand
packets. A compiler is software used to translate a computer program written in a highlevel programming language (source code) into a machine language for
execution.Bothroutertablesandcompilersdonotsupporttransactionrecovery.
18.Regardingcontingencyplanning,whichofthefollowingissusceptibletopotentialaccessibilityproblemsintheeventofanareawide
disaster?
1.Alternativestoragesite
2.Alternativeprocessingsite
3.Alternativetelecommunicationsservices
4.Remoteredundantsecondarysystems
a.1and2
b.2and3
c.3only
d.1and4
18.a. Both alternative storage site and alternative processing site are susceptible to potential accessibility problems in the event of an areawide disruption or
disaster. Explicit mitigation actions are needed to handle this problem. Telecommunication services (ISPs and network service providers) and remote redundant
secondarysystemsarelocatedfarawayfromthelocalarea,hencenotsusceptibletopotentialaccessibilityproblems.
19.Whichofthefollowingensuresthesuccessfulcompletionoftasksinthedevelopmentofbusinesscontinuityanddisasterrecoveryplans?
a.Definingindividualroles
b.Definingoperationalactivities
c.Assigningindividualresponsibility
d.Exactingindividualaccountability
19.d.Itisimportanttoensurethatindividualsresponsibleforthevariousbusinesscontinuityandcontingencyplanningactivitiesareheldaccountableforthe
successfulcompletionofindividualtasksandthatthecorebusinessprocessownersareresponsibleandaccountableformeetingthemilestonesforthedevelopment
andtestingofcontingencyplansfortheircorebusinessprocesses.
20.Regardingcontingencyplanning,strategicreasonsforseparatingthealternativestoragesitefromtheprimarystoragesiteinclude
ensuring:
1.Bothsitesarenotsusceptibletothesamehazards.
2.Bothsitesarenotcolocatedinthesamearea.
3.Bothsitesdonothavethesamerecoverytimeobjectives.
4.Bothsitesdonothavethesamerecoverypointobjectives.
a.1and2
b.1,2,and3
c.1,2,and4
d.1,2,3,and4
20.a.Itisimportanttoensurethatbothsites(i.e.,alternativestoragesiteandprimarystoragesite)arenotsusceptibletothesamehazards,arenotcolocatedinthe
samearea,havethesamerecoverytimeobjectives(RTOs),andhavethesamerecoverypointobjectives(RPOs).
21.RegardingBCPandDRP,ifMAOismaximumallowableoutage,BIAisbusinessimpactanalysis,RTOisrecoverytimeobjective,MTBFis
meantimebetweenfailures,RPOisrecoverypointobjective,MTTRismeantimetorepair,andUPSisuninterruptiblepowersupply,which
oneofthefollowingisrelatedtoandcompatiblewitheachotherwithinthesamechoice?
a.MAO,BIA,RTO,andMTBF
b.BIA,RTO,RPO,andMAO
c.MAO,MTTR,RPO,andUPS
d.MAO,MTBF,MTTR,andUPS
21.b. A business impact analysis (BIA) is conducted by identifying a system's critical resources. Two critical resource measures in BIA include recovery time
objective(RTO)andrecoverypointobjective(RPO).TheimpactinBIAisexpressedintermsofmaximumallowableoutage(MAO).Hence,BIA,RTO,RPO,and
MAOarerelatedtoandcompatiblewitheachother.MTBFismeantimebetweenfailures,MTTRismeantimetorepair,andUPSisuninterruptiblepowersupply,and
theyhavenorelationtoBIA,RTO,RPO,andMAObecauseMAOdealswithmaximumtime,whereasMTTFandMTTRdealswithmeantime(i.e.,averagetime).
22.Regardingcontingencyplanning,systemlevelinformationbackupsdonotrequirewhichofthefollowingtoprotecttheirintegritywhilein
storage?
a.Passwords
b.Digitalsignatures
c.Encryption
d.Cryptographichashes
22.a.Backupsareperformedattheuserlevelandsystemlevelwherethelattercontainsanoperatingsystem,applicationsoftware,andsoftwarelicenses.Onlyuser
levelinformationbackupsrequirepasswords.Systemlevelinformationbackupsrequirecontrolssuchasdigitalsignatures,encryption,andcryptographichashesto
protecttheirintegrity.
23.Whichofthefollowingisanoperationalcontrolandisaprerequisitetodevelopingadisasterrecoveryplan?
a.Systembackups
b.Businessimpactanalysis
c.Costbenefitanalysis
d.Riskanalysis
23.a.Systembackupsprovidethenecessarydatafilesandprogramstorecoverfromadisasterandtoreconstructadatabasefromthepointoffailure.Systembackups
areoperationalcontrols,whereastheitemsmentionedintheotherchoicescomeundermanagementcontrolsandanalyticalinnature.
24.Whichofthefollowingisacriticalbenefitofimplementinganelectronicvaultingprogram?
a.Itsupportsunattendedcomputercenteroperationsorautomation.
b.Duringacrisissituation,anelectronicvaultcanmakethedifferencebetweenanorganization'ssurvivalandfailure.
c.Itreducesrequiredbackupstoragespace.
d.Itprovidesfasterstoragedataretrieval.
24.b.Forsomeorganizations,timebecomesmoney.Increasedsystemreliabilityimprovesthelikelihoodthatalltheinformationrequiredisavailableattheelectronic
vault.Ifdatacanberetrievedimmediatelyfromtheoffsitestorage,lessisrequiredinthecomputercenter.Itreducesretrievaltimefromhourstominutes.Because
electronicvaultingeliminatestapes,whichareahindrancetoautomatedoperations,electronicvaultingsupportsautomation.
25.Regardingcontingencyplanning,informationsystembackupsrequirewhichofthefollowing?
1.Boththeprimarystoragesiteandalternativestoragesitedonotneedtobesusceptibletothesamehazards.
2.Bothoperationalsystemandredundantsecondarysystemdonotneedtobecolocatedinthesamearea.
3.Bothprimarystoragesiteandalternativestoragesitedonotneedtohavethesamerecoverytimeobjectives.
4.Bothoperationalsystemandredundantsecondarysystemdonotneedtohavethesamerecoverypointobjectives.
a.1and2
b.1,2,and3
c.1,2,and4
d.1,2,3,and4
25.a.Systembackupinformationcanbetransferredtothealternativestoragesite,andthesamebackupcanbemaintainedataredundantsecondarysystem,not
colocatedwiththeoperationalsystem.Bothsitesandbothsystemsmusthavethesamerecoverytimeobjectives(RTOs)andsamerecoverypointobjectives(RPOs).
Thisarrangementcanbeactivatedwithoutlossofinformationordisruptiontotheoperation.
26.Disasterrecoverystrategiesmustconsideroraddresswhichofthefollowing?
1.Recoverytimeobjective
2.Disruptionimpacts
3.Allowableoutagetimes
4.Interdependentsystems
a.Ionly
b.1and2
c.1,2,and3
d.1,2,3,and4
26.d.Adisasterrecoverystrategymustbeinplacetorecoverandrestoredataandsystemoperationswithintherecoverytimeobjective(RTO)period.Thestrategies
shouldaddressdisruptionimpactsandallowableoutagetimesidentifiedinthebusinessimpactanalysis(BIA).Thechosenstrategymustalsobecoordinatedwith
theITcontingencyplansofinterdependentsystems.Severalalternativesshouldbeconsideredwhendevelopingthestrategy,includingcost,allowableoutagetimes,
security,andintegrationintoorganizationlevelcontingencyplans.
27.Thefinalconsiderationinthedisasterrecoverystrategymustbewhichofthefollowing?
a.Criticalityofdataandsystems
b.Availabilityofdataandsystems
c.Finalcostsandbenefits
d.Recoverytimeobjectiverequirements
27.c.Thefinalconsiderationinthedisasterrecoverystrategymustbefinalcostsandbenefitsalthough,costandbenefitdataisconsideredinitially.Noprudent
managerorexecutivewouldwanttospendtendollarstoobtainaonedollarbenefit.Whencostsexceedbenefits,somemanagersaccepttheriskandsomedonot.Note
thatitisahumantendencytounderstatecostsandoverstatebenefits.Someexamplesofcostsincludelossofincomefromlossofsales,costofnotmeetinglegaland
regulatoryrequirements,costofnotmeetingcontractualandfinancialobligations,andcostoflossofreputation.Someexamplesofbenefitsincludeassuranceof
continuity of business operations, ability to make sales and profits, providing gainful employment, and satisfying internal and external customers and other
stakeholders.
Therecoverystrategymustmeetcriticalityandavailabilityofdataandsystemsandrecoverytimeobjective(RTO)requirementswhileremainingwithinthecostand
benefitguidelines.
28.RegardingBCPandDRP,whichofthefollowingdoesnotpreventpotentialdataloss?
a.Diskmirroring
b.Offsitestorageofbackupmedia
c.Redundantarrayofindependentdisk
d.Loadbalancing
28.b.Althoughoffsitestorageofbackupmediaenablesacomputersystemtoberecovered,dataaddedtoormodifiedontheserversincethepreviousbackupcouldbe
lost during a disruption or disaster. To avoid this potential data loss, a backup strategy may need to be complemented by redundancy solutions, such as disk
mirroring,redundantarrayofindependentdisk(RAID),andloadbalancing.
29.Whichofthefollowingisanexampleofarecoverytimeobjective(RTO)forapayrollsystemidentifiedinabusinessimpactanalysis(BIA)
document?
a.TimeandattendancereportingmayrequiretheuseofaLANserverandotherresources.
b.LANdisruptionfor8hoursmaycreateadelayintimesheetprocessing.
c.TheLANservermustberecoveredwithin8hourstoavoidadelayintimesheetprocessing.
d.TheLANservermustberecoveredfullytodistributepayrollchecksonFridaytoallemployees.
29.c.TheLANservermustberecoveredwithin8hourstoavoidadelayintimesheetprocessingisanexampleofBIA'srecoverytimeobjective(RTO).Timeand
attendancereportingmayrequiretheuseofaLANserverandotherresourcesisanexampleofBIA'scriticalresource.LANdisruptionfor8hoursmaycreateadelay
intimesheetprocessingisanexampleofBIA'sresourceimpact.TheLANservermustberecoveredfullytodistributepayrollchecksonFridaytoallemployeesis
anexampleofBIA'srecoverypointobjective(RPO).
30.Whichofthefollowingarecloselyconnectedtoeachotherwhenconductingbusinessimpactanalysis(BIA)asapartoftheITcontingency
planningprocess?
1.System'scomponents
2.System'sinterdependencies
3.System'scriticalresources
4.System'sdowntimeimpacts
a.1and2
b.2and3
c.3and4
d.1,2,3,and4
30.c.Abusinessimpactanalysis(BIA)isacriticalsteptounderstandingtheinformationsystemcomponents,interdependencies,andpotentialdowntimeimpact.
ContingencyplanstrategyandproceduresshouldbedesignedinconsiderationoftheresultsoftheBIA.ABIAisconductedbyidentifyingthesystem'scritical
resources.Eachcriticalresourceisthenfurtherexaminedtodeterminehowlongfunctionalityoftheresourcecouldbewithheldfromtheinformationsystembeforean
unacceptableimpactisexperienced.Therefore,system'scriticalresourcesandsystem'sdowntimeimpactsarecloselyrelatedtoeachotherthantheotheritems.
31.Businesscontinuityplans(BCP)needperiodicauditstoensuretheaccuracy,currency,completeness,applicability,andusefulnessofsuch
plansinordertoproperlyrunbusinessoperations.Whichoneofthefollowingitemsisaprerequisitetotheotherthreeitems?
a.Internalaudits
b.Selfassessments
c.Externalaudits
d.Thirdpartyaudits
31.b. Selfassessments are proactive exercises and are a prerequisite to other types of audits. Selfassessments are in the form of questionnaires and usually a
company'semployees(forexample,supervisorsormangers)conducttheseselfassessmentstocollectanswersfromfunctionalmanagementandITmanagementon
variousbusinessoperations.Iftheseselfassessmentsareconductedwithhonestyandintegrity,theycanbeeyeopeningexercisesbecausetheirresultsmaynotbethe
sameasexpectedbythecompanymanagement.Thepurposeofselfassessmentsistoidentifystrengthsandweaknessessoweaknessescanbecorrectedandstrengths
canbeimproved.
Inaddition,selfassessmentsmakeanorganizationreadyandpreparedfortheotherauditssuchasinternalauditsbycorporateinternalauditors,externalauditsby
publicaccountingfirms,andthirdpartyauditsbyregulatorycomplianceauditors,insuranceindustryauditors,andothers.Infact,overallauditcostscanbereducedif
theseauditorscanrelyontheresultsofselfassessments,anditcanhappenonlywhentheseassessmentsaredoneinanobjectiveandunbiasedmanner.Thisis
becauseauditorsdonotneedtorepeattheseassessmentswithfunctionalandITmanagement,thussavingtheiraudittime,resultinginreductioninauditcosts.
However,auditorswillconducttheirownindependentteststovalidatetheanswersgivenintheassessments.Theauditprocessvalidatescompliancewithdisaster
recovery standards, reviews recovery problems and solutions, verifies the appropriateness of recovery test exercises, and reviews the criteria for updating and
maintainingaBCP.
Here,themajorpointisthatselfassessmentsshouldbeperformedinanindependentandobjectivemannerwithoutthecompanymanagement'sundueinfluenceon
theresults.Anotherproactivethinkingissharingtheseselfassessmentswithauditorsearliertogettheirapprovalpriortoactuallyusingtheminthecompanyto
ensurethatrightquestionsareaskedandrightareasareaddressed.
32.Acompany'svitalrecordsprogrammustmeetwhichofthefollowing?
1.Legal,audit,andregulatoryrequirements
2.Accountingrequirements
3.Marketingrequirements
4.Humanresourcesrequirements
a.1only
b.1and2
c.1,3,and4
d.1,2,3,and4
32.d.Vitalrecordssupportthecontinuityofbusinessoperationsandpresentthenecessarylegalevidenceinacourtoflaw.Vitalrecordsshouldberetainedtomeet
the requirements of functional departments of a company (for example, accounting, marketing, production, and human resources) to run daytoday business
operations(currentandfuture).Inaddition,companiesthatareheavilyregulated(forexample,bankingandinsurance)requirecertainvitalrecordstoberetainedfora
specified amount of time. Also, internal auditors, external auditors, and thirdparty auditors (for example, regulatory auditors and banking/insurance industry
auditors)requirecertainvitalrecordstoberetainedtosupporttheirauditwork.Periodically,theseauditorsreviewcompliancewiththerecordretentionrequirements
eitherasaseparateauditorasapartoftheirscheduledaudit.Moreover,vitalrecordsareneededduringrecoveryfromadisaster.Inotherwords,vitalrecordsareso
vitalforthelongrunsuccessofacompany.
First,acompanymanagementwiththecoordinationofcorporatelegalcounselmusttakeaninventoryofallrecordsusedinacompany,classifywhatrecordsarevital,
andidentifywhatvitalrecordssupportthecontinuityofbusinessoperations,legalevidence,disasterrecoverywork,andauditworkknowingthatnotallrecordsand
documentsthatacompanyhandleseverydayarevitalrecords.
Somerecordsareonpapermediawhileotherrecordsareonelectronicmedia.Anoutcomeofinventoryingandclassifyingrecordsisdevelopingalistofrecord
retentionshowingeachdocumentwithitsretentionrequirementsintermsofyears.Then,asystematicmethodisneededtopreserveandstorethesevitalrecords
onsiteandoffsitewithrotationproceduresbetweentheonsiteandoffsitelocations.
Corporatelegalcounselplaysanimportantroleindefiningretentionrequirementsforbothbusiness(common)recordsandlegalrecords.ITmanagementplaysa
similarroleinbackingup,archiving,andrestoringtheelectronicrecordsforfutureretrievalanduse.Thegoalistoensurethatthecurrentversionofthevitalrecords
isavailableandthatoutdatedbackupcopiesaredeletedordestroyedinatimelymanner.
Examplesofvitalrecordsfollow:
Legalrecords:Generalcontractsexecutiveemploymentcontractsbankloandocumentsbusinessagreementswiththirdparties,partners,
andjointventuresandregulatorycomplianceformsandreports.
Accounting/financerecords:Payroll,accountspayable,andaccountsreceivablerecordscustomerinvoicestaxrecordsandyearly
financialstatements.
Marketingrecords:Marketingplanssalescontractswithcustomersanddistributorscustomersalesordersandproductshipment
documents.
Humanresourcesrecords:Employmentapplicationandtestscores,andemployeeperformanceappraisalforms.
33.ITresourcecriticalityforrecoveryandrestorationisdeterminedthroughwhichofthefollowingways?
1.Standardoperatingprocedures
2.Eventsandincidents
3.Businesscontinuityplanning
4.Servicelevelagreements
a.1and2
b.2and3
c.3and4
d.1,2,3,and4
33.c.OrganizationsdetermineITresourcecriticality(forexample,firewallsandWebservers)throughtheirbusinesscontinuityplanningeffortsortheirservicelevel
agreements(SLAs),whichdocumentactionsandmaximumresponsetimesandstatethemaximumtimeforrestoringeachkeyresource.Standardoperatingprocedures
(SOPs)areadelineationofthespecificprocesses,techniques,checklists,andformsusedbyemployeestodotheirwork.Aneventisanyobservableoccurrenceina
systemornetwork.Anincidentcanbethoughtofasaviolationorimminentthreatofviolationofcomputersecuritypolicies,acceptableusepolicies,orstandard
securitypractices.
34.Aninformationsystem'srecoverytimeobjective(RTO)considerswhichofthefollowing?
1.Memorandumofagreement
2.Maximumallowableoutage
3.Servicelevelagreement
4.Costtorecover
a.1and3
b.2and4
c.3and4
d.1,2,3,and4
34.b.Thebalancingpointbetweenthemaximumallowableoutage(MAO)foraresourceandthecosttorecoverthatresourceestablishestheinformationsystem's
recoverytimeobjective(RTO).Memorandumofagreementisanothernamefordevelopingaservicelevelagreement(SLA).
35.Contingencyplanningintegratestheresultsofwhichofthefollowing?
a.Businesscontinuityplan
c.Corebusinessprocesses
d.Infrastructuralservices
35.b.Contingencyplanningintegratesandactsontheresultsofthebusinessimpactanalysis.Theoutputofthisprocessisabusinesscontinuityplanconsistingofa
setofcontingencyplanswithasingleplanforeachcorebusinessprocessandinfrastructurecomponent.Eachcontingencyplanshouldprovideadescriptionofthe
resources,staffroles,procedures,andtimetablesneededforitsimplementation.
36.Whichofthefollowingmustbedefinedtoimplementeachcontingencyplan?
a.Triggers
b.Risks
c.Costs
d.Benefits
36.a.Itisimportanttodocumenttriggersforactivatingcontingencyplans.Theinformationneededtodefinetheimplementationtriggersforcontingencyplansisthe
deploymentscheduleforeachcontingencyplanandtheimplementationscheduleforthereplacedmissioncriticalsystems.Triggersaremoreimportantthanrisks,
costs,andbenefitsbecausetheformerdrivesthelatter.
37.Theleastcostlytestapproachforcontingencyplansiswhichofthefollowing?
a.Fullscaletesting
b.Pilottesting
c.Paralleltesting
d.Endtoendtesting
37.d.Thepurposeofendtoendtestingistoverifythatadefinedsetofinterrelatedsystems,whichcollectivelysupportanorganizationalcorebusinessareaor
function, interoperate as intended in an operational environment. Generally, endtoend testing is conducted when one major system in the endtoend chain is
modifiedorreplaced,andattentionisrightfullyfocusedonthechangedornewsystem.Theboundariesonendtoendtestsarenotfixedorpredeterminedbutrather
varydependingonagivenbusinessarea'ssystemdependencies(internalandexternal)andthecriticalitytothemissionoftheorganization.
Fullscale testing is costly and disruptive, whereas endtoend testing is least costly. Pilot testing is testing one system or one department before testing other
systemsordepartments.Paralleltestingistestingtwosystemsortwodepartmentsatthesametime.
38.Organizationspracticecontingencyplansbecauseitmakesgoodbusinesssense.Whichofthefollowingisthecorrectsequenceofsteps
involvedinthecontingencyplanningprocess?
1.Anticipatingpotentialdisasters
2.Identifyingthecriticalfunctions
3.Selectingcontingencyplanstrategies
4.Identifyingtheresourcesthatsupportthecriticalfunctions
a.1,2,3,and4
b.1,3,2,and4
c.2,1,4,and3
d.2,4,1,and3
38.d.Contingencyplanninginvolvesmorethanplanningforamoveoffsiteafteradisasterdestroysadatacenter.Italsoaddresseshowtokeepanorganization's
critical functions operating in the event of disruptions, both large and small. This broader perspective on contingency planning is based on the distribution of
computersupportthroughoutanorganization.Thecorrectsequenceofstepsisasfollows:
Identifythemissionorbusinessorcriticalfunctions.
Identifytheresourcesthatsupportthecriticalfunctions.
Anticipatepotentialcontingenciesordisasters.
Selectcontingencyplanningstrategies.
39.Acontingencyplanningstrategyconsistsofthefollowingfourparts.Whichofthefollowingpartsarecloselyrelatedtoeachother?
a.Emergencyresponseandrecovery
b.Recoveryandresumption
c.Resumptionandimplementation
d.Recoveryandimplementation
39.b.Theselectionofacontingencyplanningstrategyshouldbebasedonpracticalconsiderations,includingfeasibilityandcost.Riskassessmentcanbeusedto
help estimate the cost of options to decide an optimal strategy. Whether the strategy is onsite or offsite, a contingency planning strategy normally consists of
emergencyresponse,recovery,resumption,andimplementation.
Inemergencyresponse,itisimportanttodocumenttheinitialactionstakentoprotectlivesandlimitdamage.Inrecovery,thestepsthatwillbetakentocontinue
supportforcriticalfunctionsshouldbeplanned.Inresumption,whatisrequiredtoreturntonormaloperationsshouldbedetermined.Therelationshipbetween
recoveryandresumptionisimportant.Thelongerittakestoresumenormaloperations,thelongertheorganizationwillhavetooperateintherecoverymode.In
implementation,itisnecessarytomakeappropriatepreparations,documenttheprocedures,andtrainemployees.Emergencyresponseandimplementationdonothave
thesamerelationshipasrecoveryandresumptiondoes.
40.Contingencyplanningforlocalareanetworksshouldconsiderallthefollowingexcept:
a.Incidentresponse
b.Remotecomputing
c.Backupoperations
d.Recoveryplans
40.b.Remotecomputingisnotapplicabletoalocalareanetwork(LAN)becausethescopeofaLANislimitedtolocalareaonlysuchasabuildingorgroupof
buildings.Wideareanetworksormetropolitanareanetworksaregoodforremotecomputing.Acontingencyplanshouldconsiderthreethings:incidentresponse,
backupoperations,andrecovery.
ThepurposeofincidentresponseistomitigatethepotentiallyseriouseffectsofasevereLANsecurityrelatedproblem.Itrequiresnotonlythecapabilitytoreactto
incidentsbutalsotheresourcestoalertandinformtheusersifnecessary.
BackupoperationplansarepreparedtoensurethatessentialtaskscanbecompletedsubsequenttodisruptionoftheLANenvironmentandcancontinueuntilthe
LANissufficientlyrestored.Recoveryplansaremadetopermitsmooth,rapidrestorationoftheLANenvironmentfollowinginterruptionofLANusage.Supporting
documentsshouldbedevelopedandmaintainedthatminimizethetimerequiredforrecovery.Priorityshouldbegiventothoseapplicationsandservicesthatare
deemedcriticaltothefunctioningoftheorganization.Backupoperationproceduresshouldensurethatthesecriticalservicesandapplicationsareavailabletousers.
41.Rankthefollowingobjectivesofadisasterrecoveryplan(DRP)frommosttoleastimportant:
1.Minimizethedisaster'sfinancialimpactontheorganization.
2.Reducephysicaldamagetotheorganization'sproperty,equipment,anddata.
3.Limittheextentofthedamageandthuspreventtheescalationofthedisaster.
4.Protecttheorganization'semployeesandthegeneralpublic.
a.1,2,3,and4
b.3,2,1,and4
c.4,1,3,and2
d.4,2,1,and3
41.c.Thehealthandsafetyofemployeesandgeneralpublicshouldbethefirstconcernduringadisastersituation.Thesecondconcernshouldbetominimizethe
disaster'seconomicimpactontheorganizationintermsofrevenuesandsales.Thethirdconcernshouldbetolimitorcontainthedisaster.Thefourthconcernshould
betoreducephysicaldamagetoproperty,equipment,anddata.
42.Rankthefollowingbenefitstoberealizedfromacomprehensivedisasterrecoveryplan(DRP)frommosttoleastimportant:
1.Reduceinsurancecosts.
2.Enhancephysicalanddatasecurity.
3.Providecontinuityoforganization'soperations.
4.Improveprotectionoftheorganization'sassets.
a.1,2,3,and4
b.3,2,1,and4
c.3,4,2,and1
d.4,2,3,and1
42.c.Themostimportantbenefitofacomprehensivedisasterrecoveryplanistoprovidecontinuityofoperationsfollowedbyprotectionofassets,increasedsecurity,
andreducedinsurancecosts.Assetscanbeacquiredifthebusinessisoperatingandprofitable.Thereisnosuchthingas100percentsecurity.Acompanycanassume
selfinsurance.
43.Whatistheinherentlimitationofadisasterrecoveryplanningexercise?
a.Inabilitytoincludeallpossibletypesofdisasters
b.Assemblingdisastermanagementandrecoveryteams
c.Developingearlywarningmonitorsthattriggeralertsandresponses
d.Conductingperiodicdrills
43.a.Becausetherearemanytypesofdisastersthatcanoccur,itisnotpracticaltoconsiderallsuchdisasters.Doingsoiscostprohibitive.Hence,disasterrecovery
planningexercisesshouldfocusonmajortypesofdisastersthatoccurfrequently.Oneapproachistoperformriskanalysistodeterminetheannuallossexpectancy
(ALE),whichiscalculatedfromthefrequencyofoccurrenceofapossiblelossmultipliedbytheexpecteddollarlossperoccurrence.
44.Whichofthefollowingitemsisusuallynotconsideredwhenanewapplicationsystemisbroughtintotheproductionenvironment?
a.Assigningacontingencyprocessingprioritycode
b.Trainingcomputeroperators
c.Developingcomputeroperationsdocumentation
d.Trainingfunctionalusers
44.a. An application system priority analysis should be performed to determine the business criticality for each computer application. A priority code or time
sensitivitycodeshouldbeassignedtoeachproductionapplicationsystemthatiscriticaltothesurvivaloftheorganization.Theprioritycodetellspeoplehowsoon
theapplicationshouldbeprocessedwhenthebackupcomputerfacilityisready.Thiscanhelpinrestoringthecomputersystemfollowingadisasterandfacilitatein
developingarecoveryschedule.
45.Whichofthefollowingdisasterscenariosiscommonlynotconsideredduringthedevelopmentofdisasterrecoveryandcontingency
planning?
a.Networkfailure
b.Hardwarefailure
c.Softwarefailure
d.Failureofthelocaltelephonecompany
45.d. Usually, telephone service is taken for granted by the recovery team members that could negatively affect Voice over Internet Protocol (VoIP) services.
Consequently,itisnotaddressedintheplanningstage.However,alternativephoneservicesshouldbeexplored.Theotherthreechoicesareusuallyconsidereddueto
familiarityandvendorpresence.
46.Whichofthefollowingphasesinthecontingencyplanningandemergencyprogramismostdifficulttoselltoanorganization's
management?
a.Mitigation
b.Preparedness
c.Response
d.Recovery
46.a.Mitigationisalongtermactivityaimedateliminatingorreducingtheprobabilityofanemergencyoradisasteroccurring.Itrequiresupfrontmoneyand
commitment from management. Preparedness is incorrect because it is a readiness to respond to undesirable events. It ensures effective response and minimizes
damage.Responseisincorrectbecauseitisthefirstphaseaftertheonsetofanemergency.Itenhancesrecoveryoperations.Recoveryisincorrectbecauseitinvolves
bothshortandlongtermrestorationofvitalsystemstonormaloperations.
47.Whichofthefollowingisthebestformofacoveredlossinsurancepolicy?
a.Abasicpolicy
b.Abroadpolicy
c.Aspecialallriskpolicy
d.Apolicycommensuratewithrisks
47.d.Becauseinsurancereducesoreliminatesrisk,thebestinsuranceistheonecommensuratewiththemostcommontypesofriskstowhichacompanyisexposed.
Theotherthreechoicesareincorrect.Abasicpolicycoversspecificnamedperilsincludingfire,lightning,andwindstorm.Abroadpolicycoversadditionalperils
suchasroofcollapseandvolcanicaction.Aspecialallriskpolicycoverseverythingexceptspecificexclusionsnamedinthepolicy.
48.WhichofthefollowingITcontingencysolutionsincreasesaserver'sperformanceandavailability?
b.Remotejournaling
c.Loadbalancing
d.Diskreplication
48.c. Load balancing systems monitor each server to determine the best path to route traffic to increase performance and availability so that one server is not
overwhelmedwithtraffic.Electronicvaultingandremotejournalingaresimilartechnologiesthatprovideadditionaldatabackupcapabilities,withbackupsmadeto
remotetapeordiskdrivesovercommunicationlinks.Diskreplicationcanbeimplementedlocallyorbetweendifferentlocations.
49.Whichofthefollowingcanbecalledthedisasterrecoveryplanoflastresort?
a.Contractwitharecoverycenter
b.Demonstrationoftherecoverycenter'scapabilities
c.Touroftherecoverycenter
d.Insurancepolicy
49.d. According to insurance industry estimates, every dollar of insured loss is accompanied by three dollars of uninsured economic loss. This suggests that
companiesareinsuredonlyforonethirdofthepotentialconsequencesofadisasterandthatinsurancetrulyisadisasterrecoveryplanoflastresort.
50.Whatshouldbethelaststepinariskassessmentprocessperformedasapartofbusinesscontinuityplan?
a.Considerpossiblethreats.
b.Establishrecoverypriorities.
c.Assesspotentialimpacts.
d.Evaluatecriticalneeds.
50.b.Thelaststepisestablishingprioritiesforrecoverybasedoncriticalneeds.Thefollowingdescribesthesequenceofstepsinariskassessmentprocess:
1.Possiblethreatsincludenatural(forexample,fires,floods,andearthquakes),technical(forexample,hardware/softwarefailure,power
disruption,andcommunicationsinterference),andhuman(forexample,riots,strikes,disgruntledemployees,andsabotage).
2.Assessimpactsfromlossofinformationandservicesfrombothinternalandexternalsources.Thisincludesfinancialcondition,competitive
position,customerconfidence,legal/regulatoryrequirements,andcostanalysistominimizeexposure.
3.Evaluatecriticalneeds.Thisevaluationalsoshouldconsidertimeframesinwhichaspecificfunctionbecomescritical.Thisincludesfunctional
operations,keypersonnel,information,processingsystems,documentation,vitalrecords,andpoliciesandprocedures.
4.Establishprioritiesforrecoverybasedoncriticalneeds.
51.Forbusinesscontinuityplanning/disasterrecoveryplanning(BCP/DRP),businessimpactanalysis(BIA)primarilyidentifieswhichofthe
following?
a.Threatsandrisks
b.Costsandimpacts
c.Exposuresandfunctions
d.Eventsandoperations
51.a.Businessimpactanalysis(BIA)istheprocessofidentifyinganorganization'sexposuretothesuddenlossofselectedbusinessfunctionsand/orthesupporting
resources(threats)andanalyzingthepotentialdisruptiveimpactofthoseexposures(risks)onkeybusinessfunctionsandcriticalbusinessoperations.Threatsand
risksareprimaryandcostsandimpactsaresecondary,wherethelatterisderivedfromtheformer.
TheBIAusuallyestablishesacost(impact)associatedwiththedisruptionlastingvaryinglengthsoftime,whichissecondary.
52.Whichofthefollowingisthebestcourseofactiontotakeforretrievingtheelectronicrecordsstoredatanoffsitelocation?
a.Installingphysicalsecuritycontrolsoffsite
b.Installingenvironmentalsecuritycontrolsoffsite
c.Ensuringthatsoftwareversionstoredoffsitematcheswiththevitalrecordsversion
d.Rotatingvitalrecordsbetweenonsiteandoffsite
52.c.TheITmanagementmustensurethatelectronicrecordsareretrievableinthefuture,requiringthecorrectversionofsoftwarethatcreatedtheoriginalrecordsis
testedandstoredoffsite,andthatthecurrentsoftwareversionismatchedwiththecurrentversionofvitalrecords.
Theotherthreechoicesareincorrectbecause,althoughtheyareimportantintheirownway,theydonotdirectlyaddresstheretrievalofelectronicrecords.Examples
ofphysicalsecuritycontrolsincludekeysandlocks,sensors,alarms,sprinklers,andsurveillancecameras.Examplesofenvironmentalcontrolsincludehumidity,air
conditioning,andheatlevels.Rotatingvitalrecordsbetweenonsiteandoffsiteisneededtopurgetheobsoleterecordsandkeepthecurrentrecordsonly.
53.Whatisthepurposeofabusinesscontinuityplan(BCP)?
a.Tosustainbusinessoperations
b.Torecoverfromadisaster
c.Totestthebusinesscontinuityplan
d.Todevelopthebusinesscontinuityplan
53.a.Continuityplanninginvolvesmorethanplanningforamoveoffsiteafteradisasterdestroysadatacenter.Italsoaddresseshowtokeepanorganization's
criticalfunctionsoperatingintheeventofdisruptions,bothlargeandsmall.Thisbroaderperspectiveoncontinuityplanningisbasedonthedistributionofcomputer
useandsupportthroughoutanorganization.Thegoalistosustainbusinessoperations.
54.Themainbodyofacontingencyordisasterrecoveryplandocumentshouldnotaddresswhichofthefollowing?
a.What?
b.When?
c.How?
d.Who?
54.c.Theplandocumentcontainsonlythewhy,what,when,where,andwho,nothow.Thehowdealswithdetailedproceduresandinformationrequiredtocarryout
theactionsidentifiedandassignedtoaspecificrecoveryteam.Thisinformationshouldnotbeintheformalplanbecauseitistoodetailedandshouldbeincludedin
thedetailreferencematerialsasanappendixtotheplan.Thewhydescribestheneedforrecovery,thewhatdescribesthecriticalprocessesandresourcerequirements,
thewhendealswithcriticaltimeframes,thewheredescribesrecoverystrategy,andthewhoindicatestherecoveryteammembersandsupportorganizations.Keeping
thehowinformationintheplandocumentconfusespeople,makingithardtounderstandandcreatingamaintenancenightmare.
55.Whichofthefollowingcontingencyplantestresultsismostmeaningful?
a.Testsmetallplannedobjectivesinrestoringalldatabasefiles.
b.Testsmetallplannedobjectivesinusingthelatestversionoftheoperatingsystemssoftware.
c.Testsmetallplannedobjectivesusingfilesrecoveredfrombackups.
d.Testsmetallplannedobjectivesusingthecorrectversionofaccesscontrolsystemssoftware.
55.c.Thepurposeoffrequentdisasterrecoverytestsistoensurerecoverability.Reviewoftestresultsshouldshowthatthetestsconductedmetallplannedobjectives
usingfilesrecoveredfromthebackupcopiesonly.Thisisbecauseofthenobackup,norecoveryprinciple.Recoveryfrombackupalsoshowsthatthebackupschedule
hasbeenfollowedregularly.Storingfilesatasecondarylocation(offsite)ispreferabletotheprimarylocation(onsite)becauseitensurescontinuityofbusiness
operationsiftheprimarylocationisdestroyedorinaccessible.
56.Ifthedisasterrecoveryplanisbeingtestedforthefirsttime,whichofthefollowingtestingoptionscanbecombined?
a.Checklisttestingandsimulationtesting
b.Simulationtestingandfullinterruptiontesting
c.Checklisttestingandstructuredwalkthroughtesting
d.Checklisttestingandfullinterruptiontesting
56.c.Thechecklisttestingcanensurethatalltheitemsonthechecklistshavebeenreviewedandconsidered.Duringstructuredwalkthroughtesting,theteam
membersmeetandwalkthroughthespecificstepsofeachcomponentofthedisasterrecoveryprocessandfindgapsandoverlaps.
Simulationtestingsimulatesadisasterduringnonbusinesshours,sonormaloperationswillnotbeinterrupted.Fullinterruptiontestingisnotrecommendedbecause
itactivatesthetotaldisasterrecoveryplan.Thistestiscostlyanddisruptivetonormaloperationsandrequiresseniormanagement'sspecialapproval.
57.Whichofthefollowingshouldbeconsistentwiththefrequencyofinformationsystembackupsandthetransferrateofbackupinformation
toalternativestoragesites?
1.Recoverytimeobjective
2.Meantimetofailure
3.Recoverypointobjective
4.Meantimebetweenoutages
a.1and2
b.1and3
c.2and3
d.2and4
57. b. The frequency of information system backups and the transfer rate of backup information to alternative storage sites should be consistent with the
organization'srecoverytimeobjective(RTO)andrecoverypointobjective(RPO).RecoverystrategiesmustbecreatedtomeettheRTOandRPO.Meantimetofailure
(MTTF)ismostoftenusedwithsafetycriticalsystemssuchasairlinetrafficcontrolsystems(radarcontrolservices)tomeasuretimebetweenfailures.Meantime
betweenoutages (MTBO) is the mean time between equipment failures that result in loss of system continuity or unacceptable degradation. MTTF deals with
softwareissues,whereasMTBOmeasureshardwareproblems.
58.Allthefollowingaremisconceptionsaboutadisasterrecoveryplanexcept:
a.Itisanorganization'sassurancetosurvive.
b.Itisakeyinsurancepolicy.
c.ItmanagestheimpactofLANfailures.
d.Itmanagestheimpactofnaturaldisasters.
58.a.Awelldocumented,wellrehearsed,wellcoordinateddisasterrecoveryplanallowsbusinessestofocusonsurprisesandsurvival.Intoday'senvironment,a
localareanetwork(LAN)failurecanbeascatastrophicasanaturaldisaster,suchasatornado.Insurancedoesnotcovereveryloss.
Theotherthreechoicesaremisconceptions.Whatisimportantistofocusonthemajorunexpectedeventsandimplementmodificationstotheplansothatitis
necessarytoreclaimcontroloverthebusiness.Thekeyistoensuresurvivalinthelongrun.
59.Whichofthefollowingdisasterrecoveryplantestresultswouldbemostusefultomanagement?
a.Elapsedtimetoperformvariousactivities
b.Amountofworkcompleted
c.Listofsuccessfulandunsuccessfulactivities
d.Descriptionofeachactivity
59.c. Management is interested to find out what worked (successful) and what did not (unsuccessful) after a recovery from a disaster. The idea is to learn from
experience.
60.Whichofthefollowingisnotanexampleofprocedureorienteddisasterpreventionactivity?
a.Backingupcurrentdataandprogramfiles
b.Performingpreventivemaintenanceoncomputerequipment
c.Testingthedisasterrecoveryplan
d.Housingcomputersinafireresistantarea
60.d.Housingcomputersinafireresistantareaisanexampleofaphysicallyorienteddisasterpreventioncategory,whereastheotherthreechoicesareexamplesof
procedureorientedactivities.Procedureorientedactionsrelatetotasksperformedonadaytoday,monthtomonth,orannualbasisorotherwiseperformedregularly.
Housing computers in a fireresistant area with a noncombustible or charged sprinkler area is not regular work. It is part of a major computercenter building
constructionplan.
61.Whichofthefollowingisthemostimportantoutcomefromcontingencyplanningtests?
a.Theresultsofatestshouldbeviewedaseitherpassorfail.
b.Theresultsofatestshouldbeviewedaspracticeforarealemergency.
c.Theresultsofatestshouldbeusedtoassesswhethertheplanworkedordidnotwork.
d.Theresultsofatestshouldbeusedtoimprovetheplan.
61.d.Inthecaseofcontingencyplanning,atestshouldbeusedtoimprovetheplan.Iforganizationsdonotusethisapproach,flawsintheplanmayremainhiddenor
uncorrected.Althoughtheotherthreechoicesareimportantintheirownway,themostimportantoutcomeistolearnfromthetestresultsinordertoimprovetheplan
nexttime,whichistherealbenefit.
62.Amajorriskintheuseofcellularradioandtelephonenetworksduringadisasterinclude:
a.Securityandswitchingofficeissues
b.Securityandredundancy
c.Redundancyandbackuppowersystems
d.Backuppowersystemsandswitchingoffice
62.a.Theairwavesarenotsecureandamobiletelephoneswitchingofficecanbelostduringadisaster.Thecellularcompanymayneedtodivertaroutefromthecell
sitetoanothermobileswitchingoffice.Userorganizationscantakecareoftheotherthreechoicesbecausetheyaremostlyapplicabletothem,andnottothetelephone
company.
63.RegardingBCPandDRP,whichofthefollowingisnotanelementofrisk?
a.Threats
b.Assets
c.Costs
d.Mitigatingfactors
63.c.WhetheritisBCP/DRPornot,thethreeelementsofriskincludethreats,assets,andmitigatingfactors.
Risksresultfromeventsandtheirsurroundingswithorwithoutpriorwarnings,andincludefacilitiesrisk,physicalandlogicalsecurityrisk,reputationrisk,network
risk,supplychainrisk,compliancerisk,andtechnologyrisk.
Threatsourcesincludenatural(forexample,firesandfloods),manmadeattacks(forexample,socialengineering),technologybasedattacks(DoSandDDoS),and
intentionalattacks(forexample,sabotage).
Assetsincludepeople,facilities,equipment(hardware),software,andtechnologies.
Controlsintheformofphysicalprotection,logicalprotection,andassetprotectionareneededtoavoidormitigatetheeffectsofrisks.Someexamplesofpreventive
controlsincludepasswords,smokedetectors,andfirewallsandsomeexamplesofreactive/recoverycontrolsincludehotsitesandcoldsites.
Costsaretheoutcomesorbyproductsofandderivedfromthreats,assets,andmitigatingfactors,whichshouldbeanalyzedandjustifiedalongwithbenefitspriorto
theinvestmentincontrols.
64.Physicaldisasterpreventionandpreparednessbeginswhena:
a.Datacentersiteisconstructed
b.Newequipmentisadded
c.Newoperatingsystemisinstalled
d.Newroomisaddedtoexistingcomputercenterfacilities
64.a.Thedatacentershouldbeconstructedinsuchawayastominimizeexposuretofire,waterdamage,heat,orsmokefromadjoiningareas.Otherconsiderations
includeraisedfloors,sprinklers,orfiredetectionandextinguishingsystemsandfurnituremadeofnoncombustiblematerials.Alltheseconsiderationsshouldbe
takenintoaccountinacosteffectivemanneratthetimethedata(computer)centerisoriginallybuilt.Addonswillnotonlybedisruptivebutalsocostly.
65.Disasternotificationfeesarepartofwhichofthefollowingcostcategoriesassociatedwithalternativecomputerprocessingsupport?
a.Initialcosts
b.Recurringoperatingcosts
c.Activationcosts
d.Developmentcosts
65.c.Therearethreebasiccostelementsassociatedwithalternateprocessingsupport:initialcosts,recurringoperatingcosts,andactivationcosts.Thefirsttwo
componentsareincurredwhetherthebackupfacilityisputintooperationthelastcostcomponentisincurredonlywhenthefacilityisactivated.
Theinitialcostsincludethecostofinitialsetup,includingmembership,constructionorotherfees.Recurringoperatingcostsincludecostsformaintainingand
operating the facility, including rent, utilities, repair, and ongoing backup operations. Activation costs include costs involved in the actual use of the backup
capability.Thisincludesdisasternotificationfees,facilityusagecharges,overtime,transportation,andothercosts.
66.Whencomparingalternativecomputerprocessingfacilities,themajorobjectiveistoselectthealternativewiththe:
a.Largestannualizedprofit
b.Largestannualizedrevenues
c.Largestincrementalexpenses
d.Smallestannualizedcost
66.d.Themajorobjectiveistoselectthebestalternativefacilitythatmeetstheorganization'srecoveryneeds.Anannualizedcostisobtainedbymultiplyingthe
annualfrequencywiththeexpecteddollaramountofcost.Theproductshouldbeasmallfigure.
67.Whichofthefollowingstatementsisnottrueaboutcontractsandagreementsassociatedwithcomputerbackupfacilities?
a.Smallvendorsdonotneedcontractsduetotheirsize.
b.Governmentalorganizationsarenotexemptedfromcontractrequirements.
c.Nothingshouldbetakenforgrantedduringcontractnegotiations.
d.Allagreementsshouldbeinwriting.
67.a.Allvendors,regardlessoftheirsize,needwrittencontractsforallcustomers,whethercommercialorgovernmental.Nothingshouldbetakenforgranted,andall
agreementsshouldbeinwritingtoavoidmisunderstandingsandperformanceproblems.
68.Allofthefollowingarekeystakeholdersinthedisasterrecoveryprocessexcept:
a.Employees
b.Customers
c.Suppliers
d.Publicrelationsofficers
68.d.Apublicrelations(PR)officerisacompany'sspokespersonandusesthemediaasavehicletoconsistentlycommunicateandreporttothepublic,includingall
stakeholders, during precrisis, interim, and postcrisis periods. Hence, the PR officer is a reporter, not a stakeholder. Examples of various media used for crisis
notificationincludeprint,radio,television,telephone(voicemailandtextmessages),postoffice(regularmail),theInternet(forexample,electronicmailandblogs),
andpressreleasesorconferences.
Theotherstakeholders(forexample,employees,customers,suppliers,vendors,laborunions,investors,creditors,andregulators)haveavestedinterestinthepositive
andnegativeeffectsandoutcomes,andareaffectedbyacrisissituation,resultingfromthedisasterrecoveryprocess.
69.Whichofthefollowingisthemostimportantconsiderationinlocatinganalternativecomputingfacilityduringthedevelopmentofa
disasterrecoveryplan?
a.Closeenoughtobecomeoperationalquickly
b.Unlikelytobeaffectedbythesamecontingencyissuesastheprimaryfacility
c.Closeenoughtoserveitsusers
d.Convenienttoairportsandhotels
69.b.Thereareseveralconsiderationsthatshouldbereflectedinthebackupsitelocation.Theoptimumfacilitylocationis(i)closeenoughtoallowthebackup
functiontobecomeoperationalquickly,(ii)unlikelytobeaffectedbythesamecontingency,(iii)closeenoughtoserveitsusers,and(iv)convenienttoairports,major
highways,ortrainstationswhenlocatedoutoftown.
70.Whichofthefollowingalternativecomputingbackupfacilitiesisintendedtoserveanorganizationthathassustainedtotaldestructionfrom
adisaster?
a.Servicebureaus
b.Hotsites
c.Coldsites
d.Reciprocalagreements
70.b.Hotsitesarefullyequippedcomputercenters.Somehavefireprotectionandwarningdevices,telecommunicationslines,intrusiondetectionsystems,and
physicalsecurity.Thesecentersareequippedwithcomputerhardwarethatiscompatiblewiththatofalargenumberofsubscribingorganizations.Thistypeoffacility
isintendedtoserveanorganizationthathassustainedtotaldestructionandcannotdefercomputerservices.Theotherthreechoicesdonothavethiskindofsupport.
71.Afullscaletestingofapplicationsystemscannotbeaccomplishedinwhichofthefollowingalternativecomputingbackupfacilities?
a.Sharedcontingencycentersandhotsites
b.Dedicatedcontingencycentersandcoldsites
c.Hotsitesandreciprocalagreements
d.Coldsitesandreciprocalagreements
71.d.Thequestionisaskingaboutthetwoalternativecomputingfacilitiesthatcanperformfullscaletesting.Coldsitesdonothaveequipment,sofullscaletesting
cannotbedoneuntiltheequipmentisinstalled.Adequatetimemaynotbeallowedinreciprocalagreementsduetotimepressuresandschedulingconflictsbetween
thetwoparties.
Fullscaletestingispossiblewithsharedcontingencycentersandhotsitesbecausetheyhavetheneededequipmenttoconducttests.Sharedcontingencycentersare
essentiallythesameasdedicatedcontingencycenters.Thedifferenceliesinthefactthatmembershipisformedbyagroupofsimilarorganizationswhichuse,orcould
use,identicalhardware.
72.Whichofthefollowingcomputingbackupfacilitieshasacostadvantage?
a.Sharedcontingencycenters
b.Hotsites
c.Coldsites
d.Reciprocalagreements
72.d.Reciprocalagreementsdonotrequirenearlyasmuchadvancedfundingasdocommercialfacilities.Theyareinexpensivecomparedtootherthreechoiceswhere
thelatterarecommercialfacilities.However,costaloneshouldnotbetheoverridingfactorwhenmakingbackupfacilitydecisions.
73.Whichofthefollowingorganization'sfunctionsareoftenignoredinplanningforrecoveryfromadisaster?
a.Computeroperations
b.Safety
c.Humanresources
d.Accounting
73.c.Humanresourcepoliciesandproceduresimpactemployeesinvolvedintheresponsetoadisaster.Specifically,itincludesextendedworkhours,overtimepay,
compensatory time, living costs, employee evacuation, medical treatment, notifying families of injured or missing employees, emergency food, and cash during
recovery.Thescopecoversthepredisasterplan,emergencyresponseduringrecovery,andpostrecoveryissues.Themajorreasonforignoringthehumanresource
issuesisthattheyencompassmanyitemsrequiringextensiveplanningandcoordination,whichtakeasignificantamountoftimeandeffort.
74.Whichofthefollowingisthebestorganizationalstructureandmanagementstyleduringadisaster?
a.Peopleoriented
b.Productionoriented
c.Democraticoriented
d.Participativeoriented
74.b.Duringthecreationofadisasterrecoveryandrestorationplan,themanagementstylesindicatedintheotherthreechoicesareacceptableduetotheinvolvement
andinputrequiredofallpeopleaffectedbyadisaster.However,thesituationduringadisasterisentirelydifferentrequiringexecution,notplanning.Thecommand
andcontrol structure, which is a productionoriented management style, is the best approach to orchestrate the recovery, unify all resources, and provide solid
directionwithasinglevoicetorecoverfromthedisaster.Thisisnotthetimetoplananddiscussvariousapproachesandtheirmerits.Theotherthreechoicesarenot
suitableduringadisaster.
75.Theprimaryobjectiveofemergencyplanningisto:
a.Minimizelossofassets.
b.Ensurehumansecurityandsafety.
c.Minimizebusinessinterruption.
d.Providebackupfacilitiesandservices.
75.b.Emergencyplanningprovidesthepoliciesandprocedurestocopewithdisastersandtoensurethecontinuityofvitaldatacenterservices.Theprimaryobjective
ofemergencyplanningispersonnelsafety,security,andwelfaresecondaryobjectivesinclude(i)minimizinglossofassets,(ii)minimizingbusinessinterruption,
(iii)providingbackupfacilitiesandservices,and(iv)providingtrainedpersonneltoconductemergencyandrecoveryoperations.
76.Whichofthefollowingismostimportantindevelopingcontingencyplansforinformationsystemsandtheirfacilities?
a.Criteriaforcontent
b.Criteriaforformat
c.Criteriaforusefulness
d.Criteriaforprocedures
76.c.Theonlyreasonforcreatingacontingencyplanistoprovideadocumentandprocedurethatwillbeusefulintimeofemergency.Iftheplanisnotdesignedtobe
useful,itisnotsatisfactory.Suggestionsfortheplancontentandformatcanbedescribed,butnotwocontingencyplanswillorshouldbethesame.
77.Allthefollowingareobjectivesofemergencyresponseproceduresexcept:
a.Protectlife
b.Controllosses
c.Protectproperty
d.Maximizeprofits
77.d.Emergencyresponseproceduresarethoseproceduresinitiatedimmediatelyafteranemergencyoccurstoprotectlife,protectproperty,andminimizetheimpactof
theemergency(losscontrol).Maximizingprofitscanbepracticedduringnonemergencytimesbutnotduringanemergency.
78.Thepostincidentreviewreportafteradisastershouldnotfocuson:
a.Whathappened?
b.Whatshouldhavehappened?
c.Whatshouldhappennext?
d.Whocausedit?
78.d.Thepostincidentreviewafteradisasterhasoccurredshouldfocusonwhathappened,whatshouldhavehappened,andwhatshouldhappennext,butnoton
whocausedit.Blamingpeoplewillnotsolvetheproblem.
79.Aneffectiveelementofdamagecontrolafteradisasteroccursisto:
a.Maintainsilence.
b.Holdpressconferences.
c.Consultlawyers.
d.Maintainsecrecy.
79.b.Silenceisguilt,especiallyduringadisaster.Howacompanyappearstorespondtoadisastercanbeasimportantastheresponseitself.Iftheresponseiskeptin
secrecy,thepresswillassumethereissomereasonforsecrecy.Thecompanyshouldtaketimetoexplaintothepresswhathappenedandwhattheresponseis.A
corporatecommunicationsprofessionalshouldbeconsultedinsteadofalawyerduetothespecializedknowledgeoftheformer.Aspokespersonshouldbeselectedto
contact media, issue an initial statement, provide background information, and describe action plans, which are essential to minimize the damage. The company
lawyersmayaddrestrictionstoensurethateverythingisdoneaccordingly,whichmaynotworkwellinanemergency.
80.Whichofthefollowingstatementsisnottrue?Havingadisasterrecoveryplanandtestingitregularly:
a.Reducesrisks
b.Affectstheavailabilityofinsurance
c.Lowersinsurancerates
d.Affectsthetotalcostofinsurance
80.c.Bothunderwritersandmanagementareconcernedaboutriskreduction,availabilityofspecificinsurancecoverage,anditstotalcost.Agooddisasterrecovery
planaddressestheseconcerns.However,agoodplanisnotaguaranteeforlowerinsuranceratesinallcircumstances.Insuranceratesaredeterminedbasedonaverages
obtainedfromlossexperience,geography,managementjudgment,thehealthoftheeconomy,andahostofotherfactors.Totalcostofinsurancedependsonthe
specifictypeofcoverageobtained.Itcouldbedifficultorexpensivetoobtaininsuranceintheabsenceofadisasterrecoveryplan.Insuranceprovidesacertainlevelof
comfortinreducingrisksbutitdoesnotprovidethemeanstoensurecontinuityofbusinessoperations.
81.Whenanorganizationisinterruptedbyacatastrophe,whichofthefollowingcostcategoriesrequiresmanagement'sgreatestattention?
a.Directcosts
b.Opportunitycosts
c.Hiddencosts
d.Variablecosts
81.c. Hidden costs are not insurable expenses and include (i) unemployment compensation premiums resulting from layoffs in the work force, (ii) increases in
advertisingexpendituresnecessarytorebuildthevolumeofbusiness,(iii)costoftrainingnewandoldemployees,and(iv)increasedcostofproductiondueto
declineinoveralloperationalefficiency.Generally,traditionalaccountingsystemsarenotsetuptoaccumulateandreportthehiddencosts.Opportunitycostsarenot
insurableexpenses.Theyarecostsofforegonechoices,andaccountingsystemsdonotcapturethesetypesofcosts.Bothdirectandvariablecostsareinsurable
expensesandarecapturedbyaccountingsystems.
82.Whichofthefollowingdisasterrecoveryalternativefacilitieseliminatesthepossibilityofcompetitionfortimeandspacewithother
businesses?
a.Hotsites
b.Coldsites
c.Mirroredsites
d.Warmsites
82.c.Adedicatedsecondsiteeliminatesthethreatofcompetitionfortimeandspacewithotherbusinesses.Thesebenefitscoupledwiththeevergrowingdemandsof
today'sdataandtelecommunicationsnetworkshavepavedthewayforanewbreedofmirroredsites(intelligentsites)thatcanserveasbothprimaryandcontingency
sitelocations.Thesemirroredsitesemploytripledisasteravoidancesystemscoveringpower,telecommunications,lifesupport(waterandsanitation),and24hour
security systems. Mirrored sites are fully redundant facilities with automated realtime information mirroring. A mirrored site (redundant site) is equipped and
configuredexactlyliketheprimarysiteinalltechnicalrespects.Someorganizationsplanonhavingpartialredundancyforadisasterrecoverypurposeandpartial
processingfornormaloperations.ThestockingofsparepersonalcomputersandtheirpartsorLANserversalsoprovidesomeredundancy.Hot,cold,andwarmsites
areoperatedandmanagedbycommercialorganizations,whereasthemirroredsiteisoperatedbytheuserorganization.
83.Thegreatestcostindatamanagementcomesfromwhichofthefollowing?
a.Backingupfiles
b.Restoringfiles
c.Archivingfiles
d.Journalingfiles
83.b.Manualtapeprocessinghasthetendencytocauseproblemsatrestoretime.Multiplecopiesoffilesexistondifferenttapes.Findingtherighttapetorestorecan
becomeanightmare,unlessthesoftwareproducthasautomatedindexingandlabelingfeatures.Restoringfilesiscostlyduetotheconsiderablehumanintervention
required,causingdelays.Untilthesoftwareisavailabletoautomatethefilerestorationprocess,costscontinuetobehigherthantheotherchoices.Backinguprefers
toaduplicatecopyofadatasetthatisheldinstorageincasetheoriginaldataarelostordamaged.Archivingreferstotheprocessofmovinginfrequentlyaccessed
data to less accessible and lower cost storage media. Journaling applications post a copy of each transaction to both the local and remote storage sites when
applicable.
84.Allthefollowingneedtobeestablishedpriortoacrisissituationexcept:
a.Publicrelationships
b.Credibility
c.Reputation
d.Goodwill
84.a.Theotherthreechoices(i.e.,credibility,reputation,andgoodwill)needtoexistinadvanceofacrisissituation.Thesequalitiescannotbegeneratedquickly
duringacrisis.Theytakealongtimetodevelopandmaintain,waybeforeadisasteroccurs.Ontheotherhand,public(media)relationshipsrequireaproactive
approachduringadisaster.Thisincludesdistributinganinformationkittothemediaatamoment'snotice.Thebackgroundinformationaboutthecompanyinthekit
mustberegularlyreviewedandupdated.Whendisasterstrikes,itisimportanttogetthecompanyinformationoutearly.Bypresentingrelevantinformationtothe
media,moretimeisavailabletomanagetheactualdaytodayaspectsofcrisiscommunicationsduringthedisaster.
85.Whichofthefollowingdisasterrecoveryplantestingoptionsshouldnotbescheduledatcriticalpointsinthenormalprocessingcycle?
a.Checklisttesting
b.Paralleltesting
c.Fullinterruptiontesting
d.Structuredwalkthroughtesting
85.c.Fullinterruptiontesting,asthenameimplies,disruptsnormaloperationsandshouldbeapproachedwithcaution.
86.Thefirststepinsuccessfullyprotectingandbackingupinformationindistributedcomputingenvironmentsistodeterminedata:
a.Availabilityrequirements
b.Accessibilityrequirements
c.Inventoryrequirements
d.Retentionrequirements
86.c.Thefirststeptowardprotectingdataisacomprehensiveinventoryofallservers,workstations,applications,anduserdatathroughouttheorganization.Whena
comprehensivestudyofthistypeiscompleted,variousbackup,access,storage,availability,andretentionstrategiescanbeevaluatedtodeterminewhichstrategybest
fitstheneedsofanorganization.
87.Whichofthefollowingnaturaldisasterscomewithanadvancedwarningsign?
a.Earthquakesandtornadoes
b.Tornadoesandhurricanes
c.Hurricanesandfloods
d.Floodsonly
87.c.Themainhazardscausedbyhurricanesmostofteninvolvethelossofpower,flooding,andtheinabilitytoaccessfacilities.Businessesmayalsobeimpactedby
structuraldamageaswell.Hurricanesaretheonlyeventsthatgiveadvancedwarningsbeforethedisasterstrikes.Excessiverainsleadtofloods.Earthquakesdonot
giveadvancedwarnings.Tornadowarningsexistbutprovidelittleadvancewarning,andtheyareofteninaccurate.
88.Themosteffectiveactiontobetakenwhenahurricaneadvancewarningisprovidedisto:
a.Declarethedisasterearly.
b.Installanuninterruptiblepowersupplysystem.
c.Provideabackupwatersource.
d.Acquiregasolinepoweredpumps.
88.a.Thefirstthingistodeclarethedisasterassoonasthewarningsignisknown.Protectingthebusinesssiteisinstrumentalincontinuingorrestoringoperations
intheeventofahurricane.Waystodothisincludeanuninterruptiblepowersupply(batteriesandgenerators),abackupwatersource,andasupplyofgasoline
poweredpumpstokeepthelowerlevelsofthefacilityclearoffloodwaters.Boardingupwindowsanddoorsisgoodtoprotectbuildingsfromhighspeedflying
debrisandtopreventlooting.
89.Whichofthefollowingrequiresadvanceplanningtohandlearealflooddrivendisaster?
a.Calltreelist,powerrequirements,andairconditioningrequirements
b.Powerrequirementsandairconditioningrequirements
c.Airconditioningrequirementsandmediacommunications
d.Calltreelistandmediacommunications
89.b.Powerandairconditioningrequirementsneedtobedeterminedinadvancetoreducetheinstallationtimeframes.Thisincludesdieselpowergenerators,fuel,
andotherassociatedequipment.Mediacommunicationsincludekeepingintouchwithradio,television,andnewspaperfirms.Thecalltreelistshouldbekeptcurrent
allthetimesothattheemployeeandvendornotificationprocesscanbeginassoonasthedisasterstrikes.Thislistincludesprimaryandsecondaryemployeenames
andphonenumbersaswellasescalationlevels.
90.Whichofthefollowingisofleastconcerninalocalareanetworkcontingencyplan?
a.Applicationsystemsarescheduledforrecoverybasedontheirpriorities.
b.Applicationsystemsarescheduledforrecoverybasedontheurgencyoftheinformation.
c.Applicationsystemsarescheduledforrecoverybasedonaperiodofdowntimeacceptabletotheapplicationusers.
d.Applicationsystemsarescheduledforrecoverybasedonaperiodofdowntimetolerabletotheapplicationprogrammers.
90.d.Analternativelocationisneededtoensurethatcriticalapplicationscancontinuetobeprocessedwhenthelocalareanetwork(LAN)isunavailableforan
extended period of time. Application systems should be scheduled for recovery and operation at the alternative site, based on their priority, the urgency of the
information,andtheperiodofdowntimeconsideredacceptablebytheapplicationusers.Itdoesnotmatterwhattheapplicationprogrammersconsideracceptable
becausetheyarenotthedirectusersofthesystem.
91.Afteradisaster,atwhatstageshouldapplicationsystemsberecovered?
a.Tothelastonlinetransactioncompleted
b.Tothelastbatchprocessingpriortointerruption
c.Totheactualpointofinterruption
d.Tothelastmasterfileupdatepriortointerruption
91.c.Thegoalistocapturealldatapointsnecessarytorestartasystemwithoutlossofanydataintheworkinprogressstatus.Therecoveryteamshouldrecoverall
applicationsystemstotheactualpointoftheinterruption.Theotherthreechoicesareincorrectbecausetherecouldbeadelayinprocessingorpostingdatainto
masterfilesordatabasesdependingontheirschedules.
92.Whichofthefollowingmaynotreducetherecoverytimeafteradisasterstrikes?
a.Writingrecoveryscripts
b.Performingrigoroustesting
c.Refiningtherecoveryplans
d.Documentingtherecoveryplans
92.d.Documentingtherecoveryplanshouldbedonefirstandbeavailabletouseduringarecoveryasaguidance.Theamountoftimeandeffortindevelopingthe
planhasnobearingontherealrecoveryfromadisaster.Ontheotherhand,theamountoftimeandeffortspentontheotherthreechoicesandthedegreeofperfection
attainedinthosethreechoiceswilldefinitelyhelpinreducingtherecoverytimeafteradisasterstrikes.Themoretimespentonthesethreechoices,thebetterthe
qualityoftheplan.Thekeypointisthatdocumentingtherecoveryplanaloneisnotenoughbecauseitisapaperexercise,showingguidance.Therealbenefitcomes
fromcarefulimplementationofthatplaninactions.
93.Anorganization'seffectivepresentationofdisasterscenariosshouldbebasedonwhichofthefollowing?
a.Severityandtiminglevels
b.Riskandimpactlevels
c.Costandtiminglevels
d.Eventandincidentlevels
93.a.Thedisasterscenarios,describingthetypesofincidentsthatanorganizationislikelytoexperience,shouldbebasedoneventsorsituationsthatareseverein
magnitude (high in damages and longer in outages), occurring at the worst possible time (i.e., worstcase scenario with pessimistic time), resulting in severe
impairmenttotheorganization'sabilitytoconductand/orcontinueitsbusinessoperations.
The planning horizon for these scenarios include shortterm (i.e., less than one month outage) and longterm (i.e., more than three month outage), the severity
magnitudelevelsincludelow,moderate,andhighandthetiminglevelsincludeworstpossibletime,mostlikelytime,andleastlikelytime.Thecombinationofhigh
severitylevelandtheworstpossibletimeisanexampleofhighriskscenario.Theotherthreechoicesareincorrectbecausetheyarenotrelevantdirectlytothedisaster
scenariosintermsofseverityandtiminglevelsexceptthattheysupporttheseverityandtiminglevelsindirectly.
94.Thefocusofdisasterrecoveryplanningshouldbeon:
a.Protectingtheorganizationagainsttheconsequencesofadisaster
b.Probabilitythatadisastermayormaynothappen
c.Balancingthecostofrecoveryplanningagainsttheprobabilitythatadisastermightactuallyhappen
d.Selectingthebestalternativebackupprocessingfacilities
94.a.Thefocusofdisasterrecoveryplanningshouldbeonprotectingtheorganizationagainsttheconsequencesofadisaster,notontheprobabilitythatitmayor
maynothappen.
95.Whichofthefollowingstatementsisnottrueaboutthecriticalapplicationcategoriesestablishedfordisasterrecoveryplanningpurposes?
a.Predefinedcategoriesneednotbefollowedduringadisasterbecausetimeisshort.
b.Eachcategoryhasadefinedtimeframetorecover.
c.Eachcategoryhasaprioritylevelassignedtoit.
d.Thehighestlevelcategoryisthelastonetorecover.
95.a.Itisimportanttodefineapplicationsintocertaincategoriestoestablishprocessingpriority.Forexample,thetimeforrecoveryofapplicationsincategoryI
couldbelessthan8hoursafterdisasterdeclaration(highpriority).ThetimeframeforrecoveryofcategoryIVapplicationscouldbelessthan12hoursafterdisaster
declaration(lowpriority).
96.Thedecisiontofullyactivateadisasterrecoveryplanismadeimmediately:
a.Afternotifyingthedisaster
b.Beforedamagecontrol
c.Afterdamageassessmentandevaluation
d.Beforeactivatingemergencysystems
96.c.Thedecisiontoactivateadisasterrecoveryplanismadeafterdamageassessmentandevaluationiscompleted.Thisisbecausetherealdamagefromadisaster
couldbeminorormajorwherethelatterinvolvesfullactivationonlyafterdamageassessmentandevaluation.Minordamagesmaynotrequirefullactivationasdothe
majorones.Thedecisiontoactivateshouldbebasedoncostbenefitanalysis.
A list of equipment, software, forms, and supplies needed to operate contingency category I (high priority) applications should be available to use as a damage
assessmentchecklist.
97.WhichofthefollowingITcontingencysolutionsrequiresahigherbandwidthtooperate?
a.Remotejournaling
b.Electronicvaulting
c.Synchronousmirroring
d.Asynchronousmirroring
97.c.Dependingonthevolumeandfrequencyofthedatatransmission,remotejournalingorelectronicvaultingcouldbeconductedoveraconnectionwithlimitedor
lowbandwidth.However,synchronousmirroringrequireshigherbandwidthfordatatransfersbetweenservers.Asynchronousmirroringrequiressmallerbandwidth
connection.
98.Thebusinesscontinuityplanning(BCP)processshouldfocusonprovidingwhichofthefollowing?
a.Financiallyacceptablelevelofoutputsandservices
b.Technicallyacceptablelevelofoutputsandservices
c.Minimumacceptablelevelofoutputsandservices
d.Maximumacceptablelevelofoutputsandservices
98.c.Thebusinesscontinuityplanning(BCP)processshouldsafeguardanorganization'scapabilitytoprovideaminimumacceptablelevelofoutputsandservicesin
theeventoffailuresofinternalandexternalmissioncriticalinformationsystemsandservices.Theplanningprocessshouldlinkriskmanagementandriskmitigation
effortstooperatetheorganization'scorebusinessprocesseswithintheconstraintssuchasadisastertime.
99.WhichofthefollowingITcontingencysolutionsisusefuloverlargerbandwidthconnectionsandshorterphysicaldistances?
a.Synchronousmirroring
b.Asynchronousshadowing
c.Singlelocationdiskreplication
d.Multiplelocationdiskreplication
99.a.Thesynchronousmirroringmodecandegradeperformanceontheprotectedserverandshouldbeimplementedonlyovershorterphysicaldistanceswhere
bandwidthislargerthatwillnotrestrictdatatransfersbetweenservers.Theasynchronousshadowingmodeisusefuloversmallerbandwidthconnectionsandlonger
physical distances where network latency could occur. Consequently, shadowing helps to preserve the protected server's performance. Both synchronous and
asynchronousaretechniquesandvariationsofdiskreplication(i.e.,singleandmultiplelocationdiskreplication).
100.Regardingcontingencyplanning,anorganizationobtainswhichofthefollowingtoreducethelikelihoodofasinglepointoffailure?
a.Alternativestoragesite
b.Alternativeprocessingsite
c.Alternativetelecommunicationsservices
d.Redundantsecondarysystem
100. c. An organization obtains alternative telecommunications services to reduce the likelihood of encountering a single point of failure with primary
telecommunicationsservicesbecauseofitshighrisk.Theotherchoicesarenothighrisksituations.
101.Whichofthefollowingisaprerequisitetodevelopingadisasterrecoveryplan?
a.Businessimpactanalysis
b.Costbenefitanalysis
c.Riskanalysis
d.Managementcommitment
101.d. Management commitment and involvement are always needed for any major programs, and developing a disaster recovery plan is no exception. Better
commitmentleadstogreaterfundingandsupport.Theotherthreechoicescomeaftermanagementcommitment.
102.Withrespecttobusinesscontinuityplanning/disasterrecoveryplanning(BCP/DRP),riskanalysisispartofwhichofthefollowing?
a.Costbenefitanalysis
c.Backupanalysis
d.Recoveryanalysis
102.b.Theriskanalysisisusuallypartofthebusinessimpactanalysis.Itestimatesboththefunctionalandfinancialimpactofariskoccurrencetotheorganization
andidentifiesthecoststoreducetheriskstoanacceptablelevelthroughtheestablishmentofeffectivecontrols.Theotherthreechoicesarepartofthecorrectchoice.
103.Whichofthefollowingdisasterrecoveryplantestingapproachesisnotrecommended?
a.Deskchecking
b.Simulations
c.Endtoendtesting
d.Fullinterruptiontesting
103.d.Managementwillnotallowstoppingofnormalproductionoperationsfortestingadisasterrecoveryplan.Somebusinessesoperateona24x7scheduleand
losingseveralhoursofproductiontimeistantamounttoanotherdisaster,financiallyorotherwise.
104.Thebusinessimpactanalysis(BIA)shouldcriticallyexaminethebusinessprocessesandwhichofthefollowing?
a.Composition
b.Priorities
c.Dependencies
d.Servicelevels
104.c.Thebusinessimpactanalysis(BIA)examinesbusinessprocessescompositionandpriorities,businessoroperatingcycles,servicelevels,and,mostimportant,
thebusinessprocessdependencyonmissioncriticalinformationsystems.
105.Themajorthreatsthatadisasterrecoverycontingencyplanshouldaddressinclude:
a.Physicalthreats,softwarethreats,andenvironmentalthreats
b.Physicalthreatsandenvironmentalthreats
c.Softwarethreatsandenvironmentalthreats
d.Hardwarethreatsandlogicalthreats
105. c. Physical and environmental controls help prevent contingencies. Although many of the other controls, such as logical access controls, also prevent
contingencies,themajorthreatsthatacontingencyplanaddressesarephysicalandenvironmentalthreats,suchasfires,lossofpower,plumbingbreaks,ornatural
disasters.Logicalaccesscontrolscanaddressboththesoftwareandhardwarethreats.
106.Whichofthefollowingisoftenamissinglinkindevelopingalocalareanetworkmethodologyforcontingencyplanning?
a.Decidingwhichapplicationscanbehandledmanually
b.Decidingwhichusersmustsecureandbackuptheirowndata
c.Decidingwhichapplicationsaretobesupportedoffsite
d.Decidingwhichapplicationscanbehandledasstandalonepersonalcomputertasks
106.b.Itistruethatduringadisaster,notallapplicationsystemshavetobesupportedwhilethelocalareanetwork(LAN)isoutofservice.SomeLANapplications
maybehandledmanually,someasstandalonePCtasks,whereasothersneedtobesupportedoffsite.Althoughthesedutiesareclearlydefined,itisnotsoclearwhich
usersmustsecureandbackuptheirowndata.ItisimportanttocommunicatetousersthattheymustsecureandbackuptheirowndatauntilnormalLANoperations
areresumed.ThisisoftenamissinglinkindevelopingaLANmethodologyforcontingencyplanning.
107.Whichofthefollowingusesbothqualitativeandquantitativetools?
a.Anecdotalanalysis
c.Descriptiveanalysis
d.Narrativeanalysis
107.b.Thepurposeofbusinessimpactanalysis(BIA)istoidentifycriticalfunctions,resources,andvitalrecordsnecessaryforanorganizationtocontinueitscritical
functions.Inthisprocess,theBIAusesbothquantitativeandqualitativetools.Theotherthreechoicesareexamplesthatusequalitativetools.Anecdotalrecords
constituteadescriptionornarrativeofaspecificsituationorcondition.
108.WithrespecttoBCP/DRP,singlepointoffailuremeanswhichofthefollowing?
a.Noproductionexists
b.Novendorexists
c.Noredundancyexists
d.Nomaintenanceexists
108.c.Asinglepointoffailureoccurswhenthereisnoredundancyindata,equipment,facilities,systems,andprograms.Afailureofacomponentorelementmay
disabletheentiresystem.Useofredundantarrayofindependentdisks(RAID)technologyprovidesgreaterdatareliabilitythroughredundancybecausethedatacan
bestoredonmultipleharddrivesacrossanarray,thuseliminatingsinglepointsoffailureanddecreasingtheriskofdatalosssignificantly.
109.Whatisanalternativeprocessingsitethatisequippedwithtelecommunicationsbutnotcomputers?
a.Coldsite
b.Hotsite
c.Warmsite
d.Redundantsite
109.c.Awarmsitehastelecommunicationsreadytobeutilizedbutdoesnothavecomputers.Acoldsiteisanemptybuildingforhousingcomputerprocessorslater
butequippedwithenvironmentalcontrols(forexample,heatandairconditioning)inplace.Ahotsiteisafullyequippedbuildingreadytooperatequickly.A
redundantsiteisconfiguredexactlyliketheprimarysite.
110. Whichofthefollowingcomputerbackupalternativesitesistheleastexpensivemethodandthemostdifficulttotest?
a.Nonmobilehotsite
b.Mobilehotsite
c.Warmsite
d.Coldsite
110.d.Acoldsiteisanenvironmentallyprotectedcomputerroomequippedwithairconditioning,wiring,andhumiditycontrolforcontinuedprocessingwhenthe
equipmentisshippedtothelocation.Thecoldsiteistheleastexpensivemethodofabackupsite,butthemostdifficultandexpensivetotest.
111. Whichofthefollowingisthecorrectsequenceofeventswhensurvivingadisaster?
a.Respond,recover,plan,continue,andtest
b.Plan,respond,recover,test,andcontinue
c.Respond,plan,test,recover,andcontinue
d.Plan,test,respond,recover,andcontinue
111.d.Thecorrectsequenceofeventstotakeplacewhensurvivingadisasterisplan,test,respond,recover,andcontinue.
112. Whichofthefollowingtoolsprovideinformationforreachingpeopleduringadisaster?
a.Decisiontreediagram
b.Calltreediagram
c.Eventtreediagram
d.Parsetreediagram
112.b.Acalltreediagramshowswhotocontactwhenarequiredpersonisnotavailableornotresponding.Thecalltreeshowsthesuccessivelevelsofpeopleto
contactifnoresponseisreceivedfromthelowerlevelofthetree.Itshowsthebackuppeoplewhentheprimarypersonisnotavailable.Adecisiontreediagramshows
allthechoicesavailablewiththeiroutcomestomakeadecision.Aneventtreediagramcanbeusedinprojectmanagement,andaparsetreediagramcanbeusedin
estimatingprobabilitiesandthenatureofstatesinsoftwareengineering.

Business Continuity and Disaster Recovery Planning

Enviado por

Dados do documento

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Business Continuity and Disaster Recovery Planning

Enviado por

Direitos autorais:

Formatos disponíveis

11/12/2016 techbus.safaribooksonline.com/print?

Você também pode gostar