a. What?

b. When?

c. How?

d. Who?

54. c. The plan document contains only the why, what, when, where, and who, not how. The how deals with detailed procedures and information required to carry out the actions identified and assigned to a specific recovery team. This information should not be in the formal plan because it is too detailed and should be included in the detail reference materials as an appendix to the plan. The why describes the need for recovery, the what describes the critical processes and resource requirements, the when deals with critical time frames, the where describes recovery strategy, and the who indicates the recovery team members and support organizations. Keeping the how information in the plan document confuses people, making it hard to understand and creating a maintenance nightmare.

55. Which of the following contingency plan test results is most meaningful?

a. Tests met all planned objectives in restoring all database files.

b. Tests met all planned objectives in using the latest version of the operating systems software.

c. Tests met all planned objectives using files recovered from backups.

d. Tests met all planned objectives using the correct version of access control systems software.

55. c. The purpose of frequent disaster recovery tests is to ensure recoverability. Review of test results should show that the tests conducted met all planned objectives using files recovered from the backup copies only. This is because of the no backup, no recovery principle. Recovery from backup also shows that the backup schedule has been followed regularly. Storing files at a secondary location (offsite) is preferable to the primary location (onsite) because it ensures continuity of business operations if the primary location is destroyed or inaccessible.

56. If the disaster recovery plan is being tested for the first time, which of the following testing options can be combined?

a. Checklist testing and simulation testing

b. Simulation testing and full-interruption testing

c. Checklist testing and structured walk-through testing

d. Checklist testing and full-interruption testing

56. c. The checklist testing can ensure that all the items on the checklists have been reviewed and considered. During structured walk-through testing, the team members meet and walk through the specific steps of each component of the disaster recovery process and find gaps and overlaps.

Simulation testing simulates a disaster during nonbusiness hours, so normal operations will not be interrupted. Full-interruption testing is not recommended because it activates the total disaster recovery plan. This test is costly and disruptive to normal operations and requires senior management’s special approval.

57. Which of the following should be consistent with the frequency of information system backups and the transfer rate of backup information to alternative storage sites?

1. Recovery time objective

2. Mean-time-to-failure

3. Recovery point objective

4. Mean-time-between-outages

a. 1 and 2

b. 1 and 3

c. 2 and 3

d. 2 and 4

57. b. The frequency of information system backups and the transfer rate of backup information to alternative storage sites should be consistent with the organization’s recovery time objective (RTO) and recovery point objective (RPO). Recovery strategies must be created to meet the RTO and RPO. Mean-time-to-failure (MTTF) is most often used with safety-critical systems such as airline traffic control systems (radar control services) to measure time between failures. Mean-time-between-outages (MTBO) is the mean time between equipment failures that result in loss of system continuity or unacceptable degradation. MTTF deals with software issues, whereas MTBO measures hardware problems.

58. All the following are misconceptions about a disaster recovery plan except:

a. It is an organization’s assurance to survive.

b. It is a key insurance policy.

c. It manages the impact of LAN failures.

d. It manages the impact of natural disasters.

58. a. A well-documented, well-rehearsed, well-coordinated disaster recovery plan allows businesses to focus on surprises and survival. In today’s environment, a local-area network (LAN) failure can be as catastrophic as a natural disaster, such as a tornado. Insurance does not cover every loss.

The other three choices are misconceptions. What is important is to focus on the major unexpected events and implement modifications to the plan so that it is necessary to reclaim control over the business. The key is to ensure survival in the long run.

59. Which of the following disaster recovery plan test results would be most useful to management?

a. Elapsed time to perform various activities

b. Amount of work completed

c. List of successful and unsuccessful activities

d. Description of each activity

59. c. Management is interested to find out what worked (successful) and what did not (unsuccessful) after a recovery from a disaster. The idea is to learn from experience.

60. Which of the following is not an example of procedure-oriented disaster prevention activity?

a. Backing up current data and program files

b. Performing preventive maintenance on computer equipment

c. Testing the disaster recovery plan

d. Housing computers in a fire-resistant area

60. d. Housing computers in a fire-resistant area is an example of a physically oriented disaster prevention category, whereas the other three choices are examples of procedure-oriented activities. Procedure-oriented actions relate to tasks performed on a day-to-day, month-to-month, or annual basis or otherwise performed regularly. Housing computers in a fire-resistant area with a noncombustible or charged sprinkler area is not regular work. It is part of a major computer-center building construction plan.

61. Which of the following is the most important outcome from contingency planning tests?

a. The results of a test should be viewed as either pass or fail.

b. The results of a test should be viewed as practice for a real emergency.

c. The results of a test should be used to assess whether the plan worked or did not work.

d. The results of a test should be used to improve the plan.

61. d. In the case of contingency planning, a test should be used to improve the plan. If organizations do not use this approach, flaws in the plan may remain hidden or uncorrected. Although the other three choices are important in their own way, the most important outcome is to learn from the test results in order to improve the plan next time, which is the real benefit.