Risk
What is the initial requirement to be performed in establishing a Business Continuity Plan?
Agree on the scope of the plan
Focuses on restoring critical business processes
Business Continuity Planning
An unsuccessful DOS attack or a attempt at unauthorized access for example
Computer/security incedent
A BCP fits which category of control?
Corrective
RPO typically relates to...
Data
Focus is restoring IT systems during a disruption
Disaster Recovery
When a recovery strategy is not a viable option
Exceeds the MAO
The type of BCP test we would never do...
Full Interruption
What is the purpose of a CIRT plan?
Help an organization prepare for a incident
A physical location that has all the computing equipment and data necessary to resume a critical business functions in minutes to hours
Hot site
In order of less allowable downtime to most allowable downtime, rank these recovery strategies:
Hot, Warm, Cold
RTO typically realtes to...
IT Systems
Which of the following statements is true?
In all cases where systems are part of CBF, RTO must be equal to or less than MAO
Which of the following is TRUE of a BCP?
It should be tested annually
Which of the following would NOT be something that would affect the choice of a recovery strategy alternative?
Management structure
Which of the following is NOT a valid reason to activate a BCP?
Potential danger or safety concerns for personnel
Cost of a recovery strategy must be balanced with...
Potential loss of a disruption
A database administrator has created a stored procedure in the transaction processing application to automatically write a duplicate copy of each customer transaction to an off site back database. This control most likely addresses:
RPO
Which of the following is MOST LIKELY to affect MAO?
Regulatory compliance requirements
Common technique used to for off-site backup of data
Remote journaling
A CBF for an organization has a MAO of 60 minutes. There are 3 critical IT systems that support the CBF. Only two critical systems may be restarted simultaneously. The critical systems DO NOT have to be restored in order. The RTO of System A is 10 minutes. The RTO for System B is 24 minutes. The RTO of System C is 48 minutes. Which of the following restart sequences should be documented in the DR plan?
Restart System C & A first and restart System B after System A restart is complete
If your organization is in the detection and analysis phase of the incident handling process, what is an action you might take?
Running a virus scan
The most important difference between BCP and DR is:
Scope
Which of the following is NOT a phase of BCP
Transfer
The cost of recovery must be balanced with...
the cost of the potential disruption
