CompTIA Sec+ SY0-601 Chapter 18
You are creating a DRP for a small, independent car dealership. There are four employees who each use a desktop computer, there are no servers. All company data is stored on the four computers. A single high-speed DSL link is shared by all users. What are the best DRP solutions? (Choose two.) A. Store data in the cloud instead of locally. B. Ensure that employees know exactly what to do in the event of a disaster. C. Purchase faster desktops. D. Purchase a file server.
A and B. Online data storage in the cloud is an affordable solution to safeguard business data, but the amount of time required to restore from the cloud must be considered. it is affected by factors such as distance to the nearest cloud provider data center and available network bandwidth. Users must know what to do in the event of a catastrophe to ensure the timely resumption of business.
Windows Server backups are scheduled as follows: full backups on Saturdays at 3 A.M. and incremental backups weeknights at 9 P.M. Write verification has been enabled. Backup tapes are stored off site at a third-party backup vendor location. What should be done to ensure the integrity and confidentially of the backups? (Choose two.) A. Have a different person than the backup operator analyze each day's backup logs. B. Ensure the user performing the backup is a member of the Administrators group. C. Encrypt the backup media. D. Use SSL to encrypt the backup media.
A and C. To reduce the likelihood of tampering, a different person should review backup logs. For confidentiality, backup tapes stored off site should be encrypted.
To ensure confidentiality, what should you do when storing server backup disks off site? A. Encrypt backed up data. B. Generate file hashes for each backed up file. C. Place backup tapes in static shielding bags. D. Never store backup disks off site.
A. Backup disks stored off site should be encrypted to ensure data confidentiality. Without the correct decryption key, disk contents are inaccessible.
An airline company has hired you to ensure that its customer reservation system is always online. The software runs and stores data locally on the Linux operating system. What should you do? A. Install two Linux servers in a cluster. Cluster the airline software, with its data being written to shared storage. B. Install a new Linux server. Ensure that the airline software runs from the first server. Schedule airline data to replicate to the new Linux server nightly. C. Configure the Linux server with RAID 5. D. Configure the Linux server with RAID 1.
A. Clustering software between two servers will enable the customer reservation system to function even if one server fails, because the data is not stored within a single server it exists on shared storage that both cluster nodes can access. When a cluster node (server) fails, the application fails over to a running cluster node (server).
You are an IT network architect. Your firm has been hired to perform a network security audit for a shipping company. One of the company's warehouses has a server room containing one Windows server and two Linux servers. After interviewing the server administrators, you learn they have no idea what to do if the Linux servers cease to function. What is needed here? A. Disaster recovery plan B. Risk analysis C. Windows servers D. Server clustering
A. Disaster recovery plans outline exactly who must do what in case unfavorable events occur.
Which storage area network term describes a host using more than one physical path to gain access to shared network storage? A. Multipathing B. App load balancing C. RAID 0 D. RAID 1
A. To improve resiliency against failures, storage area network (SAN) administrators can enable multipathing, which provides hosts with more than one physical path to the shared SAN storage.
Which items should be considered when ensuring high availability for an e-commerce web site? (Choose two.) A. Use TPM to encrypt server hard disks. B. Use redundant Internet links. C. Use network load balancing. D. Upgrade the server CMOS to the latest version.
B and C. High availability makes a resource available as often as is possible. Redundant Internet links allow access to the web site even if one Internet link fails. Network load balancing (which could use the redundant Internet links) distributes traffic evenly either to server cluster nodes or through redundant network links.
Which of the following regarding disaster recovery are true? (Choose two.) A. Once the plan is complete, to save time it need never be revisited. B. Once the plan is complete, it must have management approval. C. The plan must evolve with the business. D. The plan should include only IT systems.
B and C. Without management support and approval, a disaster recovery plan will not succeed. The plan must be revisited periodically to ensure that it is in step with changes in the business.
Identify the disaster recovery plan errors. (Choose two.) A. Perform a business impact analysis first. B. Base your DRP on an unchanged downloaded template. C. Data backups are never tested, it costs the company too much money. D. Keep existing backup solutions in place even though the software is two versions out of date.
B and C. Your DRP should be much more specific than what a downloaded template can provide. DRPs must be tested initially and periodically to ensure their efficiency and efficacy.
Which of the following are the most closely related to creating a disaster recovery plan? (Choose three.) A. Determining which class of IP addresses are in use B. Ranking risks C. Disabling unused switch ports D. Assigning recovery tasks to personnel E. Establishing an alternate location to continue business operations
B, D, and E. Risks should be ranked to determine which are the most probable. The most attention should be given to the most likely threats. Personnel must be assigned tasks according to the disaster recovery plan (DRP) to minimize confusion and downtime. DRPs also provide details about the order of restoration, such as the order in which software components must be placed back into operation. An alternate site (cold, warm, or hot) should at least be considered. Larger businesses or agencies may be able to justify the cost of maintaining an alternate site.
You are the network administrator for a small IT consulting firm. All servers are hosted externally in the public cloud. After analyzing threats, creating a DRP, and receiving management approval, you e-mail a copy to all employees for their reference in the event of a disaster. Identify the most serious problem. A. The e-mail should have been encrypted. B. The DRP was not tested. C. The e-mail should have been digitally signed. D. Only executives should have received the message.
B. A DRP changes with the business and must be tested to ensure its success, which is something that doesn't seem to have been done here.
A team leader assigns a server administrator the task of determining the business and financial effects that a failed e-mail server would have if it was down for two hours. What type of analysis must the server administrator perform? A. Critical systems and components identification B. Business impact analysis C. Security audit D. Risk assessment
B. A business impact analysis (BIA), also referred to as a business impact assessment, identifies the effect unwanted events have on the operation of a business.
You have configured your enterprise cloud storage so that it continuously replicates to a cloud provider data center in a different region. Replication to the secondary region occurs only after data is written to the primary storage. Which term best describes this resilience configuration? A. Synchronous replication B. Geographic service dispersal C. Dedicated circuit D. Load balancing
B. Geographic dispersal refers to the spreading out of IT services such as cloud storage or virtual machines by replicating across geographical regions to increase resiliency against a regional outage, disaster, or some other kind of disruption. The same configuration can be used for local redundancy within a data center through techniques such as SAN replication.
Your company is virtualizing DNS, DHCP, web, and e-mail servers at your location. Each of the four virtual machines will be spread out across two physical hosts. Virtual machines are using virtual hard disks, and these files exist on a SAN. Choose the best virtual machine backup strategy that will enable the quickest granular restore. A. Back up the virtual machine hard disks at the SAN level. B. Install a backup agent in each virtual machine and perform backups normally. C. Duplicate your SAN disk array so that backups are not necessary. D. Run all four virtual machines on the same physical host to be backed up.
B. If granular restores are required, backing up each virtual machine using a backup agent installed in each VM is the best choice.
A busy clustered web site regularly experiences congested network traffic. You must improve the web site response time. What should you implement? A. Ethernet switch B. Network load balancing C. Fibre Channel switch D. Proxy server
B. Network load balancing (NLB) can distribute network traffic to multiple servers hosting the same content to improve performance. In the cloud, load balancers can use autoscaling to add or remove virtual machines in response to application demand.
As the IT director, you are comparing public cloud providers. Your company will no longer house on-premises mail or application servers. Which factors under your control must you consider to ensure that e-mail and applications are always available to users? A. Updates applied to cloud provider hypervisors B. Redundant network links C. RAID level used on cloud provider servers D. MTTF for cloud provider server hard disks
B. Redundant network links to the Internet will ensure that if one Internet connection fails, the other can be used to access e-mail and application services in the cloud.
Your IT security team has worked with executive management to determine that a company e-commerce web site must never remain down for more than two hours. To which disaster recovery term does this apply? A. RPO B. RTO C. MTTR D. MTBF
B. The recovery time objective (RTO) specifies the amount of time it will take after an unexpected failure for systems to resume normal operation. In other words, it denotes the amount of time an application can be non-operational without causing irreparable damage to the business.
Your primary e-mail server uses three hot-swappable hard disks in a RAID 5 configuration. When one disk fails, other disks are readily available in the server room, which you can simply plug in while the server is still running. Which term best describes this scenario? A. Disk clustering B. Hardware fault tolerance C. Disk striping D. Disk mirroring
B. With hardware fault tolerance, a hardware component can fail without completely impeding data access. A single disk failure in a RAID 5 configuration means the failed disk can be hot-swapped with a functional disk. Because RAID 5 stripes data across disks in the array and parity is distributed across disks, user requests for data can be reconstructed dynamically in RAM until the data is reconstructed on the replaced disk.
You are the administrator for a recently patched virtual Windows Server running Active Directory Domain Services (AD DS). Recently the server has been randomly rebooting and now cannot boot at all. What should you do? A. Run Windows update. B. Format the hard disk, reinstall the server, and restore from tape. C. Refer to your DRP. D. Refer to your BCP.
C. A disaster recovery plan (DRP) specifies who should do what in case of a disaster, such as in the case of server that will not boot.
Your Windows server will no longer boot the operating system. No recent updates or configuration changes have been applied. What should you do first to attempt to resolve the problem? A. Revert to the last known good configuration. B. Reinstall the operating system. C. Boot from a Windows Server live media disk and attempt to repair the installation. D. Apply a corporate operating system image.
C. Booting from a live media CD, DVD, or USB operating system media disk will provide options for repairing the Windows installation. Because this could solve the problem quickly, it should be tried first.
Your server tape backup routine consists of a full backup each Friday night and a nightly backup of all data changed since Friday's backup. What type of backup schedule is this? A. Full B. Full and incremental C. Full and differential D. Disk snapshot
C. Differential backups will archive data that has changed since the last full backup. Restoring data means first restoring the full backup and then the latest differential. A full backup, when not used with differential backups, is also called a copy backup.
You are a web site administrator. You need to minimize web site downtime in the event of a disaster or security compromise. Which of the following terms best describes the reliability of hard disks? A. MTBF B. MTTF C. MTTR D. RPO
C. Mean time to recovery (MTTR) (also sometimes known as mean time to restore) measures the amount of time it takes to return a device, system, or network to normal functionality.
Which configuration provides network traffic load balancing? A. Multipath B. UPS C. NIC teaming D. PDU
C. NIC teaming groups multiple server network interface cards (NICs) together to combine network bandwidth, increase resilience against a failed NIC, and to load balance network traffic among the teamed NICs.
What should be used to make informed decisions regarding your specific disaster recovery plan? A. DRP template freely downloaded from a web site B. ROI analysis C. TCO analysis D. Business impact analysis
D. A business impact analysis identifies which risks will affect business operations more than others. This is valuable in determining how to recover from a disaster.
You are a network engineer for a San Francisco law firm. After the 1989 earthquake, an emphasis on continued business operation after future earthquakes dominated in the San Francisco business community. What type of plan focuses on ensuring that personnel, customers, and IT systems are minimally affected after a disaster? A. Risk management B. Fault tolerant C. Disaster recovery D. Business continuity
D. Business continuity is considered the key goal to which disaster recovery plays a part. Disaster recovery (DR) normally involves implementing steps to get the business operational. Business continuity ensures business operation after the successful implementation of the DRP. Keeping the organization functional sometimes requires the use of an alternate site if the primary site fails, or the use of a recruitment agency (against normal business practices) to employ workers if there is a worker shortage.
You company backs up on-premises data using a tape backup system that also replicates backup data to the cloud. You need to back data up daily while minimizing backup storage capacity on local backup tapes. What should you do? A. Configure daily full backups. B. Configure weekly full backups with daily differential backups. C. Configure weekly incremental backups. D. Configure daily incremental backups.
D. Daily incremental backups include only those items changed since the previous night's incremental backup and thus results in the least amount of daily backup data.
Your senior network administrator has decided that the five physical servers at your location will be virtualized and run on a single physical host. The five virtual guests are mission-critical and will use the physical hard disks in the physical host. The physical host has the hard disks configured with RAID 1. Identify the flaw in this plan. A. The physical server should be using RAID 5. B. The physical hard disks must not reside in the physical host. C. You cannot run five virtual machines on a physical host simultaneously. D. The physical host is a single point of failure.
D. If the single physical host experiences a failure, all five virtual machines will be unavailable. A second server should be clustered with the first, and virtual guests should use shared disk storage versus local disk storage.
You are the network administrator for a small IT consulting firm. All servers are located at the single site. Employees use a web browser to access their e-mail accounts. After testing the DRP and receiving management approval, you e-mail a copy to all employees for their reference in the event of a disaster. Identify the problem. A. The e-mail should have been encrypted. B. The e-mail should have been digitally signed. C. Only executives should have received the message. D. The mail server may not be available in the event of a disaster.
D. The only copy of the disaster recovery plan exists on a mail server that users may not have access to when they need it most. Alternate storage locations and physical copies must be considered.