1、Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 1 of 600 Q:The number one priority of disaster planning should always be:TOPIC:Business Continuity Planning and Disaster Recovery Planning A Preservation of capital B Personnel evacuation and safety C Re
2、sumption of core business functions D Investor relations Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 2 of 600 RIGHT=B See Chapter 10.People always come first!Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Grego
3、ry Page 3 of 600 Q:Which of the following is NOT a goal of a Business Impact Assessment(BIA)?TOPIC:Business Continuity and Disaster Recovery Planning A To inventory mutual aid agreements B To identify and prioritize business critical functions C To determine how much downtime the business can tolera
4、te D To identify resources required by critical processes Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 4 of 600 RIGHT=A See Chapter 10.Mutual aid agreements are not a significant concern of a BIA.Telecommunications and Network Security CD Test Ques
5、tions,CISSP for Dummies.Peter H.Gregory Page 5 of 600 Q:In the context of Data Processing Continuity Planning,“Subscription Services”refers to:TOPIC:Business Continuity and Disaster Recovery Planning A Contracts to have replacement computer hardware within 72 hours B Contracts to have replacement co
6、mputer hardware within 24 hours C Commercial services providing hot sites,warm sites,and cold sites D The quarterly journal“Continuity Planning”Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 6 of 600 RIGHT=C See Chapter 10.Subscription services refer
7、s to hot sites,warm sites,and cold sites.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 7 of 600 Q:The primary difference between a hot site and a warm site is:TOPIC:Business Continuity and Disaster Recovery Planning A A hot site is closer to the org
8、anizations data centers than is the warm site.B The warm sites systems dont have the organization software or data installed.C The warm site doesnt have computer systems in it.D The warm site is powered down,but the hot site is powered up and ready to go.Telecommunications and Network Security CD Te
9、st Questions,CISSP for Dummies.Peter H.Gregory Page 8 of 600 RIGHT=B See Chapter 10.Warm sites are mostly like hot sites except that the organizations software and data arent on the warm sites systems.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 9
10、of 600 Q:Which of the following is NOT a concern for a hot site?TOPIC:Business Continuity and Disaster Recovery Planning A Programs and data at the hot site must be protected.B A widespread disaster will strain the hot sites resources.C A hot site is expensive because of the controls and patches req
11、uired.D Computer equipment must be shipped quickly to the hot site for it to be effective.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 10 of 600 RIGHT=D See Chapter 10.The hot site already has computer equipment.Telecommunications and Network Secur
12、ity CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 11 of 600 Q:The disaster recovery plan needs to be continuously maintained because:TOPIC:Business Continuity and Disaster Recovery Planning A The organizations software versions are constantly changing.B The organizations business processe
13、s are constantly changing.C The available software patches are constantly changing.D The organizations data is constantly changing.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 12 of 600 RIGHT=B See Chapter 10.The DRP must contain an up-to-date reco
14、rd of all critical business processes.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 13 of 600 Q:How is the organizations DRP best kept up-to-date?TOPIC:Business Continuity and Disaster Recovery Planning A With regular audits to ensure that changes i
15、n business processes are known B By maintaining lists of current software versions,patches,and configurations C By maintaining personnel contact lists D By regularly testing the DRP Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 14 of 600 RIGHT=A See
16、 Chapter 10.Audits will uncover changes that are needed in the DRP.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 15 of 600 Q:Multiple versions of a DRP available in the organization will:TOPIC:Business Continuity and Disaster Recovery Planning A All
17、ow older pass-along versions of the plan to circulated to some personnel B Give involved personnel a choice of response procedures C Cause confusion during a disaster D Give critical personnel the best composite view of response procedures Telecommunications and Network Security CD Test Questions,CI
18、SSP for Dummies.Peter H.Gregory Page 16 of 600 RIGHT=C See Chapter 10.There should be only one available version of the DRP available in order to avoid confusion.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 17 of 600 Q:BCP stands for:TOPIC:Business
19、 Continuity and Disaster Recovery Planning A Basic Continuity Planning B Basic Continuity Procedure C Business Continuity Procedure D Business Continuity Planning Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 18 of 600 RIGHT=D BCP is an acronym for
20、Business Continuity Planning.See Chapter 10.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 19 of 600 Q:“Remote journaling”refers to:TOPIC:Business Continuity and Disaster Recovery Planning A A mechanism that transmits transactions to an alternate pro
21、cessing site B A procedure for maintaining multiple copies of change control records C A procedure for maintaining multiple copies of configuration management records D A mechanism that ensures the survivability of written records Telecommunications and Network Security CD Test Questions,CISSP for D
22、ummies.Peter H.Gregory Page 20 of 600 RIGHT=A See Chapter 10.Remote journaling keeps data at an alternate site up-to-date at all times.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 21 of 600 Q:Backing up data by sending it through a communications l
23、ine to a remote location is known as:TOPIC:Business Continuity and Disaster Recovery Planning A Transaction journaling B Off-site storage C Electronic vaulting D Electronic journaling Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 22 of 600 RIGHT=C S
24、ee Chapter 10.Electronic vaulting is the term that describes backing up data over a communications line to another location.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 23 of 600 Q:Which of the following is NOT a method used to create an online red
25、undant data set?TOPIC:Business Continuity and Disaster Recovery Planning A Remote journaling B Off-site storage C Electronic vaulting D Database mirroring Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 24 of 600 RIGHT=B See Chapter 10.Off-site storag
26、e is merely an alternate location for storing back-up media.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 25 of 600 Q:One of the chief disadvantages of a Mutual Aid Agreement is:TOPIC:Business Continuity and Disaster Recovery Planning A There is no
27、guarantee that the other organization will agree to help.B A large disaster affecting both organizations renders the agreement worthless.C Its the most expensive way to acquire a warm site.D The DRP isnt tested until a disaster strikes.Telecommunications and Network Security CD Test Questions,CISSP
28、for Dummies.Peter H.Gregory Page 26 of 600 RIGHT=B See Chapter 10.A disaster large enough to affect both organizations will negate the plan.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 27 of 600 Q:A hot site is the most expensive because:TOPIC:Busi
29、ness Continuity and Disaster Recovery Planning A Travel costs can be high.B Duplicate staff salaries are high.C HVAC systems are expensive to operate.D It requires constant maintenance to keep systems in sync.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory
30、 Page 28 of 600 RIGHT=D See Chapter 10.The hot site systems hardware,software,applications,and patches must be kept current with the organizations main data center(s).Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 29 of 600 Q:The types of DRP tests a
31、re:TOPIC:Business Continuity and Disaster Recovery Planning A Checklist,walkthrough,simulation,parallel,and full interruption B Checklist,simulation,parallel,and full interruption C Checklist,walkthrough,simulation,and full interruption D Walkthrough,simulation,and parallel Telecommunications and Ne
32、twork Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 30 of 600 RIGHT=A See Chapter 10.The five types of DRP tests are checklist,walkthrough,simulation,parallel,and full interruption.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 31
33、 of 600 Q:A parallel DRP test:TOPIC:Business Continuity and Disaster Recovery Planning A Is resource intensive and rarely used B Tests the full responsiveness by shutting down production systems C Runs in parallel with production processing D Is a paper exercise to test theoretical response to a dis
34、aster Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 32 of 600 RIGHT=C See Chapter 10.A parallel test utilizes parallel processing of the organizations systems but without shutting down production systems.Telecommunications and Network Security CD Te
35、st Questions,CISSP for Dummies.Peter H.Gregory Page 33 of 600 Q:A DRP checklist test:TOPIC:Business Continuity and Disaster Recovery Planning A Is really only a review of the disaster recovery procedures B Is a test of back-up system business resumption procedures C Is a test of production system re
36、covery procedures D Is a test of business process failover procedures Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 34 of 600 RIGHT=A See Chapter 10.A checklist test is nothing more than a review of disaster recovery procedures.Telecommunications an
37、d Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 35 of 600 Q:What is the purpose of a Salvage Team?TOPIC:Business Continuity and Disaster Recovery Planning A To resume critical business operations at the alternate processing site B To retrieve any needed items from off-sit
38、e storage C To return the primary processing site to normal business operations D To salvage any usable or marketable assets after a disaster Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 36 of 600 RIGHT=C See Chapter 10.The purpose of the Salvage T
39、eam is to resume normal business operations at the primary processing site(s).Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 37 of 600 Q:What is the purpose of a Recovery Team?TOPIC:Business Continuity and Disaster Recovery Planning A To resume criti
40、cal business operations at the alternate processing site B To retrieve any needed items from off-site storage C To return the primary processing site to normal business operations D To salvage any usable or marketable assets after a disaster Telecommunications and Network Security CD Test Questions,
41、CISSP for Dummies.Peter H.Gregory Page 38 of 600 RIGHT=A See Chapter 10.The Recovery Teams purpose is to get critical business operations up and running as soon as possible at the alternate processing site.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Pa
42、ge 39 of 600 Q:Why is communications with the media important during a disaster?TOPIC:Business Continuity and Disaster Recovery Planning A Emergency communications with personnel occur through the media.B The media can report official status instead of relying upon rumors.C Its required by the Secur
43、ities and Exchange Commission.D Its recommended by the Business Contingency Planning Association.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 40 of 600 RIGHT=B See Chapter 10.In the absence of communication with the media,inaccurate and usually pes
44、simistic news about the disaster will spread.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 41 of 600 Q:When is a disaster defined to be over?TOPIC:Business Continuity and Disaster Recovery Planning A One year after it began B When the Recovery phase
45、 has begun C When all business operations have resumed at alternate operations site(s)D When all business operations have resumed at the primary operations site(s)Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 42 of 600 RIGHT=D See Chapter 10.The dis
46、aster is said to be over when all business operations have resumed at their usual production sites.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 43 of 600 Q:What new scenario did the 2001 World Trade Center disaster bring to business contingency pla
47、nning?TOPIC:Business Continuity and Disaster Recovery Planning A The sudden loss of a significant portion of an organizations workforce B Airplanes being deliberately crashed into buildings C The unprecedented cessation of securities trading for several consecutive days D The restrictions of long-di
48、stance travel by air Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 44 of 600 RIGHT=A See Chapter 10.Prior to 2001,business contingency planning didnt adequately take into account the unlikely(but now proven possible)scenario of the loss of many or m
49、ost of an organizations personnel.Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 45 of 600 Q:A data processing facility on truck trailers or mobile homes is known as:TOPIC:Business Continuity and Disaster Recovery Planning A A Frozen Back-up Site B A
50、 Migrant Back-up Site C A Rolling Back-up Site D In Itinerant Back-up Site Telecommunications and Network Security CD Test Questions,CISSP for Dummies.Peter H.Gregory Page 46 of 600 RIGHT=C See Chapter 10.A Rolling Back-up Site(also known as a Mobile Back-up Site)is a portable site built onto a truc
