1. Главная
  2. Книги
  3. Vallabhaneni S. Rao
  4. CISSP Practice
  5. Страница 235
Выбрать главу

46. Which of the following phases in the contingency planning and emergency program is most difficult to sell to an organization’s management?

a. Mitigation

b. Preparedness

c. Response

d. Recovery

46. a. Mitigation is a long-term activity aimed at eliminating or reducing the probability of an emergency or a disaster occurring. It requires “up-front” money and commitment from management. Preparedness is incorrect because it is a readiness to respond to undesirable events. It ensures effective response and minimizes damage. Response is incorrect because it is the first phase after the onset of an emergency. It enhances recovery operations. Recovery is incorrect because it involves both short- and long-term restoration of vital systems to normal operations.

47. Which of the following is the best form of a covered loss insurance policy?

a. A basic policy

b. A broad policy

c. A special all-risk policy

d. A policy commensurate with risks

47. d. Because insurance reduces or eliminates risk, the best insurance is the one commensurate with the most common types of risks to which a company is exposed.

The other three choices are incorrect. A basic policy covers specific named perils including fire, lightning, and windstorm. A broad policy covers additional perils such as roof collapse and volcanic action. A special all-risk policy covers everything except specific exclusions named in the policy.

48. Which of the following IT contingency solutions increases a server’s performance and availability?

a. Electronic vaulting

b. Remote journaling

c. Load balancing

d. Disk replication

48. c. Load balancing systems monitor each server to determine the best path to route traffic to increase performance and availability so that one server is not overwhelmed with traffic. Electronic vaulting and remote journaling are similar technologies that provide additional data backup capabilities, with backups made to remote tape or disk drives over communication links. Disk replication can be implemented locally or between different locations.

49. Which of the following can be called the disaster recovery plan of last resort?

a. Contract with a recovery center

b. Demonstration of the recovery center’s capabilities

c. Tour of the recovery center

d. Insurance policy

49. d. According to insurance industry estimates, every dollar of insured loss is accompanied by three dollars of uninsured economic loss. This suggests that companies are insured only for one-third of the potential consequences of a disaster and that insurance truly is a disaster recovery plan of last resort.

50. What should be the last step in a risk assessment process performed as a part of business continuity plan?

a. Consider possible threats.

b. Establish recovery priorities.

c. Assess potential impacts.

d. Evaluate critical needs.

50. b. The last step is establishing priorities for recovery based on critical needs. The following describes the sequence of steps in a risk assessment process:

1. Possible threats include natural (for example, fires, floods, and earthquakes), technical (for example, hardware/software failure, power disruption, and communications interference), and human (for example, riots, strikes, disgruntled employees, and sabotage).

2. Assess impacts from loss of information and services from both internal and external sources. This includes financial condition, competitive position, customer confidence, legal/regulatory requirements, and cost analysis to minimize exposure.

3. Evaluate critical needs. This evaluation also should consider timeframes in which a specific function becomes critical. This includes functional operations, key personnel, information, processing systems, documentation, vital records, and policies and procedures.

4. Establish priorities for recovery based on critical needs.

51. For business continuity planning/disaster recovery planning (BCP/DRP), business impact analysis (BIA) primarily identifies which of the following?

a. Threats and risks

b. Costs and impacts

c. Exposures and functions

d. Events and operations

51. a. Business impact analysis (BIA) is the process of identifying an organization’s exposure to the sudden loss of selected business functions and/or the supporting resources (threats) and analyzing the potential disruptive impact of those exposures (risks) on key business functions and critical business operations. Threats and risks are primary and costs and impacts are secondary, where the latter is derived from the former.

The BIA usually establishes a cost (impact) associated with the disruption lasting varying lengths of time, which is secondary.

52. Which of the following is the best course of action to take for retrieving the electronic records stored at an offsite location?

a. Installing physical security controls offsite

a. Installing environmental security controls offsite

c. Ensuring that software version stored offsite matches with the vital records version

d. Rotating vital records between onsite and offsite

52. c. The IT management must ensure that electronic records are retrievable in the future, requiring the correct version of software that created the original records is tested and stored offsite, and that the current software version is matched with the current version of vital records.

The other three choices are incorrect because, although they are important in their own way, they do not directly address the retrieval of electronic records. Examples of physical security controls include keys and locks, sensors, alarms, sprinklers, and surveillance cameras. Examples of environmental controls include humidity, air conditioning, and heat levels. Rotating vital records between onsite and offsite is needed to purge the obsolete records and keep the current records only.

53. What is the purpose of a business continuity plan (BCP)?

a. To sustain business operations

b. To recover from a disaster

c. To test the business continuity plan

d. To develop the business continuity plan

53. a. Continuity planning involves more than planning for a move offsite after a disaster destroys a data center. It also addresses how to keep an organization’s critical functions operating in the event of disruptions, both large and small. This broader perspective on continuity planning is based on the distribution of computer use and support throughout an organization. The goal is to sustain business operations.

54. The main body of a contingency or disaster recovery plan document should not address which of the following?

~ 235 ~