CSIT 161 - Chap 11 quiz
During which step of the incident-handling process is the goal to contain the incident?
.containment (not an option*)
Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore?
2 backups
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. If the power goes out in her data center, Isabella estimates it will take six hours to move data center operations to an alternate site. Which of the following describes how long the agency can survive without a functioning data center?
Max Tolerable downtime (MTD)
What is the average time a device will function before it fails?
Mean time to failure (MTTF)
Which data source comes first in the order of volatility when conducting a forensic investigation?
RAM
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move?
Recovery time objective (RTO)
Joe is responsible for the security of the systems that control and monitor devices for a power plant. What type of system does Joe likely administer?
SCADA
Which of the following is not true of contingency planning?
The mean time between failures (MTBF) is closely associated with the recovery time objectives (RTOs) of several integrated critical business functions (CBFs).
Hajar is responsible for keeping her banking institution's servers operating 24/7/365. Her recovery strategy is to have fully redundant or duplicate operations and synchronized data and to operate the site continuously. Which strategy has she selected?
alternate processing center or mirrored site
Which method of fault tolerance connects two or more computers to act like a single computer in a highly coordinated manner?
clustering
Which of the following should you avoid during a disaster and recovery?
continue normal processes, such as separation of duties or spending limits
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD).
disaster
Which of the following is least likely to be needed when rebuilding systems that were damaged during a disaster?
ensuring there are adequate operating system licenses
During which step of the incident-handling process does triage take place?
identification
Which of the following is not true of data backup options?
it is faster to create differential weekday backups than incremental backups
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders?
preparation
Arturo is an IT manager for a school district. He is planning recovery options for a small data center that supports teacher and classroom activities for 5 of the 21 schools in his district. Many school districts in his state use similar classroom technology. Arturo is looking for a temporary alternate site that would be easy to cut over to and is affordable. Which option is most likely to fit Arturo's needs?
reciprocal agreement with another school district
During which step of the incident-handling process should a lessons-learned review of the incident be conducted?
recovery and follow-up
Carl has assembled a team of representatives from each department to test a new business continuity plan (BCP). During the test, the representatives meet in a room and review many aspects of the plan, such as the goals, scope, assumptions, and the structure of the organization. They also conduct scenario-based exercises as though they are executing the plan for a certain type of incident to find errors, such as gaps or overlaps. What type of plan is being conducted?
structured walk-through
What is the purpose of a disaster recovery plan (DRP)?
to enable an organization to make critical decisions head of time...