BUSA 462 Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

One of the most _________ things in a disaster recovery plan and in the selection of the disaster recovery site location selection is the ability to acquire office supplies. A. overworked B. overlooked C. obvious D. confusing

Answer Key: B overlooked

One of the first considerations in the business impact analysis is the _________. A. assets that are vulnerable B. service-level agreements that the organization must meet C. risks D. hazards

Answer Key: B service-level agreements that the organization must meet

Which of the following is an example of an upstream relationship? A. clients B. suppliers C. competitors D. all of the above

Answer Key: B suppliers

In the case of the recovery document, what is a recovery scenario? A. the instructions on how to recover B. the different kinds of ways that the organization may be called upon to recover C. the written plan needed in case of a disaster D. the backup site needed in case of a disaster

Answer Key: B the different kinds of ways that the organization may be called upon to recover

Which category does the payroll system likely fall into? A. tier 1 systems B. tier 2 systems C. tier 3 systems D. tier 4 systems

Answer Key: B tier 2 systems

It is a(n) _____ step in the disaster planning process to gather information on all of the company's assets. A. vital last B. vital early C. unnecessary D. low priority

Answer Key: B vital early

Reciprocal agreements are often a viable and useful alternative to a _______ recovery site A. hot B. warm C. cold D. All of the above

Answer Key: B warm

In the ideal situation, who should be able to work on the recovery team? A. Employees will trained in disaster recovery B. The employees most familiar with the system being restored C. Anyone that is available to be drafted into the position D. Outside personnel contracted for this purpose

Answer Key: C Anyone that is available to be drafted into the position

Which of the following governmental regulations deals with health and insurance information privacy protection for individuals? A. Gramm-Leach-Bliley Act B. Sarbanes-Oxley Act C. HIPAA D. All of the above

Answer Key: C HIPAA

Disaster recovery is ___________ an information technology problem A. Mostly B. only C. not just D. not

Answer Key: C Not just

Who should be on the disaster recovery planning team? A. The same people who will go to disaster recovery drills B. The same people involved in the actual recovery effort should a disaster be declared C. People who have a fundamental understanding of what it takes to get back to business as usual D. The board of directors

Answer Key: C People who have a fundamental understanding of what it takes to get back to business as usual

A well-written disaster recovery plan, including well-written desk instructions, will come as a result of the _____________ process A. Recovery B. Backup C. Planning and testing D. Disaster

Answer Key: C Planning and testing

A(n) _________ is the chance that someone or something could be harmed by a hazard... A. Recovery plan B. Assessment C. Risk D. Disaster

Answer Key: C Risk

Which of the following is an example of a lack of computer security? A. Chemical spill B. Employee death C. Spam D. Air conditioning failure

Answer Key: C Spam

Which of the following ties up valuable computer resources with no added value to the company? A. E-mail B. Internet C. Spam D. Junk mail

Answer Key: C Spam

What provides a simple mechanism for determining what hardware is located in what location? A. taking a physical inventory monthly B. Taking a physical inventory weekly C. Bar coding all assests and scanning into an inventory system D. Tagging all assets and keeping a written log of their locations

Answer Key: C Bar coding all assests and scanning into an inventory system

What will likely result in some tier 2 and tier 3 systems moving from one tier to the other? A. Prioritizing disaster recovery B. Identifying functions and processes C. Dependency analysis D. Identifying critical assets

Answer Key: C Dependency analysis

Who will be responsible for creating the disaster recovery plan and will likely be responsible for testing it and keeping up with its ongoing maintenance A. The disaster recovery team B. Upper management C. The disaster recovery planning team D. The insurance company

Answer Key: C The disaster recovery planning team

How should disaster recovery drills be executed? A. They should be scheduled on a regular basis and everyone involved should be notified of the dates. B. If the disaster recovery plan is complete and up-to-date drills are not needed C. They should start with a phone call in the middle of the night to all relevant individuals or a surprise announcement during working hours D. They should be scheduled on an irregular basis, but everyone invloved should have at least a weeks notice to ensure that everyone will be available

Answer Key: C They should start with a phone call in the middle of the night to all relevant individuals or a surprise announcement during working hours

Disaster recovery typically looks at the ___________. A. long run B. continuation of the business C. overall business plan D. short term

Answer Key: D Short term

Which of the following can put an organization at risk? A. Backups are put in place and are taken routinely B. Security measures are put in place and followed C. SLAs are in place D. Shortcuts are taken

Answer Key: D Shortcuts are taken

Who helps you determine what will go into each tier, or what might not go into any tier at all? A. The disaster recovery planning team B. FEMA C. Asset tracking software team D. Subject matter experts

Answer Key: D Subject matter experts

The possibility of harm or loss from any given disaster is different depending on the ________. A. organization B. situation C. severity of the disaster D. all of the above

Answer Key: D all of the above

What is the role of the owner of the disaster recovery document? A. ultimately responsible for the maintenance of the document B. oversees the changes and change control C. see to it that all pieces of the document are kept in sync D. all of the above

Answer Key: D all of the above

Which of the following must be included in the disaster recovery plan? A. Business functions B. Critical support functions C. Corporate-level support functions D. all of the above

Answer Key: D all of the above

Which of the following should be included in the list of contacts in a disaster recovery plan? A. computer vendor B. emergency services C. customers D. all of the above

Answer Key: D all of the above

Why must a disaster plan be continually revisited and updated? A. threats change B. assets change C. processes and abilities within the organization change D. all of the above

Answer Key: D all of the above

One function that is often overlooked during recovery is _____. A. payroll B. disaster assessment C. accounts receivable D. backup

Answer Key: D backup

In the disaster recovery plan, each response should detail the use of resources and assign only those resources needed to _________ the problem. A. assess B. quantify C. delegate D. fix

Answer Key: D fix

In today's world, the possibility of attack by outside agencies has ________ dramatically. A. been exaggerated B. been downplayed C. decreased D. increased

Answer Key: D increased

What is as important as generating an organization's assets? A. accounting for an organization's assets B. evaluating an organization's assets C. inventorying an organization's assets D. protecting an organization's assets

Answer Key: D protecting an organization's assets

A disaster recovery site is a(n) _________ location so that you can keep from having the business close while the long-term solution can be accomplished. A. permanent B. new C. expanded D. stop gap

Answer Key: D stop gap

Creating a _________ may be one of the most difficult tasks that will fall to the disaster recovery team leader. A. need for the plan B. diverse team C. qualified team D. team spirit

Answer Key: D team spirit

Any disaster, whether large or small, will have a ___________ effect through the entire organization. A. controlled B. known C. positive D. ripple

Answer Key: D Ripple

Who recovers the hardware and the software installations and the data in the computer system? A. Departmental Recovery Team B. Computer Backup Team C. Off-site Storage Team D. Computer Recovery Team

Answer Key: D Computer Recovery Team

Which backups are particularly good for organizations that have a significent amount of data, much of which remains unchanged? A. full backups B. incremential backups C. split-mirror backups D. none of the above

Answer Key: B incremential backups

The restore time is _______ for tape than for disk-stored recovery A. shorter B. longer C. safer D. more risky

Answer Key: B longer

Your SLAs should limit the number of nested disasters to _________. A. 2 B. 5 C. 10 D. No limit

Answer Key: D No limit

Business Continuity Planning is interested in ____________ disasters if possible A. avoiding B. recognizing C. reacting to D. planning

Answer Key: A Avoiding

On a business level, disasters are often thought of as _________ occurrences that affect the business or organization, or those occurrences on a grand scale that disrupt the business's ability to function. A. catastrophic B. natural C. minimal D. IT

Answer Key: A Catastrophic

What is one of the first things to be done after a recovery or drill? A. Have everyone that was involved sit down and debrief B. Decide who is at fault for any failures in the system C. Notify the disaster recovery team that a disaster has taken place D. All of the above

Answer Key: A Have everyone that was involved sit down and debrief

Which of the following ensures that communication will be timely and efficient? A. Notification directory B. Backup computers C. Logistics support team D. Facilities support team

Answer Key: A Notification directory

The disaster recovery team will be made up of many different people in the ______ who have a stake in the outcome of recovering from a disaster: A. Organization B. Government C. Community D. Customer pool

Answer Key: A Organization

Which external processes and functions need to be identified and accounted for in the eventuality that the disaster recovery plan needs to be implemented? A. Phone systems or broadband connections B. Fire department C. Police department D. All of the above

Answer Key: A Phone systems or broadband connections

Who should be put in charge of maintaining backups? A. Someone in IT B. Someone in Auditing C. Someone in Quality Control D. Any of the above

Answer Key: A Someone in IT

Why must backups be tested? A. Without knowing that they can be recovered, backups are useless B. To determine the cost if they are needed during a disaster recovery C. To determne if they are needed D. All of the above

Answer Key: A Without knowing that they can be recovered, backups are useless

How is asset-based risk assessment different from disaster-based risk assessment? A. You assess all assets, rather than hazards B. You assess all hazards, rather than assets C. You assess all risks, rather than assets D. You assess all assets, rather than risks

Answer Key: A You assess all assets, rather than hazards

Small businesses are more apt to use which type of backup? A. full backups B. incremental backups C. split-mirror backups D. none of the above

Answer Key: A full backups

Unfortunately, hardware tracking still requires some _______ effort on the part of the organization regardless of which method an organization chooses to track the assets. A. manual B. electronic C. minor D. expensive

Answer Key: A manual

Accurate changes reflecting changes in ________ or changes in assets and processes need to be made to the disaster recovery plan. A. needs B. personnel C. customers D. vendors

Answer Key: A needs

It is important to ___________ for preventative measures and the recovery from any disaster situation. A. set priorities B. allow C. compete D. look

Answer Key: A set priorities

What information do organizations forget to bring to the disaster recovery site? A. software licenses B. software C. hardware D. backups

Answer Key: A software licenses

Any agreement should, as a part of the services provided, allow your organization to _________ your disaster recovery plan. A. test B. develop C. monitor D. All of the above

Answer Key: A test

The assessment of various levels of risk cannot be compared to each other unless the methods used to assess them are __________. A. the same B. diverse C. simplified D. detailed

Answer Key: A the same

It is critical to include those areas that either generate revenue for the organizatioin or process revenue for it in _________. A. tier 1 systems B. tier 2 systems C. tier 3 systems D. tier 4 systems

Answer Key: A tier 1 systems

The disaster recovery team will _________ the disaster recovery planning team A. always be the same as B. not be the same as C. not be a informed as D. oversee

Answer Key: B not be the same as

What is the most important thing that the disaster recovery team leader needs to do once a disaster is declared? A. to define and assign roles and responsibilities as the players arrive at the recovery site B. plan for the disaster C. make sure all software licensing agreements are in place D. all of the above

Answer Key: A to define and assign roles and responsibilities as the players arrive at the recovery site

A well-tuned and repeatable test plan needs to be _________. A. written B. organized C. acquired D. memorized

Answer Key: A written

Customers and clients will have ______ in the outcome of the disaster recovery. A. an important role B. a direct interest C. no interest D. no effect

Answer Key: B A direct interest

Which of the following should be protected in your disaster recovery plan? A. Ability to increase sales B. Ability to continue day-to-day operations C. Ability to hold down business expenses D. Ability to hire qualified people

Answer Key: B Ability to continue day-to-day operations

What is a disaster? A. The ability of a company to recover from a catastrophe and get back to business as usual B. Any event or occurrence that can have a detrimental effect on an organization either in whole or in part C. Any event or occurrence that can have a lasting effect on an organization either in whole or in part D. all of the above

Answer Key: B Any event or occurrence that can have a detrimental effect on an organization either in whole or in part

Which of the following is part of the disaster recovery plan? A. Assess the extent of damage B. Assign individuals to test the disaster recovery plan C. Recover data from backups D. All of the above

Answer Key: B Assign individuals to test the disaster

What is the first area where gaps in the recovery plan are identified? A. Testing B. Backups C. Planning D. Recovery

Answer Key: B Backups

Which sub-team of the disaster recovery team will provide information on exactly which systems are on the critical path? A. Departmental Recovery Team B. Business Recovery Team C. Damage Assessment Team D. Administrative Support Team

Answer Key: B Business Recovery Team

Which disaster recovery sub-team must often be outsourced A. Communications Team B. Damage Assessment Team C. Software Team D. Departmental Recovery Team

Answer Key: B Damage Assessment Team

On whose web site can you find itemized lists, by state and counties within a state, of the declared disasters on a yearly basis? A. CIA B. FEMA C. FBI D. IRS

Answer Key: B FEMA

Which of the following provides the fastest backup scenario? A. Full backups B. Incremental backups C. Differential backups D. Mirror backups

Answer Key: B Incremental backups

What is one of the leading causes of system loss seen by organizations? A. Lack of a sprinkler system B. Lack of security in a computer system C. Lack of a tornado shelter D. Lack of qualified employees

Answer Key: B Lack of security in a computer system

Each business process contributes to the operation of the enterprise, but there are some without which the enterprise cannot carry out the others. What are these called? A. Disaster recovery processes B. Mission-critical processes C. Risk management processes D. Risk assessment processes

Answer Key: B Mission-critical processes

What is the primary goal of a risk assessment? A. Recovering from a disaster B. Mitigating loss of productivity C. Developing a disaster recovery plan D. Developing a business continuity plan

Answer Key: B Mitigating loss of productivity

Which of the following is among the most difficult to recover? A. Microfilm B. Paper C. Computer disks D. Hard drives

Answer Key: B Paper

When is the best time to secure dedicated backup servers, networks, and either hotsites or redundant and independent sites? A. As soon as possible after a disater is declared B. Prior to any disaster C. Prior to establishing the disaster recovery planning team D. Once "business as usual" is established aftera disaster is declared

Answer Key: B Prior to any disaster

What is the best way to handle SLAs if a secondary emergency occurs during an emergency situation? A. The SLAs are made null and void B. SLAs should be written such that this secondary situation causes the clock to be reset. C. It is unavoidable that the SLAs will be violated D. Try to renegotiate the SLA when the second disaster is declared.

Answer Key: B SLAs should be written such that this secondary situation causes the clock to be reset.

What is often left out of support contracts related to the recovery site? A. The SLAs B. The eventuality of a second disaster occuring at the recovery site C. The cost of using the recovery site D. The frequency of disaster drills

Answer Key: B The eventuality of a second disaster occuring at the recovery site

Which of the following is the best test scenario? A. The recovery team is notified one week in advance of a disaster drill B. The recovery team is not sure if the situation is a drill or an actual disaster C. The recovery team is awakened in the middle of the night to initiate a disaster drill D. The recovery team knows the dates of disaster drills which are scheduled twice a year.

Answer Key: B The recovery team is not sure if the situation is a drill or an actual disaster

Where should you keep disaster recovery documents? A. In a safety deposit box in another city B. With every set of backups that the organization maintains for the eventuality of a disaster recovery C. With the organization under contract D. All of the above

Answer Key: B With every set of backups that the organization maintains for the eventuality of a disaster recovery

Which of the following is considered a support tool in disaster recovery? A. contact information for computer vendors B. completed questionnaires verifying that the vendors are planning for their own disaster recovery C. list of customers D. contact information for upper management

Answer Key: B completed questionnaires verifying that the vendors are planning for their own disaster recovery

What will become the source of information for many different systems? A. tier 1 systems B. disaster recovery document C. asset tracking software D. all of the above

Answer Key: B disaster recovery document

What is an emergency operations center? A. the backup recovery site where computer systems are restored B. the site that the local emergency agencies have set up to aid victims of a natural disaster C. a central location where information on the current status of the organization during the emergency recovery is available D. the location where the disaster recovery plan is developed

Answer Key: C a central location where information on the current status of the organization during the emergency recovery is available

Which assets must be considered when using asset-based risk assessment? A. all intangible assets B. all tangible assets C. all assets D. those assets valued at more than a determined threshold

Answer Key: C all assets

Conducting a(n) _____ of the disaster recovery documentation for accuracy should be a standard practice for the organization. A. weekly audit B. daily check C. annual review D. restructuring

Answer Key: C annual review

A(n) __________ of the existing infrastructure is the first step in the assessing risk A. diagram B. comprehensive list C. audit D. tour

Answer Key: C audit

Data that must be retained for legal reasons is considered ________ data. A. sensitive B. vital C. critical D. noncritical

Answer Key: C critical

One risk associated with disaster recovery is _________. A. employees are likely to be more mindful of security precautions if they are different than those at the primary work location B. employees will realize that longer than usual work hours, and altered work schedules, will likely be the case C. employees can become less cautious than they may be in other situations, more aggressive, and pay less attention to detail than might be prudent D. all of the above

Answer Key: C employees can become less cautious than they may be in other situations, more aggressive, and pay less attention to detail than might be prudent

The best disaster is the one you don't have to __________. A. plan for B. avoid C. recovery from D. assess

Answer Key: C recovery from

Which of the following is more likely to be overlooked by the disaster recovery planning team? A. hardware B. data C. software D. backups

Answer Key: C software

Which backup allows very large amounts of data to be backed up in a matter of seconds or just a few minutes? A. full backups B. incremential backups C. split-mirror backups D. none of the above

Answer Key: C split-mirror backups

Each __________ needs a plan and a measured response spelled put in the disaster recovery plan. A. assessment B. recovery C. threat D. plan

Answer Key: C threat

Which of the following is an example of a technological breakdown? A. Chemical spill B. Employee death C. Spam D. Air conditioning failure

Answer Key: D Air conditioning failure

How are gaps in a recovery plan typically found? A. During a declared disaster B. Observing how other businesses react to a disaster C. In the cycle of planning, backing up, testing recovery, and restarting the cycle D. All of the above