1、Question: 299 | Difficulty: 3/5 | Relevancy: 3/3 Which of the following is covered under Crime Insurance Policy Coverage? Inscribed, printed and Written documents Manuscripts Accounts Receivable ?Money and Securities Details Submit a comment on this question Source: TIPTON, Harold F. & KRAUSE, MICKI
2、, Information Security Management Handbook, 4th Edition, Volume 1, Property Insurance overview, Page 589.Edited: July 17, 2007, by Mike Young, CISSPContributor: Jamil SiddiqueStudy area: CISSP CBK - BCP and DRPCovered topic: Insurance This question ? Copyright 20032009 Jamil Siddique, cccure.org. Al
3、l rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 1151 | Difficulty: 3/5 | Relevancy: 3/3 Which of the following enables the person responsible for contingency planning to focus risk management efforts and resources in a p
4、rioritized manner only on the identified risks?Risk assessment Residual risks Security controls Business units Details Submit a comment on this question The risk assessment is critical because it enables the person responsible for contingency planning to focus risk management efforts and resources i
5、n a prioritized manner only on the identified risks. The risk management process includes the risk assessment and determination of suitable technical, management, and operational security controls based on the level of threat the risk imposes. Business units should be included in this process.Source
6、: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2008 (page 7).Thanks to Ariben Daniels for having worked on the Question.Contributor: Christian VezinaStudy area
7、: CISSP CBK - BCP and DRPCovered topic: Risk assessment This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 1158 | Difficulty: 2/5 | Relevancy: 3/3 Which of
8、the following teams should NOT be included in an organizations contingency plan? Damage assessment team Hardware salvage team ?Tiger team Legal affairs team Details Submit a comment on this question According to NISTs Special publication 800-34, a capable recovery strategy will require some or all o
9、f the following functional groups: Senior management official, management team, damage assessment team, operating system administration team, systems software team, server recovery team, LAN/WAN recovery team, database recovery team, network operations recovery team, telecommunications team, hardwar
10、e salvage team, alternate site recovery coordination team, original site restoration/salvage coordination team, test team, administrative support team, transportation and relocation team, media relations team, legal affairs team, physical/personal security team, procurements team. Ideally, these tea
11、ms would be staffed with the personnel responsible for the same or similar operation under normal conditions. A tiger team, originally a U.S. military jargon term, defines a team (of sneakers) whose purpose is to penetrate security, and thus test security measures. Used today for teams performing et
12、hical hacking.Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2008 (page 23).Contributor: Christian VezinaStudy area: CISSP CBK - BCP and DRPCovered topic
13、: Elements of contingency planning This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 1513 | Difficulty: 4/5 | Relevancy: 3/3 Which of the following is NOT
14、a disadvantage of a hot site? It is expensive. There are cases of common overselling of processing capabilities by the service provider. ?It provides a false sense of security. It can be administratively resource intensive. Details Submit a comment on this question Hot sites do not provide a false s
15、ense of security since they are the best disaster recovery alternate backup site. It is fully configured and can be activated in a very short period of time. Cold sites, not hot sites, provide a false sense of security. In reality, using a cold site will most likely make effective recovery impossibl
16、e.Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2008, Chapter 8: Business Continuity Planning and Disaster Recovery Planning (page 284).Thanks to Joseph Marceau for providing input.Comment: REALITY IS: 90% of pro
17、viders will oversell their capacity. This is fine in random disaster affecting one company at the time but could be a real issue in the case of a large scale disaster such as a hurricane or flooding.In the case of a large disaster, the alternate site could be affected as well. In past hurricane peop
18、le had to fly to remote locations to have access to an alternate site. It must also be realized that MANY providers have black on white within their agreement that it is on a First Come, First Serve basis.Make sure you read the fine print when you sign an agreement with your provider. Testing, drill
19、s, and constant update of the plan would ensure it is usable when you need it. Contributor: Christian VezinaStudy area: CISSP CBK - BCP and DRPCovered topic: Alternate sites This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized use or duplication witho
20、ut explicit written permission of author and of cccure.org.Question: 1969 | Difficulty: 3/5 | Relevancy: 3/3 During a business impact analysis it is concluded that a system has maximum tolerable downtime of 2 hours. What would this system be classified as? Important Urgent ?Critical Vital Details Su
21、bmit a comment on this question The correct answer is: CriticalHere are some examples of MTD values suggested by Shon Harris:NonEssential 30 DaysNormal 7 DaysImportant 72 HoursUrgent 24 HoursCritical Minutes to hoursThe following answers were all incorrect:ImportantUrgentVitalThe following reference
22、(s) were/was used to create this question:Chapter 9: Business Continuity and Disaster RecoveryCISSP Certification All-in-One Exam Guide, 4th Edition, Shon Harris Question contributed by: Magnus MelinEmail or CCCure Nickname of question author: MelonQuestion reviewed by: Clement Dupuis Question comme
23、nt submited by:Study areas: CISSP CBK - Security Architecture and Design, CISSP CBK - BCP and DRPThis question ? Copyright 20032009 cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 114 | Difficulty: 2/5 | Re
24、levancy: 3/3 Contracts and agreements are unenforceable in which of the following alternate backup facilities? hot site. warm site. cold site. ?reciprocal agreement. Details Submit a comment on this question The correct answer is: reciprocal agreement. With a reciprocal agreement is where two or mor
25、e organizations mutually agree to provide facilities to the other if a disaster occurs. The organizations must have similiar hardware and software configurations. Reciprocal agreements are often not legally binding.The following answers are incorrect:hot site. Is incorrect because you have a contrac
26、t in place stating what services are to be provided.warm site. Is incorrect because you have a contract in place stating what services are to be provided.cold site. Is incorrect because you have a contract in place stating what services are to be provided.Last modified 6/08/2007 - J. HajecComment: R
27、eciprocal agreements are not contracts and cannot be enforced. You cannot force someone you have such an agreement with to provide processing to you. Government regulators do not accept reciprocal agreements as valid disaster recovery backup sites. Cold sites are empty computer rooms consisting only
28、 of environmental systems, such as air conditioning and raised floors, etc. They do not meet the requirements of most regulators and boards of directors that the disaster plan be tested at least annually. Time Brokers promise to deliver processing time on other systems. They charge a fee, but cannot
29、 guaranty that processing will always be available, especially in areas that experienced multiple disasters. With the exception of providing your own hot site, commercial hot sites provide the greatest protection. Most will allow you up to six weeks to restore your sites if you declare a disaster. T
30、hey also permit an annual amount of time to test the Disaster Plan. References:OIG CBK Business Continuity and Disaster Recovery Planning (pages 368 - 369)Study area: CISSP CBK - BCP and DRPCovered topic: Alternate sites This question ? Copyright 20032009 cccure.org. All rights reserved. No unauthor
31、ized use or duplication without explicit written permission of author and of cccure.org.Question: 700 | Difficulty: 3/5 | Relevancy: 3/3 When conducting a business continuity audit, which of the following would be the MOST important to review? A hot site is contracted for and available as needed A b
32、usiness continuity manual is available and current Insurance coverage is adequate and premiums are current ?Media backups are performed on a timely basis and stored off-site Details Submit a comment on this question The correct answer is Media backups are performed on a timely basis and stored off-s
33、ite as without data to process, all other components of the recovery effort are in vain.The other answers are incorrect because: A hot site is contracted for and available as needed is incorrect as this is not the MOST important option to review. A business continuity manual is available and current
34、 is also incorrect as without data to process , the presence of a manual is in vain. Insurance coverage is adequate and premiums are current is also incorrect as this is again not the MOST important factor to be considered in the business continuity audit.Source: Information Systems Audit and Contro
35、l Association, Certified Information Systems Auditor 2002 review manual, chapter 5: Disaster Recovery and Business Continuity (page 265).Last Modified - 18/09/07 - S G KrishnanComment: Without data to process, all other components of the recovery effort are in vain. Even in the absence of a plan, re
36、covery efforts of any type would not be practical without data to process.Contributor: Christian VezinaStudy area: CISSP CBK - BCP and DRPCovered topics (2): Backups and offsite storage, Elements of contingency planning This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights rese
37、rved. No unauthorized use or duplication without explicit written permission of author and of cccure.org.Question: 1152 | Difficulty: 1/5 | Relevancy: 3/3 All risks must be: Transferred Eliminated ?Identified Insured Details Submit a comment on this question Most importantly, all risks need to be pr
38、operly identified. Then risks can either be accepted, reduced to an acceptable level (with remaining residual risks), or transferred to a third party (through insurance coverage). All identified risks need not be eliminated because it is rarely possible and not cost effective.Source: SWANSON, Marian
39、ne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2008 (page 7).Thanks to Ariben Daniels for having worked on the Question.Contributor: Christian VezinaStudy areas: CISSP CBK - In
40、formation Security and Risk Management, CISSP CBK - BCP and DRPCovered topics (2): Risk assessment, Risk mitigation This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized use or duplication without explicit written permission of author and of cccure.org
41、.Question: 693 | Difficulty: 2/5 | Relevancy: 3/3 An offsite backup facility intended to operate an information processing facility, having NO computer or communications equipment, but having flooring, electrical writing, air conditioning, etc. is better known as a: Hot site Duplicate processing fac
42、ility ?Cold site Warm site Details Submit a comment on this question The correct answer is Cold Site as by definition the cold site does not have any of the needed equipment in advance on site.The other answers are incorrect because :Hot site is a facility that is leased or rented and is fully confi
43、gured and ready to operate within few hours.Duplicate processing facility is a dedicated , self-developed recovery site that can backup critical applications.Warm site is a leased or rented facility that is usually partially configured with some equipment but not all the actual computers necessary t
44、o resume processing. This would be the best choice for a company that has unique hardware requirement that not all companies would make use of.Reference : Shon Harris , AIO v3 , Chapter-9 : Business Continuity Planning , Page : 710-712Last Modified - 05/07/07 - S G KrishnanThanks to Yoan Bailliard f
45、or reporting a typo in this question. Thanks to Aaron Nichols for his feedback to improve the question. Contributor: Christian VezinaStudy area: CISSP CBK - BCP and DRPCovered topic: Alternate sites This question ? Copyright 20032009 Christian Vezina, cccure.org. All rights reserved. No unauthorized
46、 use or duplication without explicit written permission of author and of cccure.org.Question: 1624 | Difficulty: 2/5 | Relevancy: 3/3 Which of the following will a Business Impact Analysis NOT identify? Areas that would suffer the greatest financial or operational loss in the event of a disaster. Sy
47、stems critical to the survival of the enterprise. ?The names of individuals to be contacted during a disaster. The outage time that can be tolerated by the enterprise as a result of a disaster. Details Submit a comment on this question Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation. Available at http:/www.cccure.org.Contributor: Hal TiptonStudy area: CISSP CBK - BCP and DRPCovered topic: Business Impact Assessment (BIA) This question ? Copyright 20032009 Hal Tipton, cccure.org. All rights reser