W-11

106. Which of the following phases in the contingency planning and emergency program is most difficult to sell to an organization's management? a. Mitigation b. Preparedness c. Response d. Recovery

. Choice (a) is the correct answer. Mitigation is a long-term activity aimed at eliminating or reducing the probability of an emergency or a disaster occurring. It requires "up-front" money and commitment from management. Choice (b) is incorrect because preparedness is a readiness to respond to undesirable events. It ensures effective response and minimizes damage. Choice (c) is incorrect because response is the first phase after the onset of an emergency. It enhances recovery operations. Choice (d) is incorrect because recovery involves both short- and long-term restoration of vital systems to normal operations

127. The system availability rate for a computer-based application system is determined by which of the following formulas? a. Available time/scheduled time b. (1 + available time)/scheduled time c. Available time/(1 - scheduled time) d. (Available time - scheduled time)/scheduled time

Choice (a) is the correct answer. System availability is expressed as a rate between the number of hours the system is available to the users during a given period and the scheduled hours of operation. Overall hours of operation also include sufficient time for scheduled maintenance activities. Scheduled time is the hours of operation and available time is the time during which the computer system is available to the users.

20. Risks in the use of cellular radio and telephone networks during a disaster include: a. Security and switching office b. Security and redundancy c. Redundancy and backup power systems d. Backup power systems and switching office

Choice (a) is the correct answer. The airwaves are not secure and a mobile telephone switching office can be lost during a disaster. The cellular company may need a diverse route from the cell site to another mobile switching office.

109. The most costly disaster recovery alternative is: a. Mutual backup site agreement b. Hot site backup c. Cold site backup d. Off-site archival storage of data

Choice (b) is the correct answer. A hot site backup is most costly because it is fully equipped and ready to operate. On the other hand, a mutual backup site agreement is least costly. In the hot site backup, fully equipped commercial computer facilities are used in case of a disaster. Choice (a) is incorrect because a mutual backup site agreement is least costly. However, mutual agreements are not reliable Robbins (Fall 2018) and may not prove workable when needed. Choice (c) is incorrect because a cold site backup is not as expensive as hot site backup. However, it is more expensive than a mutual backup site agreement. Choice (d) is incorrect because off-site archival storage of data is not as expensive as a hot site backup. An off-site storage place could be owned by the same organization wanting to process the data.

128. The best approach to maintaining a contingency plan in order to recover from computer-related disasters is to use a: a. Top-down approach b. Bottom-up approach c. Combination of top-down and bottom-up approaches d. Consultant directed approach

Choice (c) is the correct answer. The key word is to "maintain" an existing plan. Knowledge obtained from testing the plan is useful in refining the plan (bottom-up approach). The changes from the management and business conditions and their impact should be considered (top-down approach) when updating the plan. Therefore, a combination of top-down and bottom-up approaches is very useful to maintain a disaster recovery and contingency plan.

71. Disaster recovery planning and security policies: a. Are separate but complementary b. Are separate with no substitution c. Can be in one document d. Are separate and diverse

Choice (a) is the correct answer. A comprehensive disaster recovery plan is separate from but complementary to the security policy document. Both items go hand in hand.

114. The demand for reliable computing is increasing. Reliable computing has which of the following desired elements in computer systems? a. Data integrity and availability b. Data security and privacy c. Confidentiality and modularity d. Portability and feasibility

Choice (a) is the correct answer. Data integrity and availability are two important elements of reliable computing. Data integrity is the concept of being able to ensure that data can be maintained in an unimpaired condition and is not subject to unauthorized modification, whether intentional or inadvertent. Products such as backup software, anti-virus software, and disk repair utility programs help protect data integrity in personal computers (PCs) and workstations. Availability is the property that a given resource will be usable during a given time period. PCs and servers are becoming an integral part of complex networks with thousands of hardware and software components (e.g., hubs, routers, bridges, databases, directory services) and the complex nature of client/server networks drives the demand for availability. System availability is increased when system downtime or outages are decreased and when fault tolerance hardware and software are used. Data security, privacy, and confidentiality are incorrect because they deal with ensuring that data is disclosed only to authorized individuals and have nothing to do with reliable computing. Modularity deals with the breaking down of a large system into small modules. Portability deals with the ability of application software source code and data to be transported without significant modification to more than one type of computer platform or more than one type of operating system. Portability has nothing to do with reliable computing. Feasibility deals with the degree to which the requirements can be implemented under existing constraints.

103. Once system backup schedules and proper controls are in place, the disaster recovery coordinator needs to arrange, among other activities, periodic reviews of the off-site storage program and the backup computer vendor facilities. The least important area to review is: a. Vendor's capacity plans b. Adherence to data file or document classification criteria c. Compliance to changes in disaster recovery requirements d. Vendor's backup system performance

Choice (a) is the correct answer. The difficult aspect of the disaster recovery plan is keeping it up-to-date with all the changes that occur. Depending on how frequently the organization's systems and procedures change, a review of the off-site vendor and backup computer vendor facilities should be conducted once a quarter or semiannually. Generally, the review does not include whether the vendor has enough computer capacity to serve, which is a long-term question.

123. The greatest risk in developing and maintaining a comprehensive insurance response plan is: a. Excess insurance amount b. Commercial software problems c. Competitive bids from underwriters d. Data storage media problems

Choice (a) is the correct answer. The major purpose of insurance is to transfer risk to others. Without proper planning, a company might be over-insured, which costs money. This can easily happen when hardware is leased and the lease agreement has built-in coverage for recovery and restoration services. A company can be doubly insured on its hardware platforms with its own separate coverage, causing an excessive insurance amount. The other choices do not deal with insurance, per se. For example, commercial software with problems (choice b) can easily be replaced for a nominal fee from the software vendor. Competitive bids from underwriters (choice c) can reduce the premium amount. Data storage media problems (choice d) can be fixed with replacement and/or reproduction coverage.

124. The most important type of insurance policy for a computer related disaster should cover which of the following? a. Cost of computer equipment repair b. Cost of alternative computer processing c. Cost of building in which the computer is housed d. Cost of computer equipment replacement

Choice (b) is the correct answer. A traditional computer data processing insurance policy covers equipment, buildings, and storage media recreation. It does not provide the coverage for the consequences of the loss of computer equipment or its inaccessibility. The coverage is focused on the repair and replacement of the computer equipment. What is needed is a policy that will not only replace the damaged equipment, but also covers the cost of alternative processing while the equipment is unavailable.

121. Disaster recovery plans protect against: a. Physical losses b. Economic losses c. Equipment losses d. Inventory losses

Choice (b) is the correct answer. Disaster recovery plans protect against the economic and intrinsic losses (e.g., lost sales, lost profits) suffered by a company while insurance policies protect against the physical and tangible losses (e.g., buildings, inventory, and equipment).

113. There is debate about how often a disaster recovery plan should be tested. The frequency of testing should depend on: a. Auditor's recommendation b. The nature of data processing c. Budget allowances d. Management will

Choice (b) is the correct answer. In stable IT environments, disaster recovery plans should be tested quarterly or semiannually. In dynamic environments where system and network configurations and application systems often change, more frequent testing may be required. Choice (a) is incorrect because the auditor's recommendations are suggestions only. A cost-benefit analysis should be performed. Choice (c) is incorrect because budget allowances should not dictate the frequency of disaster recovery plan testing. Testing should be done in the absence of budgeted amounts if the risk is high. Choice (d) is incorrect because it is too risky to leave disaster recovery plan testing to management's discretion. When the business is down, management may opt to postpone the testing to save money, which is not good for the overall business

118. Whether microcomputer software and data backup are to be kept at an off-site location should depend most on: a. Ease of access b. Risk assessment c. Adequate labeling d. Adequate documentation

Choice (b) is the correct answer. Microcomputer software and file backup must not always be kept at an offsite location. Depending on the importance of the information, storage of backup diskettes in another part of the building may be sufficient protection. However, this decision should be based on risk assessment rather than on ease of access. All backup diskettes should be adequately labeled to identify owner, use, and retention period. The storage location. whether on-site or off-site should be environmentally controlled and secure, with procedural provisions for restricting physical access to authorized personnel

130. All of the following are tasks of contingency planning except: a. Data recovery b. Processing requirements c. Hardware recovery d. Updating the contingency plan

Choice (b) is the correct answer. Processing requirements are the responsibility of system owners.

117. What should be the last step in a risk assessment process performed as a part of a business continuity plan? a. Consider possible threats b. Establish recovery priorities c. Assess potential impacts d. Evaluate critical needs

Choice (b) is the correct answer. The correct sequence is a-c-d-b. The first step is to consider possible threats including natural (e.g., fires, floods, earthquakes), technical (e.g., hardware/software failure, power disruption, communications interference), and human (e.g., riots, strikes, disgruntled employees, sabotage). The second step is to assess impacts from loss of information and services from both internal and external sources. This includes financial condition, competitive position, customer confidence, legal/regulatory requirements, and cost analysis to minimize exposure. The third step is to evaluate critical needs. This evaluation should also consider timeframes in which a specific function becomes critical. This includes functional operations, key personnel, information, processing systems, documentation, vital records, and policies and procedures. The final step is to establish priorities for recovery based on critical needs.

107. Minimizing disaster recovery time minimizes: a. Management commitment b. Losses c. Documentation d. Resources

Choice (b) is the correct answer. The degree of loss caused by a disaster or disruption is directly related to the length of time the disruption affects business operations. Choice (a) is incorrect because management commitment is always needed. Choice (c) is incorrect because adequate and clear documentation is needed for people to know how to minimize disasters. Choice (d) is incorrect because more resources may be needed to minimize disasters.

101. Which of the following criteria is of least importance in evaluating a potential off-site storage vendor? a. Media management and environmental factor b. The number of employees c. Reputation and site security d. Transportation capabilities

Choice (b) is the correct answer. The selection of an off-site storage vendor is an important process that should be done with proper care. The selection of the right backup storage facility vendor is critical in terms of the vendor's performance and capabilities. The number of employees the vendor has is less important compared to other criteria.

126. Implementing an effective insurance recovery program can: a. Alter the need for a disaster recovery plan b. Eliminate the need for a disaster recovery plan c. Complement the need for a disaster recovery plan d. Substitute the need for a disaster recovery plan

Choice (c) is the correct answer. An effective insurance recovery program does not alter, substitute, or eliminate the need for a comprehensive disaster recovery plan but rather complements it. This is because both have separate but useful purposes.

102. About which of the following is the disaster recovery coordinator least concerned when selecting an off-site storage vendor? a. Vendor's liability for media in his custody b. Vendor's insurance coverage and bonding of employees c. Requiring that the same person deliver and pick up the media all the time d. Procedures for requesting and receiving a delivery including emergency times

Choice (c) is the correct answer. Besides vendor fees, there are other items of information that the disaster recovery coordinator should obtain in writing from the off-site storage vendor. Requiring that the same person deliver and pick up the media all the time is not practical or necessary if other controls are effective. The other three choices are very important

16. Which of the following recovery plan test results would be most useful to management? a. Elapsed time to perform various activities b. Amount of work completed c. List of successful and unsuccessful activities d. Description of each activity

Choice (c) is the correct answer. Management is interested to find out what worked (successful) and what did not (unsuccessful) after a recovery from a disaster. The idea is to learn from experience.

129. A vital records program must meet which of the following? a. Accounting requirements b. Insurance requirements c. Regulatory requirements d. Auditing requirements

Choice (c) is the correct answer. Regulatory requirements dictate the length of the time a particular record or document must be retained by an organization to support its business activities. Insurance requirement are dictated by regulatory requirements. Auditors review compliance to such requirements. Accounting department, similar to other departments in the organization, must also comply with regulatory requirements. Prior to records retention, each organization must identify what records and documents are vital to its operations.

115. Who is primarily responsible for establishing organization-wide contingency plans? a. Chief Information Officer b. Disaster Recovery Manager c. The Board of Directors d. Audit Director

Choice (c) is the correct answer. The Board of Directors and senior management are responsible for establishing policies, procedures, and responsibilities for organization-wide contingency planning. The organization's contingency plan should address all critical services and operations that are provided by internal departments and external sources. The Chief Information Officer (choice a) and the Disaster Recovery Manager (choice b) are secondarily responsible for establishing organization-wide contingency planning. These employees execute what the board of directors and the senior management planned for. The Audit Director (choice d) is responsible Robbins (Fall 2018) for reviewing the adequacy of the plan and issuing a report to the Board of Directors. He or she is not responsible for developing the plan.

120. Which of the following is a major concern to an IS security analyst reviewing an organization's contingency plans? a. Whether the backup site has a "mantrap" system b. Whether the backup site has security guards c. Whether the backup site is a reasonable distance away from the primary site d. Whether the backup site is a service bureau or not

Choice (c) is the correct answer. The backup or alternate processing installation should be a reasonable distance away from the primary installation. Ideally, the backup installation should be far enough away to be on a different electric power grid or free from the same natural disaster (e.g., earthquake, hurricane) but close enough to be reached quickly. Choice (a) is incorrect because the backup site does not need to have a "mantrap" system due to the short duration of recovery. Choice (b) is incorrect because the backup site need not have security guards. Choice (d) is incorrect because the backup site need not be a service bureau. Choices (a), (b), and (d) are minor concerns.

116. The least important focus of a contingency plan from a short-term viewpoint is: a. Minimizing disruptions of service to employees b. Minimizing disruptions of service to customers c. Minimizing financial losses on outside contracts d. Ensuring a timely resumption of services

Choice (c) is the correct answer. The contingency plan should be a coordinated effort with the objectives of minimizing disruptions of service to the organization, employees, and customers (choices a and b); minimizing financial losses; and ensuring a timely resumption of operations (choice d) in the event of a disaster. Minimizing financial losses on outside contracts is the least important focus at this point (choice c).

110. At times, the information stored at an off-site facility is needed at the on-site (primary computer facility) due to loss of data files or damage to data. The mechanism that can be used to facilitate quick transmittal of the stored information directly to the on-site facility is called: a. Special courier b. Regular courier c. Electronic vaulting d. Special messenger

Choice (c) is the correct answer. The process of transmitting backup information directly to an off-site storage vault is called electronic vaulting. It uses telephone lines and networks to transmit the data. This process can be reversed as well. Electronic vaulting takes less time than the other three choices even though they are also acceptable mechanisms. Choices (a), (b), and (d) are incorrect because special courier, regular courier and special messenger are not as fast as electronic vaulting.

122. Which of the following can be called the disaster recovery plan of last resort? a. A contract with a recovery center b. A demonstration of the recovery center's capabilities c. A tour of the recovery center d. An insurance policy

Choice (d) is the correct answer. According to insurance industry estimates, every dollar of insured loss is accompanied by three dollars of uninsured economic loss. This suggests that companies are only insured for one third of the potential consequences of a disaster and that insurance truly is a disaster recovery plan of last resort.

105. Which of the following rationale is not a sound one? The disaster recovery plan should be tested: a. By simulation b. In stages c. In an unannounced manner d. In actual use

Choice (d) is the correct answer. Disaster recovery plans should not be tested in actual use. That is, a real disaster should not have to occur before the plan's weaknesses are revealed. At that point, the plan's weakness is the organization's disaster. The other three choices are valid approaches to testing. For example, simulation can be used to test different disaster scenarios, the plan can be tested in some locations or departments prior to launching an all out testing, and unannounced testing is recommended with management's permission.

119. The first step in contingency planning is to perform a(n): a. Operating systems software backup b. Applications software backup c. Documentation backup d. Hardware backup

Choice (d) is the correct answer. Hardware backup is the first step in contingency planning. All computer installations must include formal arrangements for alternative processing capability in the event their data center or any portion of the work environment becomes disabled. These plans can take several forms and involve the use of another data center. In addition, hardware manufacturers and software vendors can be helpful in locating an alternate processing site and in some cases will be able to provide backup equipment under emergency conditions. The more common plans are service bureaus, reciprocal arrangements, and hot sites. After hardware is backed up, operating systems software is backed up next, followed by applications software backup and documentation.

108. The decision to develop a backup contingency plan for an organization's telecommunications network primarily depends on: a. Whether users can rely on hard-copy output for the time it takes to rebuild the network b. Whether parent-generation magnetic tapes were stored off-site c. Whether current generation transaction files were stored offsite d. Whether the organization's business survives without a telecommunication network

Choice (d) is the correct answer. If the business can survive without its telecommunications network for the period of time needed to restore the network, the expense of network backup may not be necessary. On the other hand, if the network backup is essential, it is worth the cost. It is a management call. Choice (a) is incorrect because relying on hard-copy reports is not a viable solution for most situations. Choice (b) is incorrect because backup for telecommunications goes beyond storing parent-generation magnetic tapes off-site. It deals with network lines, nodes, equipment, telephone carriers, circuits, etc. Choice (c) is incorrect because backup for telecommunications goes beyond storing current generation transaction files off-site. It deals with network lines, nodes, equipment, telephone carriers, circuits, etc

112. A proactive role to protect an organization from computer-related failures, malfunctions, or disasters is to: a. Train every employee in the emergency procedures b. Conduct fire drills every month regularly c. Train all IT staff in file rotation procedures d. Incorporate recovery requirements into system design

Choice (d) is the correct answer. Incorporation of recovery requirements into system design will provide automatic backup and recovery procedures. This helps to prepare for disasters in a timely manner. Choice (a) is incorrect because training every employee in emergency procedures does not guarantee that they will respond to a disaster in an optimal manner when needed. Choice (b) is incorrect even though conducting fire drills every month regularly is a good practice. Disaster recovery goes beyond fire drills. Choice (c) is incorrect because it is not necessary to train all IT staff in file rotation procedures. Only key people need to be trained

125. The best form of a covered loss insurance policy is: a. A basic policy b. A broad policy c. A special all risk policy d. A policy commensurate with risks

Choice (d) is the correct answer. Since insurance reduces or eliminates risk, the best insurance is the one commensurate with the most common types of risks to which a company is exposed. Choice (a) is incorrect because a basic policy covers specific named perils including fire, lightning, windstorm, etc. Choice (b) is incorrect because a broad policy covers additional perils such as roof collapse and volcanic action. Choice (c) is incorrect because a special all risk policy covers everything except specific exclusions named in the policy.

111. Which of the following is critical in a disaster recovery and contingency planning process? a. Contingency plans need to be documented b. Contingency plans need to be communicated c. Contingency plans need to be understood d. Contingency plans need contingency plans

Choice (d) is the correct answer. The reality is that contingency plans require contingencies. Problems or delays should be anticipated and planned for. Fall-back or alternative solutions need to be planned out in advance in case the original plan does not work for whatever reason. Contingency plan documentation (choice a) is important but it is not critical when compared to choice (d). It is important that contingency plans be communicated (choice b) but it is not critical when compared to choice (d). It is important that contingency plans be understood (choice c) but it is not critical when compared to choice d

104. Which of the following disaster scenarios is commonly not considered during the development of disaster recovery and contingency planning? a. Network failure b. Hardware failure c. Software failure d. Failure of the local telephone company

Choice (d) is the correct answer. Usually, telephone service is taken for granted by the recovery team members. Consequently, it is not addressed in the planning stage. However, alternate phone services should be explored. The other three choices are usually considered due to familiarity and vendor presence.

14. In disaster recovery plan testing, parallel testing can be performed in conjunction with which of the following testing options? a. Checklist testing b. Dry run testing c. Full-interruption testing d. Structured walk-through testing

Choice (a) is the correct answer. A parallel test can be performed in conjunction with the checklist test or simulation test. All reports produced at the alternate site should agree with those reports produced at the primary site. A checklist can be used to make sure that all steps are performed. The other three choices do not work well with parallel tests

15. All of the following are misconceptions about a disaster recovery plan except: a. It is an organization's assurance to survive b. It is a key insurance policy c. It manages the impact of LAN failures d. It manages the impact of natural disasters

Choice (a) is the correct answer. A well-documented, well-rehearsed, well-coordinated disaster recovery plan allows businesses to focus on surprises and survival. In today's environment, a LAN failure can be as catastrophic as a natural disaster, such as a tornado. Insurance does not cover every loss. Choices (b), (c), and (d) are misconceptions. What is important is to focus on the major unexpected events and implement modifications to the plan so that it is necessary to reclaim control over the business. The key is to ensure survival in the long run.

26. Which of the following statements is not true about contracts and agreements associated with computer backup facilities? a. Small vendors do not need contracts due to their size b. Governmental organizations are not exempted from contract requirements c. Nothing should be taken for granted during contract negotiations d. All agreements should be in writing

Choice (a) is the correct answer. All vendors, regardless of their size, need written contracts for all customers, whether commercial or governmental. Nothing should be taken for granted, and all agreements should be in writing to avoid misunderstandings and performance problems.

98. Which of the following items is usually not considered when a new application system is brought into the production environment? a. Assigning a contingency processing priority code b. Training computer operators c. Developing computer operations documentation d. Training functional users

Choice (a) is the correct answer. An application system priority analysis should be performed to determine the business criticality for each computer application. A priority code should be assigned to each production application system that is critical to the survival of the organization. The priority code tells people how soon the application should be processed when the backup computer facility is ready. This will help in restoring the computer system following a disaster and facilitate in developing a recovery schedule.

80. Fail-soft control is an example of which of the following? a. Continuity control b. Accuracy control c. Completeness control d. Consistency control

Choice (a) is the correct answer. As a part of the preventive control category, fail soft is a continuity control. It is the selective termination of affected nonessential processing when a hardware or software failure is detected in a computer system. A computer system continues to function because of its resilience. Choice (b) is incorrect because accuracy controls include data editing and validation routines. Choice (c) is incorrect because completeness control looks for the presence of all the required values or elements. Choice (d) is incorrect because consistency controls ensure repeatability of certain transactions with the same attributes

5. With respect to BCP/DRP, business impact analysis (BIA) identifies which of the following? a. Threats and risks b. Costs and impacts c. Exposures and functions d. Events and operations

Choice (a) is the correct answer. BIA is the process of identifying an organization's exposure to the sudden loss of selected business functions and/or the supporting resources (threats) and analyzing the potential disruptive impact of those exposures (risks) on key business functions and critical business operations. The BIA usually establishes a cost (impact) associated with the disruption lasting varying lengths of time.

46. All of the following need to be established prior to a crisis situation except: a. Media relationships b. Credibility c. Reputation d. Goodwill

Choice (a) is the correct answer. Choices (b), (c), and (d) need to exist in advance of a crisis situation. These qualities cannot be generated quickly during a crisis. They take a long time to develop and maintain, long before a disaster occurs. On the other hand, media relationships require a proactive approach during a disaster. This includes distributing an information kit to the media at a moment's notice. The background information about the company in the kit must be regularly reviewed and updated. When disaster strikes, it is important to get the company information out early. By presenting relevant information to the media, more time is available to manage the actual day-to-day aspects of crisis communications during the disaster.

8. What is the purpose of a business continuity plan? a. To sustain business operations b. To recover from a disaster c. To test the business continuity plan d. To develop the business continuity plan

Choice (a) is the correct answer. Continuity planning involves more than planning for a move off-site after a disaster destroys a data center. It also addresses how to keep an organization's critical Robbins (Fall 2018) functions operating in the event of disruptions, both large and small. This broader perspective on continuity planning is based on the distribution of computer use and support throughout an organization. The goal is to sustain business operations.

70. All of the following are tasks of contingency planning except: a. Data backup b. Emergency response c. Software recovery d. Operations recovery

Choice (a) is the correct answer. Data backup is the responsibility of system owners. The other three choices are the responsibility of contingency recovery and response teams.

56. Organizations should not view disaster recovery as a(n): a. Discretionary expense b. Committed expense c. Enforcement of legal statutes d. Compliance with regulations

Choice (a) is the correct answer. Discretionary expense means management can decide whether to spend money on a particular item. When revenues or profits fall, management can cut the discretionary expenses to reach their targeted profit goals. These may include advertisement, training, and disaster recovery plans. Cutting the disaster recovery expense may not be a good choice since no one knows when a disaster might strike an organization. Then, it is too late to do anything.

59. Which of the following statements is not true about the critical application categories established for disaster recovery planning purposes? a. Predefined categories need not be followed during a disaster because time is short b. Each category has a defined time-frame to recover c. Each category has a priority level assigned to it d. The highest level category is the last one to recover

Choice (a) is the correct answer. It is important to define applications into certain categories to establish processing priority. For example, the time for recovery of applications in category I is 72 hours after disaster declaration (high priority). The time frame for recovery of category IV applications is three months after disaster declaration (low priority).

66. Which of the following must be defined to implement each contingency plan? a. Triggers b. Risks c. Cost d. Benefits

Choice (a) is the correct answer. It is important to document triggers for activating contingency plans. The information needed to define the implementation triggers for contingency plans is the deployment schedule for each contingency plan and the implementation schedule for the replaced mission-critical systems.

69. A prerequisite to a successful contingency plan is: a. Management approvals b. Independent audits c. Legal reviews d. Security reviews

Choice (a) is the correct answer. Management approval is the cornerstone for a successful contingency plan, be it for funding or support. An independent audit and a security review of the plan can validate the soundness of the proposed contingency strategy. Similarly, a legal review can provide assurance that the plans comply with government regulations and that liabilities and exposures are being adequately addressed.

91. System reliability controls include which of the following? a. Mean-time-to-repair and mean-time-between-failures b. Redundant computer hardware c. Backup computer facilities d. Contingency plans

Choice (a) is the correct answer. Mean-time-to-repair (MTTR) is the amount of time it takes to resume normal operation. It is expressed in minutes or hours taken to repair computer equipment. The smaller the MTTR for equipment the more reliable it is. Mean-time-between-failures (MTBF) is the average length of time the hardware is functional. MTBF is expressed as the average number of hours or days between failures. The higher the MTBF the better reliability a system has. Redundant computer hardware (choice b) and backup computer facilities (choice c) are incorrect because they are examples of system availability controls. They also address contingencies in case of a computer disaster (choice d).

83. Which of the following is least expensive in terms of providing backup computer facilities? a. Mutual agreements b. Shared facilities c. Service bureaus d. Companies own duplicate facilities

Choice (a) is the correct answer. Mutual agreements, also called reciprocal agreements, are least costly. It does not cost any out-ofpocket money to enter into mutual agreement just a word. Mutual agreements are not reliable and may not prove workable when needed. The other three choices are more expensive when compared to mutual agreements. Shared facilities (choice b) include hot/cold/warm sites and cost money to subscribe. Service bureaus (choice c) also charge money when their facilities are used. If companies own duplicate facilities (choice d) it costs money for the building, equipment, and staff.

72. The major purpose of completing a user questionnaire requested by the backup computer recovery facility vendor prior to a test drill is to determine: a. Test time requirements b. Storage media requirements c. Software requirements d. Equipment requirements

Choice (a) is the correct answer. Prior to a test drill, the backup facility vendor needs a variety of planning information such as the CPU to be used, including the model number, number of tapes and disks required, operating systems software version, peripherals required with device numbers, and telecommunications needs including modems to establish connection to the telephone company and the test computer. Usually the time window is short and time management is very important considering the many customers the vendor may have. The key information is test time (with starting and ending time frames) so that the number of hours required is known in advance. This helps the vendor to plan computer capacity and resource levels and allocate them among customers competing for the same time slot.

27. The speed at which critical application system tasks can be restarted at an alternate computing facility depends mostly on which of the following? a. Finding housing arrangements for an out-of-town facility b. Installing equipment c. Operating the hardware d. Loading software and data

Choice (a) is the correct answer. Restarting critical applications at the alternating facility is the greatest concern. There are several support details that can affect the speed at which critical tasks can be restarted. Therefore, it will be helpful if the alternate facility can assist in finding housing for personnel when the alternate facility is located out-of-state. The other matters for consideration include installing equipment, operating the hardware, and loading software, master files, and databases

93. What is the inherent limitation of a disaster recovery planning exercise? a. Inability to possibly include all types of disasters b. Assembling disaster management and recovery teams c. Developing early warning monitors that will trigger alerts and responses d. Conducting periodic drills

Choice (a) is the correct answer. Since there are many types of disasters that can occur, it is not practical to consider all such disasters. Doing so is cost prohibitive. Hence, disaster recovery planning exercises should focus on major types of disasters that occur frequently. One approach is to perform risk analysis to determine the annual loss expectancy, which is calculated from the frequency of occurrence of a possible loss multiplied by the expected dollar loss per occurrence.

23. Physical disaster prevention and preparedness begins when: a. a data center site is constructed b. new equipment is added c. a new operating system is installed d. a new room is added to existing computer center facilities

Choice (a) is the correct answer. The data center should be constructed in such a way as to minimize exposure to fire, water damage, heat, or smoke from adjoining areas. Other considerations include raised floors, sprinklers, or fire detection and extinguishing systems and furniture made of noncombustible materials. All these considerations should be taken into account in a cost effective manner at the time the data (computer) center is originally built. Add-ons will not only be disruptive but also costly.

51. The most effective action to be taken when a hurricane advance warning is provided is to: a. Declare the disaster early b. Install an uninterruptible power supply system c. Provide a backup water source d. Acquire gasoline powered pumps

Choice (a) is the correct answer. The first thing is to declare the disaster as soon as the warning sign is known. Protecting the business site is instrumental in continuing or restoring operations in the event of a hurricane. Ways to do this include an uninterruptible power supply (batteries and generators), a backup water source, and a supply of gasoline powered pumps to keep the lower levels of the facility clear of flood waters. Boarding up windows and doors is good to protect buildings from high-speed flying debris

57. The focus of disaster recovery planning should be on: a. Protecting the organization against the consequences of a disaster b. Probability that a disaster may or may not happen c. Balancing the cost of recovery planning against the probability that a disaster might actually happen d. Selecting the best alternate backup processing facilities

Choice (a) is the correct answer. The focus of disaster recovery planning should be on protecting the organization against the consequences of a disaster, not on the probability that it may or may not happen.

82. All of the following are ideal locations for an electronic vault device except: a. In the same location as the primary computer b. In a site designed specifically to house the electronic vault c. In a hot/cold site d. In an alternate computing site or off-site storage facility

Choice (a) is the correct answer. The location of the electronic vault will vary based on the disaster recovery and contingency planning alternative chosen. The electronic vault device could be located in a site designed specifically to house the electronic vault. It could be located in a hot/cold site, or it could be located in an alternate computing site. Storing backup data in the same location as the primary computer is risky and not advised because both the original and backup files can be destroyed in a disaster (choice a). It is beneficial to situate the electronic vault device as part of a commercial off-site storage facility or backup computer site. The electronic vault impacts the number and frequency of data backups. It alters the way application systems are designed and operated in terms of file design and backup schedules. For example, only changes in data files since the last backup need to be transmitted (i.e., incremental file backup), and the changes can be transmitted every hour or instantly. The availability of electronic vaulting increases the speed with which information can be retrieved. Traditionally, backup information is stored locally (on-site) and in an off-site vault because of the long retrieval time should it be required. Electronic vaulting eliminates on-site storage of data. An optical disk is a good storage media for electronic vaulting due to its large capacity and quick retrievability. Depending on the size and sophistication of the computing environment, the electronic vault storage media consists of a combination of mass storage, optical disk, magnetic disk, and tape/cartridge library. For example, mass storage can be used to store magnetic disk files, and optical disks can be used to store paper documents.

61. Which of the following are complementary in supporting the primary objectives of information systems security? a. Computer security and contingency plans b. Computer security and employee background checks c. Computer security and security training d. Computer security and security monitoring

Choice (a) is the correct answer. The primary objectives of information systems security include integrity, availability, and Robbins (Fall 2018) confidentiality. Contingency plans support system availability by restoring or recovering from a disaster as quickly as possible. The other three choices support security management practices.

58. Which of the following tools provide information for reaching people during a disaster? a. Decision tree diagram b. Call tree diagram c. Event tree diagram d. Parse tree diagram

Choice (b) is the correct answer. A call tree diagram shows who to contact when a required person is not available or not responding. The call tree shows the successive levels of people to contact if no response is received from the lower level of the tree. It shows the backup people when the primary person is not available. A decision tree diagram will show all the choices available with their outcomes to make a decision. An event tree diagram can be used in project management, and a parse tree diagram can be used in estimating probabilities and nature of states in software engineering.

99. Which of the following is not true? A cold site computer facility includes: a. Heat, humidity, and air-conditioning equipment b. CPU and other computer equipment c. Electrical power connections d. Raised floors

Choice (b) is the correct answer. A cold site is a fully prepared computer room that includes data communications; building security monitoring systems; heat, air-conditioning, and humidity controls; raised floors; and electrical power, not CPU and other computer equipment. In the event of a disaster, the computer vendor delivers the required CPU hardware and peripheral equipment to the empty shell facility.

65. Contingency planning integrates the results of which of the following? a. Business continuity plan b. Business impact analysis c. Core business processes d. Infrastructural services

Choice (b) is the correct answer. Contingency planning integrates and acts on the results of the business impact analysis. The output of this process is a business continuity plan consisting of a set of contingency plans with a single plan for each core business process and infrastructure component. Each contingency plan should provide a description of the resources, staff roles, procedures, and timetables needed for its implementation

33. The best organizational structure and management style during a disaster is: a. People-oriented b. Production-oriented c. Democratic d. Participative

Choice (b) is the correct answer. During the creation of a disaster recovery and restoration plan, the management styles indicated in choices (a), (c), and (d) are acceptable due to the involvement and input required of all people affected by a disaster. However, the situation during a disaster is entirely different requiring execution, not planning. The command-and-control structure, which is a production-oriented management style, is the best approach to orchestrate the recovery, unify all resources, and provide solid direction with a single voice to recover from the disaster. This is not the time to plan and discuss various approaches and their merits.

35. The primary objective of emergency planning is to: a. Minimize loss of assets b. Ensure human security and safety c. Minimize business interruption d. Provide backup facilities and services

Choice (b) is the correct answer. Emergency planning provides the policies and procedures to cope with disasters and to ensure the continuity of vital data center services. The primary objective of emergency planning is personnel safety, security, and welfare; secondary objectives include (1) minimizing loss of assets, (2) minimizing business interruption, (3) providing backup facilities and services, and (4) providing trained personnel to conduct emergency and recovery operations.

84. Which of the following is a critical benefit of implementing an electronic vaulting program? a. It supports unattended computer center operations or automation b. During a crisis situation, an electronic vault can make the difference between an organization's survival and failure c. It reduces required backup storage space d. It provides faster storage data retrieval

Choice (b) is the correct answer. For some organizations, time becomes money. Increased system reliability improves the likelihood that all the information required is available at the electronic vault. If data can be retrieved immediately from the off-site storage, less is required in the computer center (choice c). It reduces retrieval time from hours to minutes (choice d). Since electronic vaulting eliminates tapes and tapes are a hindrance to automated operations, electronic vaulting supports automation (choice a).

29. Which of the following alternate computing backup facilities is intended to serve an organization that has sustained total destruction from a disaster? a. Service bureaus b. Hot sites c. Cold sites d. Reciprocal agreements

Choice (b) is the correct answer. Hot sites are fully equipped computer centers. Some have fire protection and warning devices, telecommunications lines, intrusion detection systems, and physical security. These centers are equipped with computer hardware that is compatible with that of a large number of subscribing organizations. This type of facility is intended to serve an organization that has sustained total destruction and cannot defer computer services. The other choices do not have this kind of support.

68. The best strategy to validate business continuity plans is to combine: a. policy with procedure b. training with testing c. reviews with training d. rehearsals with audits

Choice (b) is the correct answer. It is important to develop and implement a strategy for validating the business continuity plan within the time that remains. A typical strategy defines a minimum number of individual and joint exercises that combine training and testing. There are several common techniques that can be employed, including reviews, rehearsals, and quality assurance reviews. Rehearsals include test drills and team member role plays.

49. Which of the following is often a missing link in developing a LAN methodology for contingency planning? a. Deciding which applications can be handled manually b. Deciding which users must secure and backup their own data c. Deciding which applications are to be supported off-site d. Deciding which applications can be handled as stand-alone personal computer tasks

Choice (b) is the correct answer. It is true that during a disaster not all application systems have to be supported while the LAN is out of service. Some LAN applications may be handled manually (choice a), some as stand-alone PC tasks (choice d), while others need to be supported off-site (choice c). While these duties are clearly defined, it is not so clear which users must secure and backup their own data. It is important to communicate to users that they must secure and backup their own data until normal LAN operations are resumed. This is often a missing link in developing a LAN methodology for contingency planning.

45. The greatest cost in data management comes from which of the following? a. Backing up files b. Restoring files c. Archiving files d. Journaling files

Choice (b) is the correct answer. Manual tape processing has the tendency to cause problems at restore time. Multiple copies of files exist on different tapes. Finding the right tape to restore can become a nightmare, unless the software product has automated indexing and labeling features. Restoring files is costly due to the considerable human intervention required, causing delays. Until the software is available to automate the file restoration process, costs continue to be higher than the other choices. Backing up refers to a duplicate copy of a data set that is held in storage in case the original data are lost or damaged. Archiving refers to the process of moving infrequently accessed data to less accessible and lower cost storage media. Journaling applications post a copy of each transaction to both the local and remote storage sites when applicable.

19. The major threats that a contingency plan should address include: a. Physical threats, software threats, and environmental threats b. Physical threats and environmental threats c. Software threats and environmental threats d. Hardware threats and logical threats

Choice (b) is the correct answer. Physical and environmental controls help prevent contingencies. Although many of the other controls, such as logical access controls, also prevent contingencies, the major threats that a contingency plan addresses are physical and environmental threats, such as fires, loss of power, plumbing breaks, or natural disasters.

52. Which of the following demand advance planning during a flooddriven disaster? a. Call tree list, power requirements, and air-conditioning requirements b. Power requirements and air-conditioning requirements c. Air-conditioning requirements and media communications d. Call tree list and media communications

Choice (b) is the correct answer. Power and air-conditioning requirements need to be determined in advance to reduce the installation time frames. This includes diesel power generators, fuel, and other associated equipment. Media communications include keeping in touch with radio, television, and newspaper firms. The call tree list should be kept current all the time so that the employee and vendor notification process can begin as soon as the disaster strikes. This list includes primary and secondary employee names and phone numbers as well as escalation levels.

81. Contingency planning for local-area networks should consider all of the following except: a. Incident response b. Remote computing c. Backup operations d. Recovery plans

Choice (b) is the correct answer. Remote computing is not applicable to a local area network (LAN) because the scope of a LAN is limited to local area only such as a building or group of buildings. Wide area networks or metropolitan area networks are good for remote computing. A contingency plan should consider three things: incident response, backup operations, and recovery. The purpose of incident response (choice a) is to mitigate the potentially serious effects of a severe LAN security related problem. It requires not only the capability to react to incidents but also the resources to alert and inform the Robbins (Fall 2018) users if necessary. Backup operation (choice c) plans are prepared to ensure that essential tasks can be completed subsequent to disruption of the LAN environment and can continue until the LAN is sufficiently restored. Recovery plans (choice d) are made to permit smooth, rapid restoration of the LAN environment following interruption of LAN usage. Supporting documents should be developed and maintained that will minimize the time required for recovery. Priority should be given to those applications and services that are deemed critical to the functioning of the organization. Backup operation procedures should ensure that these critical services and applications are available to users.

41. An effective element of damage control after a disaster occurs is to: a. Maintain silence b. Hold press conferences c. Consult lawyers d. Maintain secrecy

Choice (b) is the correct answer. Silence is guilt, especially during a disaster. How a company appears to respond to a disaster can be as important as the response itself. If the response is kept in secrecy, the press will assume there is some reason for secrecy. The company should take time to explain to the press what happened and what the response is. A corporate communications professional should be consulted instead of a lawyer due to the specialized knowledge of the former. A spokesperson should be selected to contact media, issue an initial statement, provide background information, and describe action plans, which are essential to minimize the damage. The company lawyers may add restrictions to ensure that everything is done accordingly, which may not work well in an emergency.

85. Information availability controls do not include which of the following? a. Backup and recovery b. Storage media c. Physical and logical security d. Alternate computer equipment and facilities

Choice (b) is the correct answer. Storage media has nothing to do with information availability. Data will be stored somewhere on some media. It is not a decision criterion. Management's goal is to gather useful information and to make it available to authorized users. System backup and recovery procedures (choice a) and alternate computer equipment and facilities (choice d) will help ensure that the recovery is as timely as possible. Both physical and logical access controls Robbins (Fall 2018) become important (choice c). System failures and other interruptions are common.

2. Which of the following uses both qualitative and quantitative tools? a. Anecdotal analysis b. Business impact analysis c. Descriptive analysis d. Narrative analysis

Choice (b) is the correct answer. The purpose of business impact analysis (BIA) is to identify critical functions, resources, and vital records necessary for an organization to continue its critical functions. In this process, the BIA uses both quantitative and qualitative tools. Choices (a, c, and d) are examples that use qualitative tools. Anecdotal records constitute a description or narrative of a specific situation or condition.

3. With respect to BCP/DRP, risk analysis is part of which of the following? a. Cost-benefit analysis b. Business impact analysis c. Backup analysis d. Recovery analysis

Choice (b) is the correct answer. The risk analysis is usually part of the business impact analysis. It estimates both the functional and financial impact of a risk occurrence to the organization and identifies the costs to reduce the risks to an acceptable level through the establishment of effective controls. Choices (a), (c) and (d) are part of choice (b).

76. A contingency planning strategy consists of the following four parts. Which of the following parts are closely related to each other? a. Emergency response and recovery b. Recovery and resumption c. Resumption and implementation d. Recovery and implementation

Choice (b) is the correct answer. The selection of a contingency planning strategy should be based on practical considerations, including feasibility and cost. Risk assessment can be used to help estimate the cost of options to decide an optimal strategy. Whether the strategy is on-site or off-site, a contingency planning strategy Robbins (Fall 2018) normally consists of emergency response, recovery, resumption, and implementation. In emergency response, it is important to document the initial actions taken to protect lives and limit damage. In recovery, the steps that will be taken to continue support for critical functions should be planned. In resumption, what is required to return to normal operations should be determined. The relationship between recovery and resumption is important. The longer it takes to resume normal operations, the longer the organization will have to operate in the recovery mode. In implementation, it is necessary to make appropriate preparations, document the procedures, and train employees. Emergency response and implementation do not have the same relationship as recovery and resumption do.

28. Which of the following is the most important consideration in locating an alternate computing facility during the development of a disaster recovery plan? a. Close enough to become operational quickly b. Unlikely to be affected by the same contingency c. Close enough to serve its users d. Convenient to airports and hotels

Choice (b) is the correct answer. There are several considerations that should be reflected in the backup site location. The optimum facility location is (1) close enough to allow the backup function to become operational quickly, (2) unlikely to be affected by the same contingency, (3) close enough to serve its users, and (4) convenient to airports, major highways, or train stations when located out of town.

44. Which of the following disaster recovery alternate facilities eliminates the possibility of competition for time and space with other businesses? a. Hot sites b. Cold sites c. Intelligent sites d. Warm sites

Choice (c) is the correct answer. A dedicated second site eliminates the threat of competition for time and space with other businesses. These benefits coupled with the ever-growing demands of today's data and telecommunications networks have paved the way for a new breed of intelligent buildings that can serve as both primary and contingency site locations. These intelligent buildings employ triple disaster avoidance systems covering power, telecommunications, life support (water and sanitation), and 24-hour security systems. Hot, cold, and warm sites are operated and managed by commercial organizations, while the intelligent site is operated by the user organization.

74. Strategies for processing capability are needed to recover from a disaster. Which of the following recovery strategies has the greatest chance of failure due to systems and personnel changes? a. Hot site b. Cold site c. Reciprocal agreement d. Redundant site

Choice (c) is the correct answer. A reciprocal agreement is an agreement that allows two organizations to back each other up. While this approach often sounds desirable, contingency planning experts note that this alternative has the greatest chance of failure due to problems in keeping agreements and plans up-to-date as systems and personnel change. A hot site (choice a) is incorrect because it is a building already equipped with processing capability and other services, which is kept up-to-date by commercial vendors. A cold site (choice b) is incorrect because it is a building for housing processors that can be easily adapted for use. A redundant site (choice d) is incorrect because it is a site equipped and configured exactly like the primary site.

4. With respect to BCP/DRP, single point of failure means which of the following? a. No production exists b. No vendor exists c. No redundancy exists d. No maintenance exists

Choice (c) is the correct answer. A single point of failure occurs when there is no redundancy in data, equipment, facilities, systems, and programs. A failure of a component or element may disable the entire system.

9. What is an alternate processing site that is equipped with telecommunications but not computers? a. Cold site b. Hot site c. Warm site d. Redundant site

Choice (c) is the correct answer. A warm site has telecommunications ready to be utilized but does not have computers. A cold site is an empty building for housing computer processors later but equipped with environmental controls (e.g., heat, air conditioning) in place. A hot site is a fully equipped building ready to operate quickly. A redundant site is configured exactly like the primary site

34. Which of the following does not act as the first line of defense for protecting the data? a. Passwords b. Disk mirroring c. Audit trails d. Redundant array of independent disk (RAID

Choice (c) is the correct answer. Audit trails provide information on an after-the-fact basis. They do not prevent bad things from happening. Disk mirroring, RAID, and passwords are the first lines of defense. Disk mirroring and RAID act as the first line of defense for protecting against data loss. Incorrect entry of a password will be rejected thus disallowing an unauthorized person to enter into a computer system. Both disk mirroring and RAID provide redundant services.

42. Which of the following statements is not true? Having a disaster recovery plan and testing it regularly: a. Reduces risks b. Affects the availability of insurance c. Lowers insurance rates d. Affects the total cost of insurance

Choice (c) is the correct answer. Both underwriters and management are concerned about risk reduction, availability of specific insurance coverage, and its total cost. A good disaster recovery plan addresses these concerns. However, a good plan is not a guarantee for lower insurance rates in all circumstances. Insurance rates are determined based on averages obtained from loss experience, geography, management judgment, the health of the economy, and a host of other factors. Total cost of insurance depends on the specific type of coverage obtained. It could be difficult or expensive to obtain insurance in the absence of a disaster recovery plan. Insurance provides a certain level of comfort in reducing risks but it does not provide the means to ensure continuity of business operations

100. Commercial off-site storage rooms used for magnetic media have many of the same requirements as the normal production processing environment except: a. For fire protection and water detection b. For temperature and humidity controls c. That it must be shared with another business d. For physical security

Choice (c) is the correct answer. Commercial off-site storage facilities are used to store data and program files on magnetic media and system-related documentation, among other things. To reduce expenses, users of commercial off-site storage facilities often share their room or area with other users. This may sound good but be aware of security and access control problems and issues. Usually, fire protection (choice a), temperature and humidity controls (choice b), and physical security (choice d) are reasonably adequate. They are the basic controls needed to operate.

78. Which of the following controls act both as a preventive and a recovery measure? a. Visitor logs b. Backups c. Contingency plans d. Passwords

Choice (c) is the correct answer. Contingency plans have a dual purpose in that they function as both preventive and recovery controls. Developing the contingency plan and testing the plan act as a preventive control while restoring damaged or lost files is a recovery control. Choice (a) is incorrect because visitor logs are detective in nature and provide an audit trail. Choice (b) is incorrect because backups are primarily preventive controls in ensuring files are available when needed. Backups are secondary when it comes to recovery. Choice (d) is incorrect because passwords are preventive in nature.

47. Which of the following disaster recovery plan testing options should not be scheduled at critical points in the normal processing cycle? a. Checklist testing b. Parallel testing c. Full-interruption testing d. Structured walk-through testing

Choice (c) is the correct answer. Full-interruption testing as the name implies disrupts normal operations and should be approached with caution.

43. When an organization is interrupted by a catastrophe, which of the following cost categories require management's greatest attention? a. Direct costs b. Opportunity costs c. Hidden costs d. Variable costs

Choice (c) is the correct answer. Hidden costs are not insurable expenses and include (1) unemployment compensation premiums resulting from layoffs in the work force, (2) increases in advertising Robbins (Fall 2018) expenditures necessary to rebuild the volume of business, (3) cost of training new and old employees, and (4) increased cost of production due to decline in overall operational efficiency. Generally, traditional accounting systems are not set up to accumulate and report the hidden costs. Opportunity costs are not insurable expenses. They are costs of foregone choices, and accounting systems do not capture these types of costs. Both direct and variable costs are insurable expenses and are captured by accounting systems.

54. After a disaster, application systems should be recovered: a. To the last on-line transaction completed b. To the last batch processing prior to interruption c. To the actual point of interruption d. To the last master file update prior to interruption

Choice (c) is the correct answer. The goal is to capture all data points necessary to restart a process without loss of any product in the work in progress status. The recovery team should recover all applications to the actual point of the interruption.

32. Which of the following organization's functions are often ignored in planning for recovery from a disaster? a. Computer operations b. Safety c. Human resources d. Accounting

Choice (c) is the correct answer. Human resource policies and procedures impact employees involved in the response to a disaster. Specifically, it includes extended work hours, overtime pay, compensatory time, living costs, employee evacuation, medical treatment, notifying families of injured or missing employees, emergency food, and cash during recovery. The scope covers the predisaster plan, emergency response during recovery, and post-recovery issues. The major reason for ignoring the human resource issues is that they encompass many items requiring extensive planning and coordination, which take a significant amount of time and effort.

22. Which of the following pair of phrases is the best example of operating watchwords to remember in developing computer contingency plans? a. No policy, no procedure b. No ring, no write c. No backup, no recovery d. No security, no protection

Choice (c) is the correct answer. It is a fact that there is no recovery without a backup. A procedure is linked to a policy. There is no protection without security controls. No backup, no recovery is applicable to a contingency plan.

89. What is the single major item that is often ignored during the development of a DRP for an organization? a. Roles and responsibilities of DRP team members b. Critical areas of threats and vulnerabilities c. Functional user operations d. Conducting risk or impact analysis

Choice (c) is the correct answer. Most disaster recovery plans focus on data processing functions not other functions within the organization. The IS management may assume that functional users will be responsible for their areas. With increased automation of business functions, a certain amount of coordination and planning are required between the IS management and the functional user management. Roles and responsibilities of team members are often defined (choice a), threats and vulnerabilities are analyzed (choice b), and impacts are analyzed (choice d) although they may not be documented.

75. The primary contingency strategy for application systems and data is regular backup and secure off-site storage. Which of the following decisions is least important to address? a. How often the backup is performed b. How often the backup is stored off-site c. How often the backup is used d. How often the backup is transported

Choice (c) is the correct answer. Normally, the primary contingency strategy for applications and data is regular backup and secure offsite storage. Important decisions to be addressed include how often the backup is performed (choice a), how often it is stored off-site (choice b), and how it is transported to storage, to an alternate processing site, or to support the resumption of normal operations (choice d). How often the backup is used is not relevant because it is hoped that it may never have to be used.

79. The major threats that a disaster recovery contingency plan should address include: a. Physical and software threats b. Software and environmental threats c. Physical and environmental threats d. Software and hardware threats

Choice (c) is the correct answer. Physical and environmental controls help prevent contingencies. Although many other controls, such as logical access controls, also prevent contingencies, the major threats that a contingency plan addresses are physical and environmental threats, such as fires, loss of power, plumbing breaks, or natural disasters. Logical access controls can address both the software and hardware threats.

62. The business continuity planning process should focus on providing which of the following? a. A financially acceptable level of outputs and services b. A legally acceptable level of outputs and services c. A minimum acceptable level of outputs and services d. A maximum acceptable level of outputs and services

Choice (c) is the correct answer. The business continuity planning process should safeguard an organization's ability to provide a minimum acceptable level of outputs and services in the event of failures of internal and external mission-critical information systems and services. The planning process should link risk management and risk mitigation efforts to operate the organization's core business processes.

10. The business impact analysis should critically examine the business processes and which of the following? a. Composition b. Priorities c. Dependencies d. Service levels

Choice (c) is the correct answer. The business impact analysis examines business processes composition and priorities, business or operating cycles, service levels, and, most importantly, the business process dependency on mission-critical information systems.

13. If the disaster recovery plan is being tested for the first time, which of the following testing options can be combined? a. Checklist testing and simulation testing b. Simulation testing and full-interruption testing c. Checklist testing and structured walk-through testing d. Checklist testing and full-interruption testing

Choice (c) is the correct answer. The checklist testing will ensure that all the items on the checklists have been reviewed and considered. During structured walk-through testing the team members meet and walk through the specific steps of each component of the disaster recovery process and find gaps and overlaps. Simulation testing simulates a disaster during nonbusiness hours so normal operations will not be interrupted. Full interruption testing is not recommended since it activates the total disaster recovery plan. This test is costly and disruptive to normal operations and requires senior management's special approval

60. The decision to activate a disaster recovery plan is made immediately: a. After verifying the disaster b. Before damage control c. After damage assessment and evaluation d. Before activating emergency systems

Choice (c) is the correct answer. The decision to activate a disaster recovery plan is made after damage assessment and evaluation is completed. A list of equipment, software, forms, and supplies needed to operate contingency category I (high priority) applications should be available to use as a damage assessment checklist.

48. The first step in successfully protecting and backing up information in distributed computing environments is to determine data: a. availability requirements b. accessibility requirements c. inventory requirements d. retention requirements

Choice (c) is the correct answer. The first step toward protecting data is a comprehensive inventory of all servers, workstations, applications, and user data throughout the organization. Once a comprehensive study of this type is completed, various backup, access, storage, availability, and retention strategies can be evaluated in order to determine which strategy best fits the needs of an organization.

88. Rank the following objectives of a disaster recovery plan (DRP) from most to least important. 1. Minimizing the disaster's financial impact on the organization 2. Reducing physical damage to the organization's property, equipment, and data 3. Limiting the extent of the damage and thus preventing the escalation of the disaster 4. Protecting the organization's employees and the general public a. 1, 2, 3, and 4 b. 3, 2, 1, and 4 c. 4, 1, 3, and 2 d. 4, 2, 1, and 3

Choice (c) is the correct answer. The health and safety of employees and general public should be the first concern during a disaster situation. The second concern should be to minimize the disaster's economic impact on the organization in terms of revenues and sales. The third concern should be to limit or contain the disaster. The fourth concern should be to reduce physical damage to property, equipment, and data

63. When reviewing the business continuity planning process, the IS security officer should examine which of the following scenarios most critically? a. Most likely case b. Optimistic case c. Pessimistic case d. All possible cases

Choice (c) is the correct answer. The information systems security officer should ensure that the existing contingency and disaster recovery plans are updated and incorporated into the business continuity plan. The officer should examine the worst case scenario to ensure that a feasible backup strategy can be successfully implemented.

50. Which of the following natural disasters come with a warning sign? a. Earthquakes and tornadoes b. Tornadoes and hurricanes c. Hurricanes and floods d. Floods only

Choice (c) is the correct answer. The main hazards caused by hurricanes most often involve the loss of power, flooding, and the inability to access facilities. Businesses may also be impacted by structural damage as well. Hurricanes are the only events that give warnings before the disaster strikes. Excessive rains lead to floods. Earthquakes do not give warnings.

90. Rank the following benefits to be realized from a comprehensive disaster recovery plan from most to least important. 1. Reduced insurance costs 2. Enhanced physical and data security 3. Providing continuity of organization's operations 4. Improved protection of the organization's assets a. 1, 2, 3, and 4 b. 3, 2, 1, and 4 c. 3, 4, 2, and 1 d. 4, 2, 3, and 1

Choice (c) is the correct answer. The most important benefit of a comprehensive disaster recovery plan is to provide continuity of operations followed by protection of assets, increased security, and reduced insurance costs. Assets can be acquired if the business is operating and profitable. There is no such thing as 100% security. Self-insurance can be assumed by the company.

37. Which of the following is most important in developing contingency plans for information systems and their facilities? a. Criteria for content b. Criteria for format c. Criteria for usefulness d. Criteria for procedures

Choice (c) is the correct answer. The only reason for creating a contingency plan is to provide a document and procedure that will be useful in time of emergency. If the plan is not designed to be useful, it is not satisfactory. Suggestions for the plan content and format can be described, but no two contingency plans will or should be the same.

11. The main body of a contingency or disaster recovery plan document should not address which of the following? a. What b. When c. How d. Who

Choice (c) is the correct answer. The plan document contains only the why, what, when, where, and who, not how. The "how" deals with detailed procedures and information required to carry out the actions identified and assigned to a specific recovery team. This information should not be in the formal plan as it is too detailed and should be included in the detail reference materials as an appendix to the plan. The "why" describes the need for recovery, the "what" describes the critical processes and resource requirements, the "when" deals with critical time frames, the "where" describes recovery strategy, and the "who" indicates the recovery team members and support organizations. Robbins (Fall 2018) Keeping the "how" information in the plan document confuses people, making it hard to understand and creating a maintenance nightmare

12. Which of the following contingency plan test results is most meaningful? a. Tests met all planned objectives in restoring all database files b. Tests met all planned objectives in using the latest version of the operating systems software c. Tests met all planned objectives using files recovered from backups d. Tests met all planned objectives using the correct version of access control systems software

Choice (c) is the correct answer. The purpose of frequent disaster recovery tests is to ensure recoverability. Review of test results should show that the tests conducted met all planned objectives using files recovered from the backup copies only. This is because of the "no backup, no recovery" principle. Recovery from backup also shows that the backup schedule has been followed regularly. Storing files at a secondary location (off-site) is preferable to the primary location (on-site) because it ensures continuity of business operations if the primary location is destroyed or inaccessible.

7. Who should own the business continuity plan in the organization? a. IT operations b. Audit c. Senior manager d. IT security

Choice (c) is the correct answer. The senior manager of a business unit or division should have ownership for its business continuity plan because of his broad role and responsibility in the organization. The parties mentioned in other choices do not have the same authority and power to make things happen.

24. Disaster notification fees are part of which of the following cost categories associated with alternate computer processing support? a. Initial costs b. Recurring operating costs c. Activation costs d. Development costs

Choice (c) is the correct answer. There are three basic cost elements associated with alternate processing support: initial costs, recurring operating costs, and activation costs. The first two components are incurred whether the backup facility is put into operation; the last cost component is incurred only when the facility is activated. The initial costs include the cost of initial setup, including membership, construction or other fees. Recurring operating costs include costs for maintaining and operating the facility, including rent, utilities, Robbins (Fall 2018) repair, and ongoing backup operations. Activation costs include costs involved in the actual use of the backup capability. This includes disaster notification fees, facility usage charges, overtime, transportation, and other costs.

95. The most effective way to ascertain the hot site vendor's integrity practices and priorities in the resource sharing area is to: a. Review all subscriber contracts with the hot site vendor b. Observe an actual disaster at the hot site vendor c. Request a copy of the annual external audit report d. Request the hot site vendor's compliance in writing

Choice (c) is the correct answer. There could be a problem of establishing priorities in resource sharing when simultaneous disasters are declared by several of the hot site's subscribers. Disaster recovery planners need to know what they are getting for their hot site subscription payments and what is being promised to others who also subscribe to their sites. Resource sharing is common Robbins (Fall 2018) among commercial backup facility vendors. Some vendors have their operations reviewed by an independent public accounting firm. Requesting a copy of the external auditor's report will provide an objective understanding of the vendor's resource sharing policies and practices. The other choices are not objective and effective compared to the external auditor's report.

39. Which of the following is the correct sequence of events when surviving a disaster? a. Respond, recover, plan, continue, and test b. Plan, respond, recover, test, and continue c. Respond, plan, test, recover, and continue d. Plan, test, respond, recover, and continue

Choice (d) is the correct answer because the correct sequence to follow to handle disasters is to plan, test, respond, recover, and continue.

21. Which of the following computer backup alternative sites is the least expensive method and the most difficult to test? a. Non-mobile hot site b. Mobile hot site c. Warm site d. Cold site

Choice (d) is the correct answer. A cold site is an environmentally protected computer room equipped with air conditioning, wiring, and humidity control for continued processing when the equipment is shipped to the location. The cold site is the least expensive method of backup site, but the most difficult and expensive to test.

87. An organization is contemplating developing a computer-related disaster recovery plan for the first time. The best practice would be to: a. Follow a bottom-up approach b. Call other companies in the same industry c. Call a commercial backup service provider d. Follow a top-down approach

Choice (d) is the correct answer. A top-down approach to contingency planning includes the following: * Conduct impact analysis * Plan design * Plan development * Plan testing * Plan maintenance The top-down approach involves senior management, line management, IS management, IS auditors, and end users. The bottom-up approach (choice a) is not recommended for the first time development of the plan. It is suggested for the maintenance of the plan. Calling other companies in the same industry (choice b) or calling a commercial backup service provider (choice c) first requires a top-down plan developed by the company.

53. Which of the following is of least concern in a local area network contingency plan? a. Application systems are scheduled for recovery based on their priorities b. Application systems are scheduled for recovery based on the urgency of the information c. Application systems are scheduled for recovery based on a period of downtime acceptable to the application users d. Application systems are scheduled for recovery based on a period of downtime tolerable to the application programmers

Choice (d) is the correct answer. An alternate location is needed to ensure that critical applications can continue to be processed when the LAN is unavailable for an extended period of time. Application systems should be scheduled for recovery and operation at the alternate site, based on their priority, the urgency of the information, and the period of downtime considered acceptable by the application users. It does not matter what the application programmers consider acceptable because they are not the direct users of the system.

25. When comparing alternate computer processing facilities, the objective is to select the alternative with the: a. Largest annualized profit b. Largest annualized revenues c. Largest incremental expenses d. Smallest annualized cost

Choice (d) is the correct answer. An annualized cost is obtained by multiplying the annual frequency with the expected dollar amount of cost. The product should be a small figure.

30. A full-scale testing of application systems cannot be accomplished in which of the following alternate computing backup facilities? a. Shared contingency centers and hot sites b. Shared contingency centers and cold sites c. Hot sites and reciprocal agreements d. Cold sites and reciprocal agreements

Choice (d) is the correct answer. Cold sites do not have equipment so full-scale testing cannot be done until the equipment is installed. Adequate time may not be allowed in reciprocal agreements due to time pressures and scheduling conflicts between the two parties. Full-scale testing is possible with shared contingency centers and hot sites. Shared contingency centers are essentially the same as dedicated contingency centers. The difference lies in the fact that membership is formed by a group of similar organizations which use, or could use, identical hardware.

73. Organizations practice contingency plans because it makes good business sense. Which of the following is the correct sequence of steps involved in the contingency planning process? 1. Anticipating potential disasters 2. Identifying the critical functions 3. Selecting contingency plan strategies 4. Identifying the resources that support the critical functions a. 1, 2, 3, 4 b. 1, 3, 2, 4 c. 2, 1, 4, 3 d. 2, 4, 1, 3

Choice (d) is the correct answer. Contingency planning involves more than planning for a move off-site after a disaster destroys a data center. It also addresses how to keep an organization's critical functions operating in the event of disruptions, both large and small. This broader perspective on contingency planning is based on the distribution of computer support throughout an organization. The correct sequence of steps is as follows: - Identifying the mission or business critical functions - Identifying the resources that support the critical functions - Anticipating potential contingencies or disasters - Selecting contingency planning strategies

86. Fire has swept through an organization's computer room. The company has lost its entire computer system. The best thing the organization could have done is to: a. Plan for cold site arrangements b. Plan for mutual agreements—negotiate with other similar organizations to back each other c. Plan for warm site arrangements since everything is ready to go d. Take daily backups to an off-site storage facility

Choice (d) is the correct answer. Daily backups taken to off-site storage facilities can minimize the damage. The whole company can suffer when disaster strikes. There is no room for complacency. Even hot/warm/cold sites and mutual agreements (choices a through c) require backups to continue with business operations. "No backup, no recovery" should be practiced.

55. Which of the following may not reduce the recovery time after a disaster strikes? a. Writing recovery scripts b. Performing rigorous testing c. Refining the recovery plans d. Documenting the recovery plans

Choice (d) is the correct answer. Documenting the recovery plan should be done first and be available to use during a recovery. The amount of time in developing the plan has no bearing on the recovery from a disaster. On the other hand, the amount of time spent on the other three choices and the degree of perfection attained in those choices will definitely help in reducing the recovery time after a disaster strikes. The more time spent on these three choices the better the quality of the plan.

92. Identify the item that demonstrates the ability of an organization to provide immediate, reliable, and clear information during different types of disasters. a. A comprehensive and written disaster recovery plan b. A written plan with a well-organized table of contents and easy to follow indexes c. A written plan that is approved by senior management and auditors d. Drills and exercises

Choice (d) is the correct answer. Drills give disaster recovery team members the opportunity to think through their tasks without the pressure of being measured or graded. Exercises should periodically be conducted unannounced to more closely simulate the pressure of a real disaster. The other three choices do not demonstrate the ability to respond when needed. A written plan is no good if it is not tested. There are several types of testing: reviews, analyses, and simulations of disasters. Drills and exercises are examples of simulation.

38. All of the following are objectives of emergency response procedures except: a. Protect life b. Control losses c. Protect property d. Maximize profits

Choice (d) is the correct answer. Emergency response procedures are those procedures initiated immediately after an emergency occurs in order to (1) protect life, (2) protect property, and (3) minimize the impact of the emergency (loss control). Maximizing profits can be practiced during non-emergency times but not during an emergency.

17. Which of the following is not an example of procedure-oriented disaster prevention activity? a. Backing up current data and program files b. Performing preventive maintenance on computer equipment c. Testing the disaster recovery plan d. Housing computers in a fire-resistant area

Choice (d) is the correct answer. Housing computers in a fireresistant area is an example of a physicallyoriented disaster prevention category while the other three choices are examples of procedure-oriented activities. Procedure-oriented actions relate to tasks performed on a day-to-day, month-to-month, or annual basis or otherwise performed regularly. Housing computers in a fire-resistant area with a noncombustible or charged sprinkler area is not regular Robbins (Fall 2018) work. It is part of a computer center building construction plan that happens once in a great while.

18. Which of the following statements is true about contingency planning tests? a. The results of a test should be viewed as either pass or fail b. The results of a test should be viewed as practice for a real emergency c. The results of a test should be used to assess whether the plan worked or did not work d. The results of a test should be used to improve the plan

Choice (d) is the correct answer. In the case of contingency planning, a test should be used to improve the plan. If organizations do not use this approach, flaws in the plan may remain hidden or uncorrected.

64. Which of the following ensures the successful completion of tasks in the development of business continuity and disaster recovery plans? a. Defining individual roles b. Defining operational activities c. Assigning individual responsibility d. Exacting individual accountability

Choice (d) is the correct answer. It is important to ensure that individuals responsible for the various business continuity and contingency planning activities are held accountable for the successful completion of individual tasks and that the core business process owners are responsible and accountable for meeting the milestones for the development and testing of contingency plans for their core business processes

1. Which of the following is a prerequisite to developing a disaster recovery plan? a. Business impact analysis b. Cost-benefit analysis c. Risk analysis d. Management commitment

Choice (d) is the correct answer. Management commitment and involvement are always needed for any major programs, and developing a disaster recovery plan is no exception. Better commitment leads to greater funding and support. All the other choices come after management commitment

6. Which of the following disaster recovery plan testing approaches is not recommended? a. Desk-checking b. Simulations c. End-to-end testing d. Full-interruption testing

Choice (d) is the correct answer. Management will not allow stopping of normal production operations for testing a disaster recovery plan. Some businesses operate on a 24X7 schedule and losing several hours of production time is tantamount to another disaster, financially or otherwise.

77. In a local area network (LAN) environment, which of the following requires the least redundancy planning? a. Cables b. Servers c. Power supplies d. Hubs

Choice (d) is the correct answer. Many physical problems in LANs are related to cables (choice a) since they can be broken or twisted. Servers (choice b) can be physically damaged due to disk head crash or power irregularities such as over or under voltage conditions. Uninterruptible power supply (choice c) provides power redundancy and protection to servers and workstations. Servers can be disk duplexed for redundancy. Redundant topologies such as star, mesh, or ring can provide a duplicate path should a main cable link fail. Hubs require physical controls such as lock and key since they are stored in wiring closets, although they can also benefit from redundancy, which can be very expensive. Given the choices, it is preferable to have redundant facilities for cables, servers, and power supplies

31. Which of the following computing backup facilities has a cost advantage? a. Shared contingency centers b. Hot sites c. Cold sites d. Reciprocal agreements

Choice (d) is the correct answer. Reciprocal agreements do not require nearly as much advanced funding as do commercial facilities. They are inexpensive compared to other choices. However, cost alone should not be the overriding factor when making backup facility decisions.

97. Determining the criticality of each computer-based application system in the production environment is important so that scarce resources can be allocated to highly critical systems. The best way to accomplish this objective is to: a. Ask the application programmer who is developing and/or maintaining the system b. Ask the computer operators who are running day-to-day production jobs c. Ask the internal and external auditors during their routine audit work d. Ask the end users how they would continue their operations if the system were unavailable for a specified period of time

Choice (d) is the correct answer. Since application systems are designed to provide data and information to end users, they are in a better position to assess the value or usefulness of the system to their business operations. Input from the other three parties (application programmers, computer operators, and auditors) is important but not as important as that of end users. Their view is limited.

96. The ideal requirement of a disaster recovery team coordinator is to: a. Be a systems programmer in order to understand the complexities of operating systems, security software, and databases b. Be a hardware specialist in order to be familiar with all types of computer equipment located at the primary and recovery site c. Be a network analyst or administrator in order to understand the intricacies of growing telecommunications d. Be able to communicate well with technical and nontechnical personnel

Choice (d) is the correct answer. The disaster recovery coordinator does not need the highly technical skills of a programmer, systems analyst, hardware specialist, or network administrator. However, the coordinator should be able to communicate with technical staff and adequately interpret what they say in order to communicate it effectively and clearly to nontechnical users and management.

36. The best location for a data center in a multi-storied building is which of the following: a. First floor b. Basement level c. Top floor d. Any floor other than the above

Choice (d) is the correct answer. The first floor is not a good location to prevent undesirable access. The basement is not good because of flooding and volatile storage. The top floor of high-rise building is not good because it may be beyond reach of fire department equipment.

94. When senior management support for the disaster recovery planning project has been obtained and resources have been authorized for the development of a disaster recovery document, the individuals who will do the actual writing of the plan should be selected on the basis of their: a. Technical knowledge of IS operating systems, databases, and telecommunications b. Consulting background with hardware and software vendors c. Consulting experience with clients or customers in the same industry d. Broad perspective of the organization and who can recognize all of the possible consequences that might surround a disaster

Choice (d) is the correct answer. The mix and composition of the disaster recovery team is important as it requires appropriate and competent people to develop, test, and maintain the plan. For example, a representative from each affected area of the organization should be a part of the plan development team. This mix of people provides a broader perspective of the organization.

40. The post-incident review report should not focus on: a. What happened b. What should have happened c. What should happen next d. Who caused it

Choice (d) is the correct answer. The post-incident review after a disaster has occurred should focus on what happened, what should have happened, and what should happen next, but not on who caused it. Blaming people will not solve the problem.

67. The least costly test approach for contingency plans is which of the following? a. Full-scale testing b. Pilot testing c. Parallel testing d. End-to-end testing

Choice (d) is the correct answer. The purpose of end-to-end testing is to verify that a defined set of interrelated systems, which collectively support an organizational core business area or function, interoperate as intended in an operational environment. Generally, end-to-end testing is conducted when one major system in the end-toend chain is modified or replaced, and attention is rightfully focused on the changed or new system. The boundaries on end-to-end tests are not fixed or predetermined but rather vary depending on a given business area's system dependencies (internal and external) and the criticality to the mission of the organization. Fullscale testing is costly and disruptive, while end-to-end testing is least costly. Pilot and parallel testing are not appropriate here.