Chapter 11 Quiz
Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore?
2
Hajar is responsible for keeping her banking institution's servers operating 24/7/365. Her recovery strategy is to have fully redundant or duplicate operations and synchronized data and to operate the site continuously. Which strategy has she selected?
Alternate processing center or mirrored site
Which method of fault tolerance connects two or more computers to act like a single computer in a highly coordinated manner?
Clustering
Which of the following should you avoid during a disaster and recovery? If a number of systems are down, provide additional guidance or support to users Combine services that were on different hardware platforms onto common servers to speed up recovery While running at the alternate site, continue to make backups of data and systems Continue normal processes, such as separation of duties or spending limits
Continue normal processes, such as separation of duties or spending limits
Which of the following is least likely to be needed when rebuilding systems that were damaged during a disaster?
Ensuring there are adequate operating system licenses
True or False? A business impact analysis (BIA) details the steps to recover from a disruption and restore the infrastructure necessary for normal business operations.
False
True or False? All types of disaster recovery sites are available in the cloud.
False
True or False? Clustering comprises multiple disk drives that appear as a single disk drive but actually store multiple copies of data in case a disk drive in the array fails.
False
True or False? During a simulation test of a contingency plan, you must shut down the original system at the primary site for the duration.
False
True or False? When outsourcing operations to a cloud service provider, the client is responsible for determining the best fault tolerance implementations to meet the service level-agreement (SLA) availability requirements.
False
During which step of the incident-handling process does triage take place?
Identification
Which of the following is not true of data backup options? An incremental backup starts with a full backup; successive backups back up only that day's changes. A full backup copies everything to backup media. A differential backup starts with making a full backup; successive backups back up changes made since the last full backup. It is faster to create differential weekday backups than incremental backups.
It is faster to create differential weekday backups than incremental backups.
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. If the power goes out in her data center, Isabella estimates it will take six hours to move data center operations to an alternate site. Which of the following describes how long the agency can survive without a functioning data center?
Maximum tolerable downtime (MTD)
What is the average time a device will function before it fails?
Mean time to failure (MTTF)
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders?
Preparation
Which data source comes first in the order of volatility when conducting a forensic investigation?
Random access memory (RAM)
Arturo is an IT manager for a school district. He is planning recovery options for a small data center that supports teacher and classroom activities for 5 of the 21 schools in his district. Many school districts in his state use similar classroom technology. Arturo is looking for a temporary alternate site that would be easy to cut over to and is affordable. Which option is most likely to fit Arturo's needs?
Reciprocal agreement with another school district
During which step of the incident-handling process should a lessons-learned review of the incident be conducted?
Recovery and follow-up
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move?
Recovery time objective (RTO)
During which step of the incident-handling process is the goal to contain the incident?
Response
Carl has assembled a team of representatives from each department to test a new business continuity plan (BCP). During the test, the representatives meet in a room and review many aspects of the plan, such as the goals, scope, assumptions, and the structure of the organization. They also conduct scenario-based exercises as though they are executing the plan for a certain type of incident to find errors, such as gaps or overlaps. What type of plan is being conducted?
Structured walk-through
Joe is responsible for the security of the systems that control and monitor devices for a power plant. What type of system does Joe likely administer?
Supervisory Control and Data Acquisition (SCADA)
Which of the following is not true of contingency planning? The maximum tolerable downtime (MTD) is the maximum period of time that a business can survive a disabled critical function. The recovery point objective (RPO) is the point to which data must be recovered. The recovery time objective (RTO) is the amount of time needed to recover a business process. It is often made up of several interlinked RTOs. The mean time between failures (MTBF) is closely associated with the recovery time objectives (RTOs) of several integrated critical business functions (CBFs).
The mean time between failures (MTBF) is closely associated with the recovery time objectives (RTOs) of several integrated critical business functions (CBFs).
What is the purpose of a disaster recovery plan (DRP)?
To enable an organization to make critical decisions ahead of time so personnel can manage and review decisions without the urgency of an actual disaster
True or False? A parallel test of a contingency plan is the same as a full-interruption test except that processing does not stop at the primary site.
True
True or False? A successful business impact analysis (BIA) maps the context, the critical business functions (CBFs), and the processes on which they rely.
True
True or False? An organization can maintain a cloud-based disaster recovery site for a fraction of the cost of a physical site.
True
True or False? Any component that, if it fails, could interrupt business processing is called a single point of failure (SPOF).
True
True or False? Business continuity management includes business continuity planning, disaster recovery planning, crisis management, incident response management, and risk management.
True
True or False? Examples of major disruptions include extreme weather, application failure, and criminal activity.
True
True or False? Fault-tolerance options are not replacements for data backups.
True
True or False? Generally, once evidence becomes inadmissible, it cannot be fixed.
True
True or False? In an incremental backup, you start with a full backup when network traffic is light. Then, each night, you back up only that day's changes.
True
True or False? In remote journaling, a system writes a log of online transactions to an offsite location.
True
True or False? Patching computers and devices with the latest security fixes makes them more resistant to many types of attacks.
True
True or False? Regarding disaster recovery, an alternate processing center or mirrored site is always ready and under the organization's control.
True
True or False? The emergency operations center (EOC) is the place where an organization's recovery team will meet and work during a disruption.
True
True or False? The recovery point objective (RPO) can come from the business impact analysis (BIA) or sometimes from a government mandate, such as banking laws.
True
True or False? While running business operations at an alternate site, you must continue to make backups of data and systems.
True
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD).
disaster