1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 234
Выбрать главу

Identify the mission or business or critical functions.

Identify the resources that support the critical functions.

Anticipate potential contingencies or disasters.

Select contingency planning strategies.

39. A contingency planning strategy consists of the following four parts. Which of the following parts are closely related to each other?

a. Emergency response and recovery

b. Recovery and resumption

c. Resumption and implementation

d. Recovery and implementation

39. b. The selection of a contingency planning strategy should be based on practical considerations, including feasibility and cost. Risk assessment can be used to help estimate the cost of options to decide an optimal strategy. Whether the strategy is onsite or offsite, a contingency planning strategy normally consists of emergency response, recovery, resumption, and implementation.

In emergency response, it is important to document the initial actions taken to protect lives and limit damage. In recovery, the steps that will be taken to continue support for critical functions should be planned. In resumption, what is required to return to normal operations should be determined. The relationship between recovery and resumption is important. The longer it takes to resume normal operations, the longer the organization will have to operate in the recovery mode. In implementation, it is necessary to make appropriate preparations, document the procedures, and train employees. Emergency response and implementation do not have the same relationship as recovery and resumption does.

40. Contingency planning for local-area networks should consider all the following except:

a. Incident response

b. Remote computing

c. Backup operations

d. Recovery plans

40. b. Remote computing is not applicable to a local-area network (LAN) because the scope of a LAN is limited to local area only such as a building or group of buildings. Wide-area networks or metropolitan-area networks are good for remote computing. A contingency plan should consider three things: incident response, backup operations, and recovery.

The purpose of incident response is to mitigate the potentially serious effects of a severe LAN security-related problem. It requires not only the capability to react to incidents but also the resources to alert and inform the users if necessary.

Backup operation plans are prepared to ensure that essential tasks can be completed subsequent to disruption of the LAN environment and can continue until the LAN is sufficiently restored. Recovery plans are made to permit smooth, rapid restoration of the LAN environment following interruption of LAN usage. Supporting documents should be developed and maintained that minimize the time required for recovery. Priority should be given to those applications and services that are deemed critical to the functioning of the organization. Backup operation procedures should ensure that these critical services and applications are available to users.

41. Rank the following objectives of a disaster recovery plan (DRP) from most to least important:

1. Minimize the disaster’s financial impact on the organization.

2. Reduce physical damage to the organization’s property, equipment, and data.

3. Limit the extent of the damage and thus prevent the escalation of the disaster.

4. Protect the organization’s employees and the general public.

a. 1, 2, 3, and 4

b. 3, 2, 1, and 4

c. 4, 1, 3, and 2

d. 4, 2, 1, and 3

41. c. The health and safety of employees and general public should be the first concern during a disaster situation. The second concern should be to minimize the disaster’s economic impact on the organization in terms of revenues and sales. The third concern should be to limit or contain the disaster. The fourth concern should be to reduce physical damage to property, equipment, and data.

42. Rank the following benefits to be realized from a comprehensive disaster recovery plan (DRP) from most to least important:

1. Reduce insurance costs.

2. Enhance physical and data security.

3. Provide continuity of organization’s operations.

4. Improve protection of the organization’s assets.

a. 1, 2, 3, and 4

b. 3, 2, 1, and 4

c. 3, 4, 2, and 1

d. 4, 2, 3, and 1

42. c. The most important benefit of a comprehensive disaster recovery plan is to provide continuity of operations followed by protection of assets, increased security, and reduced insurance costs. Assets can be acquired if the business is operating and profitable. There is no such thing as 100 percent security. A company can assume self-insurance.

43. What is the inherent limitation of a disaster recovery planning exercise?

a. Inability to include all possible types of disasters

b. Assembling disaster management and recovery teams

c. Developing early warning monitors that trigger alerts and responses

d. Conducting periodic drills

43. a. Because there are many types of disasters that can occur, it is not practical to consider all such disasters. Doing so is cost-prohibitive. Hence, disaster recovery planning exercises should focus on major types of disasters that occur frequently. One approach is to perform risk analysis to determine the annual loss expectancy (ALE), which is calculated from the frequency of occurrence of a possible loss multiplied by the expected dollar loss per occurrence.

44. Which of the following items is usually not considered when a new application system is brought into the production environment?

a. Assigning a contingency processing priority code

b. Training computer operators

c. Developing computer operations documentation

d. Training functional users

44. a. An application system priority analysis should be performed to determine the business criticality for each computer application. A priority code or time sensitivity code should be assigned to each production application system that is critical to the survival of the organization. The priority code tells people how soon the application should be processed when the backup computer facility is ready. This can help in restoring the computer system following a disaster and facilitate in developing a recovery schedule.

45. Which of the following disaster scenarios is commonly not considered during the development of disaster recovery and contingency planning?

a. Network failure

b. Hardware failure

c. Software failure

d. Failure of the local telephone company

45. d. Usually, telephone service is taken for granted by the recovery team members that could negatively affect Voice over Internet Protocol (VoIP) services. Consequently, it is not addressed in the planning stage. However, alternative phone services should be explored. The other three choices are usually considered due to familiarity and vendor presence.

~ 234 ~