CISSP Topic 8 – Business Continuity and Disaster Recovery Planning

A
Which of the following best describes what would be expected at a “hot site”?
A. Computers, climate control, cables and peripherals
B. Computers and peripherals
C. Computers and dedicated climate control systems.
D. Dedicated climate control systems
C
Who should direct short-term recovery actions immediately following a disaster?
A. Chief Information Officer.
B. Chief Operating Officer.
C. Disaster Recovery Manager.
D. Chief Executive Officer.
D
Prior to a live disaster test also called a Full Interruption test, which of the following is most important?
A. Restore all files in preparation for the test.
B. Document expected findings.
C. Arrange physical security for the test site.
D. Conduct of a successful Parallel Test
C
Which of the following should be emphasized during the Business Impact Analysis (BIA) considering that the BIA focus is on business processes?
A. Composition
B. Priorities
C. Dependencies
D. Service levels
B
Which of the following recovery plan test results would be most useful to management?
A. elapsed time to perform various activities.
B. list of successful and unsuccessful activities.
C. amount of work completed.
D. description of each activity.
C
Which of the following computer recovery sites is only partially equipped with processing equipment?
A. hot site.
B. rolling hot site.
C. warm site.
D. cold site.
D
Which of the following computer recovery sites is the least expensive and the most difficult to test?
A. non-mobile hot site.
B. mobile hot site.
C. warm site.
D. cold site.
A
Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan?
A. It is unlikely to be affected by the same disaster.
B. It is close enough to become operational quickly.
C. It is close enough to serve its users.
D. It is convenient to airports and hotels.
D
Contracts and agreements are often times unenforceable or hard to enforce in which of the following alternate facility recovery agreement?
A. hot site.
B. warm site.
C. cold site.
D. reciprocal agreement.
B
Organizations should not view disaster recovery as which of the following?
A. Committed expense.
B. Discretionary expense.
C. Enforcement of legal statutes.
D. Compliance with regulations.
B
Which of the following backup sites is the most effective for disaster recovery?
A. Time brokers
B. Hot sites
C. Cold sites
D. Reciprocal Agreement
A
Which of the following is NOT a transaction redundancy implementation?
A. on-site mirroring
B. Electronic Vaulting
C. Remote Journaling
D. Database Shadowing
A
Which of the following provides enterprise management with a prioritized list of time-critical business processes, and estimates a recovery time objective for each of the time critical processes and the components of the enterprise that support those processess?
A. Business Impact Assessment
B. Current State Assessment
C. Risk Mitigation Assessment.
D. Business Risk Assessment.
A
Which of the following steps is NOT one of the eight detailed steps of a Business Impact Assessment (BIA):
A. Notifying senior management of the start of the assessment.
B. Creating data gathering techniques.
C. Identifying critical business functions.
D. Calculating the risk for each different business function.
D
A site that is owned by the company and mirrors the original production site is referred to as a?
A. Hot site.
B. Warm Site.
C. Reciprocal site.
D. Redundant Site.
B
Which of the following results in the most devastating business interruptions?
A. Loss of Hardware/Software
B. Loss of Data
C. Loss of Communication Links
D. Loss of Applications
A
Which of the following is the most critical item from a disaster recovery point of view?
A. Data
B. Hardware/Software
C. Communication Links
D. Software Applications
A
Which of the following is defined as the most recent point in time to which data must be synchronized without adversely affecting the organization (financial or operational impacts)?
A. Recovery Point Objective
B. Recovery Time Objective
C. Point of Time Objective
D. Critical Time Objective
D
Valuable paper insurance coverage does not cover damage to which of the following?
A. Inscribed, printed and Written documents
B. Manuscripts
C. Records
D. Money and Securities
D
Which of the following is covered under Crime Insurance Policy Coverage?
A. Inscribed, printed and Written documents
B. Manuscripts
C. Accounts Receivable
D. Money and Securities
A
If your property Insurance has Actual Cash Valuation (ACV) clause, your damaged property will be compensated based on:
A. Value of item on the date of loss
B. Replacement with a new item for the old one regardless of condition of lost item
C. Value of item one month before the loss
D. Value of item on the date of loss plus 10 percent
B
If your property Insurance has Replacement Cost Valuation (RCV) clause your damaged property will be compensated:
A. Based on the value of item on the date of loss
B. Based on new, comparable, or identical item for old regardless of condition of lost item
C. Based on value of item one month before the loss
D. Based on the value listed on the Ebay auction web site
D
What is the Maximum Tolerable Downtime (MTD)?
A. Maximum elapsed time required to complete recovery of application data
B. Minimum elapsed time required to complete recovery of application data
C. Maximum elapsed time required to move back to primary site after a major disruption
D. It is maximum delay businesses can tolerate and still remain viable
A
Out of the steps listed below, which one is not one of the steps conducted during the Business Impact Analysis (BIA)?
A. Alternate site selection
B. Create data-gathering techniques
C. Identify the company’s critical business functions
D. Select individuals to interview for data gathering
C
Which one of the following is NOT one of the outcomes of a vulnerability assessment?
A. Quantative loss assessment
B. Qualitative loss assessment
C. Formal approval of BCP scope and initiation document
D. Defining critical support areas
B
The scope and focus of the Business continuity plan development depends most on:
A. Directives of Senior Management
B. Business Impact Analysis (BIA)
C. Scope and Plan Initiation
D. Skills of BCP committee
B
Which of the following items is NOT a benefit of cold sites?
A. No resource contention with other organisation
B. Quick Recovery
C. A secondary location is available to reconstruct the environment
D. Low Cost
A
Qualitative loss resulting from the business interruption does NOT usually include:
A. Loss of revenue
B. Loss of competitive advantage or market share
C. Loss of public confidence and credibility
D. Loss of market leadership
A
When you update records in multiple locations or you make a copy of the whole database at a remote location as a way to achieve the proper level of fault-tolerance and redundancy, it is knows as?
A. Shadowing
B. Data mirroring
C. Backup
D. Archiving
A
Recovery Site Strategies for the technology environment depend on how much downtime an organization can tolerate before the recovery must be completed. What would you call a strategy where the alternate site is internal, standby ready, with all the technology and equipment necessary to run the applications?
A. External Hot site
B. Warm Site
C. Internal Hot Site
D. Dual Data Center
C
What is the most correct choice below when talking about the steps to resume normal operation at the primary site after the green light has been given by the salvage team?
A. The most critical operations are moved from alternate site to primary site before others
B. Operation may be carried by a completely different team than disaster recovery team
C. The least critical functions should be moved back first
D. You moves items back in the same order as the categories document in your plan or exactly in the same order as you did on your way to the alternate site
A
Business Continuity and Disaster Recovery Planning (Primarily) addresses the:
A. Availability of the CIA triad
B. Confidentiality of the CIA triad
C. Integrity of the CIA triad
D. Availability, Confidentiality and Integrity of the CIA triad
A
Which of the following is used to create parity information?
A. a hamming code
B. a clustering code
C. a mirroring code
D. a striping code
A
Which of the following backup methods makes a complete backup of every file on the server every time it is run?
A. full backup method.
B. incremental backup method.
C. differential backup method.
D. tape backup method.
D
Which of the following is a large hardware/software backup system that uses the RAID technology?
A. Tape Array.
B. Scale Array.
C. Crimson Array
D. Table Array.
B
What is the MOST critical piece to disaster recovery and continuity planning?
A. Security policy
B. Management support
C. Availability of backup information processing facilities
D. Staff training
C
During the testing of the business continuity plan (BCP), which of the following methods of results analysis provides the BEST assurance that the plan is workable?
A. Measurement of accuracy
B. Elapsed time for completion of critical tasks
C. Quantitatively measuring the results of the test
D. Evaluation of the observed test results
A
Which of the following statements regarding an off-site information processing facility is TRUE?
A. It should have the same amount of physical access restrictions as the primary processing site.
B. It should be located in proximity to the originating site so that it can quickly be made operational.
C. It should be easily identified from the outside so in the event of an emergency it can be easily found.
D. Need not have the same level of environmental monitoring as the originating site since this would be cost prohibitive.
D
Notifying the appropriate parties to take action in order to determine the extent of the severity of an incident and to remediate the incident’s effects is part of:
A. Incident Evaluation
B. Incident Recognition
C. Incident Protection
D. Incident Response
A
A server farm consisting of multiple similar servers seen as a single IP address from users interacting with the group of servers is an example of which of the following?
A. Server clustering
B. Redundant servers
C. Multiple servers
D. Server fault tolerance
B
Which of the following is NOT a common backup method?
A. Full backup method
B. Daily backup method
C. Incremental backup method
D. Differential backup method
B
Which common backup method is the fastest on a daily basis?
A. Full backup method
B. Incremental backup method
C. Fast backup method
D. Differential backup method
C
Which of the following backup methods is most appropriate for off-site archiving?
A. Incremental backup method
B. Off-site backup method
C. Full backup method
D. Differential backup method
D
Which of the following tasks is NOT usually part of a Business Impact Analysis (BIA)?
A. Calculate the risk for each different business function.
B. Identify the company’s critical business functions.
C. Calculate how long these functions can survive without these resources.
D. Develop a mission statement.
A
Which of the following statements pertaining to RAID technologies is incorrect?
A. RAID-5 has a higher performance in read/write speeds than the other levels.
B. RAID-3 uses byte-level striping with dedicated parity .
C. RAID-0 relies solely on striping.
D. RAID-4 uses dedicated parity.
D
Which of the following is NOT a common category/classification of threat to an IT system?
A. Human
B. Natural
C. Technological
D. Hackers
A
Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a prioritized manner only on the identified risks?
A. Risk assessment
B. Residual risks
C. Security controls
D. Business units
D
A contingency plan should address:
A. Potential risks.
B. Residual risks.
C. Identified risks.
D. All answers are correct.
A
Which of the following focuses on sustaining an organization’s business functions during and after a disruption?
A. Business continuity plan
B. Business recovery plan
C. Continuity of operations plan
D. Disaster recovery plan
C
Which of the following specifically addresses cyber attacks against an organization’s IT systems?
A. Continuity of support plan
B. Business continuity plan
C. Incident response plan
D. Continuity of operations plan
D
Which of the following provides coordinated procedures for minimizing loss of life, injury, and property damage in response to a physical threat?
A. Business continuity plan
B. Incident response plan
C. Disaster recovery plan
D. Occupant emergency plan
C
Which of the following teams should NOT be included in an organization’s contingency plan?
A. Damage assessment team
B. Hardware salvage team
C. Tiger team
D. Legal affairs team
B
Which of the following statements pertaining to the maintenance of an IT contingency plan is incorrect?
A. The plan should be reviewed at least once a year for accuracy and completeness.
B. The Contingency Planning Coordinator should make sure that every employee gets an up-to- date copy of the plan.
C. Strict version control should be maintained.
D. Copies of the plan should be provided to recovery personnel for storage offline at home and office.
A
Which of the following is less likely to accompany a contingency plan, either within the plan itself or in the form of an appendix?
A. Contact information for all personnel.
B. Vendor contact information, including offsite storage and alternate site.
C. Equipment and system requirements lists of the hardware, software, firmware and other resources required to support system operations.
D. The Business Impact Analysis.
D
Which of the following server contingency solutions offers the highest availability?
A. System backups
B. Electronic vaulting/remote journaling
C. Redundant arrays of independent disks (RAID)
D. Load balancing/disk replication
B
What assesses potential loss that could be caused by a disaster?
A. The Business Assessment (BA)
B. The Business Impact Analysis (BIA)
C. The Risk Assessment (RA)
D. The Business Continuity Plan (BCP)
D
Which of the following item would best help an organization to gain a common understanding of functions that are critical to its survival?
A. A risk assessment
B. A business assessment
C. A disaster recovery plan
D. A business impact analysis
B
What can be defined as the maximum acceptable length of time that elapses before the unavailability of the system severely affects the organization?
A. Recovery Point Objectives (RPO)
B. Recovery Time Objectives (RTO)
C. Recovery Time Period (RTP)
D. Critical Recovery Time (CRT)
D
Which of the following steps should be one of the first step performed in a Business Impact Analysis (BIA)?
A. Identify all CRITICAL business units within the organization.
B. Evaluate the impact of disruptive events.
C. Estimate the Recovery Time Objectives (RTO).
D. Identify and Prioritize Critical Organization Functions
B
A business continuity plan should list and prioritize the services that need to be brought back after a disaster strikes. Which of the following services is more likely to be of primary concern in the context of what your Disaster Recovery Plan would include?
A. Marketing/Public relations
B. Data/Telecomm/IS facilities
C. IS Operations
D. Facilities security
C
During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?
A. Damage mitigation
B. Install LAN communications network and servers
C. Assess damage to LAN and servers
D. Recover equipment
A
Which of the following rules pertaining to a Business Continuity Plan/Disaster Recovery Plan is incorrect?
A. In order to facilitate recovery, a single plan should cover all locations.
B. There should be requirements to form a committee to decide a course of action. These decisions should be made ahead of time and incorporated into the plan.
C. In its procedures and tasks, the plan should refer to functions, not specific individuals.
D. Critical vendors should be contacted ahead of time to validate equipment can be obtained in a timely manner.
C
A Business Continuity Plan should be tested:
A. Once a month.
B. At least twice a year.
C. At least once a year.
D. At least once every two years.
A
Which of the following statements pertaining to a Criticality Survey is incorrect?
A. It is implemented to gather input from all personnel that is going to be part of the recovery teams.
B. The purpose of the survey must be clearly stated.
C. Management’s approval should be obtained before distributing the survey.
D. Its intent is to find out what services and systems are critical to keeping the organization in business.
D
Which disaster recovery plan test involves functional representatives meeting to review the plan in detail?
A. Simulation test
B. Checklist test
C. Parallel test
D. Structured walk-through test
B
System reliability is increased by:
A. A lower MTBF and a lower MTTR.
B. A higher MTBF and a lower MTTR.
C. A lower MTBF and a higher MTTR.
D. A higher MTBF and a higher MTTR.
B
The first step in the implementation of the contingency plan is to perform:
A. A firmware backup
B. A data backup
C. An operating systems software backup
D. An application software backup
A
The MOST common threat that impacts a business’s ability to function normally is:
A. Power Outage
B. Water Damage
C. Severe Weather
D. Labor Strike
B
Failure of a contingency plan is usually:
A. A technical failure.
B. A management failure.
C. Because of a lack of awareness.
D. Because of a lack of training.
A
Which of the following questions is less likely to help in assessing an organization’s contingency planning controls?
A. Is damaged media stored and/or destroyed?
B. Are the backup storage site and alternate site geographically far enough from the primary site?
C. Is there an up-to-date copy of the plan stored securely off-site?
D. Is the location of stored backups identified?
A
A business continuity plan is an example of which of the following?
A. Corrective control
B. Detective control
C. Preventive control
D. Compensating control
B
When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing time-critical systems?
A. Executive management staff
B. Senior business unit management
C. BCP committee
D. Functional business units
A
Which of the following statements pertaining to disaster recovery planning is incorrect?
A. Every organization must have a disaster recovery plan
B. A disaster recovery plan contains actions to be taken before, during and after a disruptive event.
C. The major goal of disaster recovery planning is to provide an organized way to make decisions if a disruptive event occurs.
D. A disaster recovery plan should cover return from alternate facilities to primary facilities.
C
Which of the following statements do not apply to a hot site?
A. It is expensive.
B. There are cases of common overselling of processing capabilities by the service provider.
C. It provides a false sense of security.
D. It is accessible on a first come first serve basis. In case of large disaster it might not be accessible.
B
What can be defined as a batch process dumping backup data through communications lines to a server at an alternate location?
A. Remote journaling
B. Electronic vaulting
C. Data clustering
D. Database shadowing
A
Which of the following is the most complete disaster recovery plan test type, to be performed after successfully completing the Parallel test?
A. Full Interruption test
B. Checklist test
C. Simulation test
D. Structured walk-through test
D
Which of the following statements pertaining to disaster recovery is incorrect?
A. A recovery team’s primary task is to get the pre-defined critical business functions at the alternate backup processing site.
B. A salvage team’s task is to ensure that the primary site returns to normal processing conditions.
C. The disaster recovery plan should include how the company will return from the alternate site to the primary site.
D. When returning to the primary site, the most critical applications should be brought back first.
A
For which areas of the enterprise are business continuity plans required?
A. All areas of the enterprise.
B. The financial and information processing areas of the enterprise.
C. The operating areas of the enterprise.
D. The marketing, finance, and information processing areas.
C
Which of the following will a Business Impact Analysis NOT identify?
A. Areas that would suffer the greatest financial or operational loss in the event of a disaster.
B. Systems critical to the survival of the enterprise.
C. The names of individuals to be contacted during a disaster.
D. The outage time that can be tolerated by the enterprise as a result of a disaster.
A
What is a hot-site facility?
A. A site with pre-installed computers, raised flooring, air conditioning, telecommunications and networking equipment, and UPS.
B. A site in which space is reserved with pre-installed wiring and raised floors.
C. A site with raised flooring, air conditioning, telecommunications, and networking equipment, and UPS.
D. A site with ready made work space with telecommunications equipment, LANs, PCs, and terminals for work groups.
D
Which of the following best describes remote journaling?
A. Send hourly tapes containing transactions off-site.
B. Send daily tapes containing transactions off-site.
C. Real-time capture of transactions to multiple storage devices.
D. Real time transmission of copies of the entries in the journal of transactions to an alternate site.
C
All of the following can be considered essential business functions that should be identified when creating a Business Impact Analysis (BIA) except one. Which of the following would not be considered an essential element of the BIA but an important topic to include within the BCP plan:
A. IT Network Support
B. Accounting
C. Public Relations
D. Purchasing
A
Of the following, which is NOT a specific loss criteria that should be considered while developing a
BIA?
A. Loss of skilled workers knowledge
B. Loss in revenue
C. Loss in profits
D. Loss in reputation
C
Of the reasons why a Disaster Recovery plan gets outdated, which of the following is not true?
A. Personnel turnover
B. Large plans can take a lot of work to maintain
C. Continuous auditing makes a Disaster Recovery plan irrelevant
D. Infrastructure and environment changes
C
Which backup type run at regular intervals would take the least time to complete?
A. Full Backup
B. Differential Backup
C. Incremental Backup
D. Disk Mirroring
D
What is electronic vaulting?
A. Information is backed up to tape on a hourly basis and is stored in a on-site vault.
B. Information is backed up to tape on a daily basis and is stored in a on-site vault.
C. Transferring electronic journals or transaction logs to an off-site storage facility
D. A transfer of bulk information to a remote central backup facility.
B
After a company is out of an emergency state, what should be moved back to the original site first?
A. Executives
B. Least critical components
C. IT support staff
D. Most critical components
C
How often should tests and disaster recovery drills be performed?
A. At least once a quarter
B. At least once every 6 months
C. At least once a year
D. At least once every 2 years
D
A business impact assessment is one element in business continuity planning. What are the three primary goals of a BIA?
A. Data processing continuity planning, data recovery plan maintenance, and testing the disaster recovery plan.
B. Scope and plan initiation, business continuity plan development, and plan approval and implementation.
C. Facility requirements planning, facility security management, and administrative personnel controls.
D. Criticality prioritization, downtime estimation, and resource requirements.
C
Business Continuity Planning (BCP) is not defined as a preparation that facilitates:
ISC CISSP Exam
www.braindumps.com 1150
A. the rapid recovery of mission-critical business operations
B. the continuation of critical business functions
C. the monitoring of threat activity for adjustment of technical controls
D. the reduction of the impact of a disaster
B
During a test of a disaster recovery plan the IT systems are concurrently set up at the alternate site. The results are compared to the results of regular processing at the original site. What kind of testing has taken place?
A. Simulation
B. Parallel
C. Checklist
D. Full interruption
C
During a business impact analysis it is concluded that a system has maximum tolerable downtime of 2 hours. What would this system be classified as?
A. Important
B. Urgent
C. Critical
D. Vital
B
Business Impact Analysis (BIA) is about
A. Technology
B. Supporting the mission of the organization
C. Due Care
D. Risk Assessment
C
What is the MOST important step in business continuity planning?
A. Risk Assessment
B. Due Care
C. Business Impact Analysis (BIA)
D. Due Diligence
A
You have been tasked with developing a Business Continuity Plan/Disaster Recovery (BCP/DR) plan. After several months of researching the various areas of the organization, you are ready to present the plan to Senior Management.
During the presentation meeting, the plan that you have dutifully created is not received positively. Senior Management is not convinced that they need to enact your plan, nor are they prepared to invest any money in the plan.
What is the BEST reason, as to why Senior Management is not willing to enact your plan?
A. The business case was not initially made and thus did not secure their support.
B. They were not included in any of the Risk Assessment meetings.
C. They were not included in any of the Business Impact Assessment meetings.
D. A Business Impact Assessment was not performed.
C
How often should a Business Continuity Plan be reviewed?
A. At least once a month
B. At least every six months
C. At least once a year
D. At least Quarterly
B
Mark’s manager has tasked him with researching an intrusion detection system for a new dispatching center. Mark identifies the top five products and compares their ratings. Which of the following is the evaluation criteria most in use today for these types of purposes?
A. ITSEC
B. Common Criteria
C. Red Book
D. Orange Book
A
When planning for disaster recovery it is important to know a chain of command should one or more people become missing, incapacitated or otherwise not available to lead the organization.
Which of the following terms BEST describes this process?
A. Succession Planning
B. Continuity of Operations
C. Business Impact Analysis
D. Business Continuity Planning
A
Of the three types of alternate sites: hot, warm or cold, which is BEST described by the following facility description?
– Configured and functional facility
– Available with a few hours
– Requires constant maintenance
– Is expensive to maintain
A. Hot Site
B. Warm Site
C. Cold Site
D. Remote Site
A
Which of the following plan provides procedures for sustaining essential business operations while recovering from significant disruption?
A. Business Continuity Plan
B. Occupant Emergency Plan
C. Cyber Incident Response Plan
D. Disaster Recovery Plan