Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
93 Cards in this Set
- Front
- Back
involve the identification, selection, implementation, testing and updating of processes and specific actions necessary to prudently protect criticial busin precesses from the effects of major system and network disruptions and to ensure the timely restoration of business ops if significant disruptions occur
|
BCP and DRP
|
|
BIA stands for
|
Business Impact Analysis
|
|
MTD stands for
|
Maximum Tolerable Downtime
|
|
first step in building BC program
|
Project initiation and management
|
|
activites of project initiation and mgmt
|
1) obtain senior mgmt support
2) define a project scope, the objectives, to be achieved and planning assumptions 3) estimate the project resources needed (human and financial) 4) Define a timeline and major deliverables |
|
Senior leadership's two major goals
|
1) Grow the business
2) Protect the brand |
|
What are the risk to a corporation for not having BC/DRP?
|
1) Financial
2) Reputational 3) Regulatory |
|
Formula for calculating financial risk
|
P * M = C
P: Probability of harm M: Magnitude of harm C: Cost of prevention |
|
Prudent man rule
|
exercise the same care in managing the company affairs as in managing one's own affairs
|
|
1. Which of the following is considered the most important component of the enterprisewide continuity planning program?
|
c. Executive management support
|
|
2. During the threat analysis phase of the continuity planning methodology, which of the following threats should be addressed?
a. Physical security b. Environmental security c. Information security d. All of the above |
d. All of the above
|
|
3. The major objective of the business impact assessment process is to:
a. Prioritize time-critical business processes b. Determine the most appropriate recovery time objective for business processes c. Assist in prioritization of IT applications and networks d. All of the above |
d. All of the above
|
|
4. Continuity of IT technologies or IT network infrastructure capabilities is addressed in what type
of continuity plan? |
a. Disaster recovery plans
|
|
5. Crisis management planning focuses management attention on the following:
|
Preplanning that will enable management to anticipate and react in the event of emergency
|
|
6. Performing benchmarking and peer review relative to enterprise continuity planning business processes is a valuable method to do all of the following except:
a. Help identify leading business continuity planning processes and practices b. Allow realistic goal setting for action plans and agendas c. Provide a method for developing metrics and measures for the continuity planning process d. Compare continuity planning personnel salary levels |
d. Compare continuity planning personnel salary levels
|
|
7. An effective continuity plan will contain all of the following type of information except for:
a. Prioritized list of business processes or IT systems to be recovered b. The business impact assessment report c. Recovery team structures and assignments d. The primary and secondary location where backup and recovery activities will take place |
b. The business impact assessment report
|
|
8. All but one of the following are advantages of automating or utilizing continuity planning software:
a. It standardizes training approaches. b. It provides a platform for management and audit oversight. c. It eases long-term continuity plan maintenance. d. It provides business partners with an enterprisewide view of the continuity planning infrastructure. |
It provides business partners with an enterprisewide view of the continuity planning infrastructure.
|
|
9. Which is the least important reason for developing business continuity and disaster recovery
plans? a. Disasters really do occur b. Budgeting IT expenditures c. Good business practice and standard of due care d. Legal or regulatory compliance |
b. Budgeting IT expenditures
|
|
10. When conducting the business impact assessment, business processes are examined relative to
all but one of the following criteria: a. Customer interruption impacts b. Embarrassment or loss of confidence impacts c. Executive management disruption impacts d. Revenue loss potential impacts |
c. Executive management disruption impacts
|
|
11. The primary purpose of formalized continuity planning test plans is to accomplish all except:
a. Define test scope and objectives b. Define test timeframes c. Define test costs d. Define the test scrip |
c. Define test costs
|
|
12. The primary reason for conducting continuity planning tests is to:
|
b. Ensure that continuity plans are current and viable
|
|
13. During development of alternative recovery strategies, all of the following activities should be performed except:
Use the prioritized business process maps developed during the BIA to map time-critical supporting resources a. Use the prioritized business process maps developed during the BIA to map time-critical supporting resources b. Develop short-and long-term testing and maintenance strategies c. Prepare cost estimates for acquisition of continuity support resources d. Provide executive management with recommendations on acquiring appropriate continuity resources |
Develop short-and long-term testing and maintenance strategies
|
|
14. The primary phases of the enterprise continuity planning implementation methodology include all of the following except:
a. Current state assessment phase b. Execution phase c. Design and development phase d. Management phase |
b. Execution phase
|
|
15. Which of the following statements most appropriately describes the timeliness of processes and supporting resources prioritization and recovery?
|
c. The processes are time critical
|
|
what are the phases of Business continuity planning?
|
1. Project Mgt & Initiation
2. Business Impact Analysis 3. Recovery strategy 4. Plan design 5. Development and testing, Maintenance, awareness and training |
|
Which phrase best defines a business continuity/disaster recovery plan?
|
The adequate preparations and procedures for the continuation of all business functions
|
|
Regardless of industry, which element of legal and regulatory requirements are all industries subject to?
|
Prudent man rule
|
|
Which of the following statements best describe the extent to which an organization should address business continuity or disaster recovery planning?
|
Continuity planning is a significant corporate issue and should include all parts or functions of the company
|
|
Business impact analysis is performed to identify
|
The exposures to loss to the organization
|
|
During risk analysis phase of the planning, which of the following actions could manage threats or mitigate the effects of an event?
|
Implementing procedural controls
|
|
The reason to implement additional controls or safeguards is to:
|
reduce the impact of the threat
|
|
Which of the following statement most accurately describes BIA?
|
A BIA establishes the effect of disruptions on the organization
|
|
The term disaster recovery commonly refers to
|
The recovery of the technology environment
|
|
Which of the following terms best describes the effort to determine the consequences of disruption that could result from a disaster
|
Business Impact Analysis
|
|
A key advantage of using a cold site as a recovery option is that is
|
a less expensive recovery option
|
|
The elements of risk are:
|
Threats, assets and mitigating controls
|
|
The term RTO means
|
Recovery Time objective
|
|
two terms that mean the amount of time the business can function without that application before significant business impact occurs
|
Recovery Time Objective (RTO) or Maximum Tolerable Downtime (MTD)
|
|
IF a company wants the most efficient restore from tape backup
a) full backup b) Incremental backup c) partial backup d) differential backup |
a) full backup
|
|
One of the advantages of a hot site recovery solution is
|
highly available
|
|
which of the following models is not acceptable for exercising the business continuity plan?
|
Halting a production application or function
|
|
Which of the following is the primary desired result of any well-planned business continuity exercise?
|
Identifies strengths and weaknessess
|
|
A business continuity plan should be updated and maintained
|
Immediately following an exercise, Following a major change in personnel, and after installing new software
|
|
how often should DR proceedures be reviewed and audited
|
every 3 months..audited every year
|
|
BS 25999 defines
|
Business Continuity Management
|
|
Two other names for BCP
|
Business Continuity mgt (BCM) and Continuity of Operations (COOP)
|
|
BCM Life-cycle
|
1) Analyze your business
2) Analyze the risks 3) Develop your strategy 4) Develop your plan 5) Rehearse the plan |
|
BCP Phases
|
1) Project scope and planning
2) BIA 3) BC & Recovery Strategy 4) Plan design and Development 5) implementation 6) Restoration/DR 7) Feedback & Plan Mgmt |
|
RPO (recovery Point objective) measures
|
tolerance for data loss. The point to which information must be restored in order to enable the organizaiton to function without unacceptable loss of data
|
|
test where representatives get together in a mtg and review the plan collectively
|
Structured walk-through
|
|
what process identifies business function to be recovered during a disaster?
|
BIA
|
|
A contingency plan should be written to:
|
prepare for reasonable threats
|
|
The most important reason to cerate a BCP
|
increase the chances of a business surviving a disaster
|
|
Who/what guides a BCP project
|
steering commitee
|
|
what is the first step in creating a BCP
|
perform a BIA
|
|
which recovery alternative has the highest readiness?
|
mirrored site
|
|
given thtat a business has recovered to a vendor hot side, what is a reasonable solution for a long term outage?
|
cold site
|
|
for what interruption is a near side backup reasonable?
|
Fire
|
|
which backup has the worst RPO
|
Full
|
|
what is an effective way to verify a contact list?
|
Simulation
|
|
when should a full interruption test be conducted?
|
only with senior executive authorization
|
|
When restoring to normal following the use of a a DRP which is most important?
|
synchronized data between alternative site and normal site
|
|
BCP awareness and trng should be extended to
|
All peron who may be on-site
|
|
because BCP and DRP plans and procedures contain propietrary and sensitive info and they are updated frequently, their distributioin should be limited to:
|
BC team and secured at the EOC and off-site storage
|
|
An evacuation drill is schuled and a em amployee reports tow work with leg cast. As BC coordinator, you direct him/her to:
|
follow evacuation proceedures
|
|
Under which of the followiln situations should a trashcan fire be considered a disaster?
|
the fire caused critical business systems to be diabled for longer thean the the MTD
|
|
Emergency action are taken at the beginningstage of a disaster with the objectives of perenting injuries, loss of life and
|
containing damage
|
|
After completion of a BIA, recover strategies must be developed. The primary concern of these recovery strategies is
|
Meeting the pre-determined time frame
|
|
Operational recover strategies can include hot sites, warm sites, cold sites and MPC. Wich woul be the mos tappropriate for a buiness wysstem whoes MTD is 3hrs?
|
MPC
|
|
According to local policy, disaste recovery team members meet annually to discuess business recoery strategies. Each team member describes the seriies of action taken by their dept. in the vent of an emergency. Action are critqued based on efficiency of a system recovery and impact to the business unites. This is best described as why type of testing straegy?
|
Structured walk-thru
|
|
Test where you give each business a copy of the plan, have them run through a checklist to make sure all relevant points are covered?
|
checklist
|
|
What is the best way to assure the reliability of backup tapes which are being mainteained at a disaster recovery site?
|
Retrieve the tapes and verify that they can be read
|
|
RPO for "non-essential"
|
30 days
|
|
RPO for "normal"
|
7 days
|
|
RPO for "important"
|
72 hrs
|
|
RPO for "urgent"
|
24 hrs
|
|
RPO for "critical/essential"
|
minutes to hrs
|
|
Replication
|
Disk replication or recovery images optimized recover. Data is written to 2 disks and provides high availability
|
|
Distributed processign
|
server (same or mult. locations) are configured with load balancine and clustering
|
|
Electronic vaulting
|
data is backed up to remote drives off-site or over high-quality comm links
|
|
Remote journaling
|
transactions or journal files are periodically transmitted to the remote drives located off-site
|
|
media archives
|
media are backed up and transported to an off-site location (full, incrmental, differential)
|
|
SAN
|
high performance local or remote networks that permit backup by heterogenous computers
|
|
Which of the following threats cripples a business, destroys the original facility, and required shor and long-term recovery planning
|
Catastrophe (most significant impact > disaster)
|
|
what is the main reason business continuity plans become outdated?
|
They are viewed as a project
|
|
what is the switched fabric in a SAN?
|
The paths between the nodes and the back-end storage devices. It provides fault tolerance and redundancy
|
|
what step is not part of the BIA
|
report findings to the Company
|
|
and off-site facility should be how far from the primary facility
|
>= 25mi
|
|
First step in planning disaster response proceddures
|
identify a team
|
|
which involves actually moving some systems..parallel v simulation
|
parallel
|
|
BIA is performed to identify
|
the exposures to loss to the organization
|
|
What phrase best defines a BC/DRP
|
the adequate prepartions and procedures for the continuation of all business functions
|
|
backup Most efficient in recovery
|
Full backup
|