Chapter Nine Test Review SYO
Download
Report
Transcript Chapter Nine Test Review SYO
CHAPTER NINE: PREPARING
FOR BUSINESS CONTINUITY
Dr. Melanie Wiscount, MTHS Computer Science & Networking Track
AN ORGANIZATION NEEDS TO IMPROVE FAULT TOLERANCE TO INCREASE DATA
AVAILABILITY. HOWEVER, THE ORGANIZATION HAS A LIMITED BUDGET. WHICH
OF THE FOLLOWING IS THE BEST CHOICE TO MEET THE ORGANIZATION’S
NEEDS?
• RAID
• Backup System
• Cluster
• UPS
YOUR ORGANIZATION HOSTS A WEB SITE WITH A BACK-END DATABASE SERVER.
DURING A RECENT POWER OUTAGE, THE SERVER CRASHED, RESULTING IN A
SIGNIFICANT AMOUNT OF LOST DATA. WHICH OF THE FOLLOWING CAN THE
ORGANIZATION BE IMPLEMENTING TO PREVENT THIS LOSS FROM OCCURRING AGAIN?
• Redundancy
• Disaster recovery procedures
• Warm site
• Higher RTO
A NETWORK ADMINISTRATOR CONFIGURED SEVERAL SERVERS TO WORK
TOGETHER TO INCREASE THE PROCESSING CAPABILITIES FOR A WEB
APPLICATION. WHAT DOES THE ADMINISTRATOR MOST LIKELY IMPLEMENT?
• Failover clustering
• RAID-6
• EMI shielding
• Load balancing
YOUR COMPANY’S WEB SITE EXPERIENCES A LARGE NUMBER OF CLIENT REQUESTS
DURING CERTAIN TIMES OF THE YEAR. WHICH OF THE FOLLOWING COULD YOUR
COMPANY ADD TO ENSURE THE WEB SITE’S AVAILABILITY DURING THESE TIMES?
• Fail-open cluster
• Certificates
• Web application firewall
• Load balancing
YOUR ORGANIZATION HOSTS A HIGH-VOLUME WEB SITE WHICH GENERATES A
SIGNIFICANT AMOUNT OF REVENUE. YOU ARE ASKED TO RECOMMEND A METHOD TO
INCREASE THE AVAILABILITY OF THIS WEB SITE. WHICH OF THE FOLLOWING CHOICES
IS THE BEST CHOICE?
• Load balancing
• Hot site
• WAF
• UTM
YOUR BACKUP POLICY FOR A DATABASE SERVER DICTATES THAT THE
AMOUNT OF TIME NEEDED TO PERFORM BACKUPS SHOULD BE MINIMIZED.
WHICH OF THE FOLLOWING BACKUP PLANS WOULD BEST MEET THIS NEED?
• Full backups on Sunday and full backups every other day of the
week
• Full backups on Sunday and differential backups every other day of
the week
• Full backups on Sunday and incremental backups every other day
of the week
• Differential backups on Sunday and incremental backups every
other day of the week
A BUSINESS CONTINUITY EXPERT IS CREATING A BIA. WHICH OF THE
FOLLOWING ELEMENTS IS MOST LIKELY TO BE OMITTED FROM THE BIA?
• List of critical systems and functions
• Recommended solutions
• Critical downtime limit
• Potential loss
AFTER A RECENT ATTACK CAUSING A DATA BREACH, AN EXECUTIVE IS ANALYZING THE
FINANCIAL LOSSES. SHE DETERMINED THAT THE ATTACK IS LIKELY TO COST AT LEAST
$1 MILLION. SHE WANTS TO ENSURE THAT THIS INFORMATION IS DOCUMENTED FOR
FUTURE PLANNING PURPOSES. WHERE IS SHE MOST LIKELY TO DOCUMENT IT?
• DRP
• BIA
• COOP
• RTO
YOU ARE HELPING IMPLEMENT YOUR COMPANY’S BUSINESS CONTINUITY PLAN. FOR
ONE SYSTEM, THE PLAN REQUIRES AN RTO OF FIVE HOURS AND AN RPO OF ONE DAY.
WHICH OF THE FOLLOWING WOULD MEET THIS REQUIREMENT?
• Ensure the system can be restored within five hours and ensure it does not
lose more than one day of data.
• Ensure the system can be restored within one day and ensure it does not
lose more than five hours of data.
• Ensure the system can be restored between five hours and one day after
an outage.
• Ensure the system can be restored within five hours and noncritical systems
can be restored within one day.
AN ORGANIZATION IS CONSIDERING AN ALTERNATE LOCATION AS PART OF
ITS BUSINESS CONTINUITY PLAN. IT WANTS TO IDENTIFY A SOLUTION WHICH
PROVIDES THE SHORTEST RECOVERY TIME. WHAT WILL IT CHOOSE?
• Cold site
• Warm site
• Hot site
• Succession site
YOUR ORGANIZATION IS WORKING ON ITS BUSINESS CONTINUITY PLAN. MANAGEMENT WANTS
TO ENSURE THAT DOCUMENTS PROVIDE DETAILED INFORMATION ON WHAT TECHNICIANS
SHOULD DO AFTER AN OUTAGE. SPECIFICALLY THEY WANT TO LIST THE SYSTEMS TO RESTORE
AND THE ORDER IN WHICH TO RESTORE THEM. WHAT DOCUMENT INCLUDES THIS INFORMATION?
• HVAC
• BIA
• DRP
• Succession plan
YOUR ORGANIZATION IS UPDATING ITS DISASTER RECOVERY DOCUMENTS. YOU’RE ASKED TO
REVIEW THE COMMUNICATION PLAN FOR POSSIBLE UPDATES. WHICH OF THE FOLLOWING
SHOULD YOU ENSURE IS INCLUDED IN THE COMMUNICATION PLAN?
• A list of test plans and procedures
• The succession plan
• Methods used to communicate with response team
members, employees, suppliers, and customers
• List of scenarios with potential loss statements
A BCP INCLUDES A CHART LISTING ROLES WITHIN THE ORGANIZATION ALONG WITH THEIR
MATCHING RESPONSIBILITIES DURING A DISASTER. IT ALSO INCLUDES A CHAIN OF COMMAND.
WHAT IS THE PURPOSE OF THIS CHART?
• IT contingency planning
• Succession planning
• COOP
• RTO
THE BCP COORDINATOR AT YOUR ORGANIZATION IS LEADING A MEETING ON-SITE WITH KEY
DISASTER RECOVERY PERSONNEL. THE PURPOSE OF THE MEETING IS TO PERFORM A TEST. WHAT
TYPE OF TEST IS THIS?
• Functional exercise
• Full-blown test
• Tabletop exercise
• Simulation to perform steps of a plan
PERSONNEL WITHIN YOUR ORGANIZATION TURNED OFF THE HR DATA SERVER FOR
OVER SIX HOURS TO PERFORM A TEST. WHICH OF THE FOLLOWING IS THE MOST
LIKELY PURPOSE OF THIS?
• BIA
• Succession planning
• Tabletop exercises
• COOP
HUMIDITY CONTROLS IN YOUR DATA CENTER ARE FAILING. YOU NEED TO CONVINCE
MANAGEMENT OF THE IMPORTANCE OF THESE CONTROLS. WHAT WOULD YOU TELL
THEM?
• Failing humidity controls can cause damage from EMI and
ESD.
• Failing humidity controls can cause damage from
temperature variations and EMI.
• Failing humidity controls can cause damage from
condensation and poor ventilation.
• Failing humidity controls can cause damage from ESD and
condensation.
YOUR ORGANIZATION IS EVALUATING REPLACEMENT HVAC SYSTEMS AND IS
CONSIDERING INCREASING CURRENT CAPACITIES. WHICH OF THE FOLLOWING IS A
POTENTIAL SECURITY BENEFIT OF INCREASING THE HVAC CAPABILITIES?
• Lower MTBF times of hardware components due to lower
temperatures.
• Higher MTBF times of hardware components due to lower
temperatures.
• Lower MTTR times of hardware components due to lower
temperatures.
• Higher MTTR times of hardware components due to lower
temperatures.
WITHOUT ADEQUATE PHYSICAL SECURITY CONTROLS, ATTACKERS CAN CAUSE SIGNIFICANT
DAMAGE TO SYSTEMS WITHIN A DATA CENTER. WHICH OF THE FOLLOWING COULD AN ATTACKER
MANIPULATE TO CAUSE EXTENSIVE PHYSICAL DAMAGE?
• Video surveillance systems
• Environmental controls
• Firewall ACLs
• IDS settings
AN ATTACKER WAS ABLE TO SNEAK INTO YOUR BUILDING BUT WAS UNABLE TO OPEN THE
SERVER ROOM DOOR. HE BASHED THE PROXIMITY BADGE READER WITH A PORTABLE FIRE
EXTINGUISHER AND THE DOOR OPENED. WHAT IS THE MOST LIKELY REASON THAT THE DOOR
OPENED?
• The access system was designed to fail-open.
• The access system was designed to fail-close.
• The access system was improperly installed.
• The portable fire extinguisher included a proximity badge.
WHICH OF THE FOLLOWING IS AN ENVIRONMENTAL CONTROL?
• EMI shielding
• Fencing
• Video surveillance
• Motion detection
IN THE EVENT OF A SERVER HARD DISK FAILURE, YOU HAVE BEEN ASKED TO
CONFIGURE SERVER HARD DISKS AS DEPICTED BELOW. WHAT TYPE OF DISK
CONFIGURATION IS THIS?
• RAID 0
• RAID 1
• RAID 5
• RAID 5+1
A TEAM LEADER ASSIGNS RON, A SERVER ADMINISTRATOR, THE TASK OF DETERMINING THE
BUSINESS AND FINANCIAL EFFECTS THAT A FAILED E-MAIL SERVER WOULD HAVE IF IT WAS
DOWN FOR TWO HOURS. WHAT TYPE OF ANALYSIS MUST RON PERFORM ?
• Critical systems and components identification
• Business impact analysis
• Security audit
• Risk assessment
AN URBAN LAW ENFORCEMENT AGENCY LEASES A NEW SPACE IN ANOTHER PART OF TOWN
COMPLETE WITH A FUNCTIONING COMPUTER NETWORK MIRRORING THE CURRENT LIVE SITE. A
HIGH-SPEED NETWORK LINK CONSTANTLY SYNCHRONIZES DATA BETWEEN THE TWO SITES. WHAT
TYPE OF SITE IS THE NEW LEASED LOCATION?
• Frost site
• Cold site
• Warm site
• Hot site
AN URBAN LAW ENFORCEMENT AGENCY LEASES A NEW SPACE IN ANOTHER PART OF TOWN
COMPLETE WITH A FUNCTIONING COMPUTER NETWORK MIRRORING THE CURRENT LIVE SITE.
DATA BACKUPS FROM THE PRIMARY SITE ARE COPIED TO THE NEW LEASED LOCATION EVERY
TWO DAYS. WHAT TYPE OF SITE IS THE NEW LEASED LOCATION?
• Frost site
• Cold site
• Warm site
• Hot site
TURTLE AIRLINES HAS HIRED YOU TO ENSURE ITS CUSTOMER RESERVATION SYSTEM
IS ALWAYS ONLINE. THE SOFTWARE RUNS AND STORES DATA LOCALLY ON THE LINUX
OPERATING SYSTEM. WHAT SHOULD YOU DO?
• Install two Linux servers in a cluster. Cluster the airline
software with its data being written to shared storage.
• Install a new Linux server. Ensure the airline software runs
from the first server. Schedule airline data to replicate to
the new Linux server nightly.
• Configure the Linus server with RAID 5.
• Configure the Linus server with RAID 1.
A BUSY CLUSTERED WEB SITE REGULARLY EXPERIENCES CONGESTED NETWORK
TRAFFIC. YOU MUST IMPROVE THE WEB SITE RESPONSE TIME. WHAT SHOULD YOU
IMPLEMENT?
• Ethernet switch
• Network load balancing
• Fibre Channel switch
• Proxy server
YOUR PRIMARY E-MAIL SERVER USES THREE HOT-SWAPPABLE HARD DISKS IN A RAID 5
CONFIGURATION. WHEN ONE DISK FAILS, YOU HAVE OTHER DISKS READILY AVAILABLE IN THE
SERVER ROOM THAT YOU SIMPLY PLUG IN WHILE THE SERVER IS STILL RUNNING. WHICH TERM
BEST DESCRIBES THIS SCENARIO?
• Disk clustering
• Hardware fault tolerance
• Disk striping
• Disk mirroring
YOU ARE THE NETWORK ADMINISTRATOR FOR A SMALL IT CONSULTING FIRM. ALL SERVERS ARE
LOCATED AT THE SINGLE SITE. AFTER TESTING THE DRP AND RECEIVING MANAGEMENT
APPROVAL, YOU E-MAIL A COPY TO ALL EMPLOYEES FOR THEIR REFERENCE IN THE EVENT OF A
DISASTER. IDENTIFY THE PROBLEM.
• The e-mail should have been encrypted.
• The e-mail should have been digitally signed.
• Only executives should have received the message.
• The mail server might not be available in the event of
a disaster.
YOUR SERVER BACKUP ROUTINE CONSISTS OF A FULL BACKUP EACH FRIDAY NIGHT
AND NIGHTLY BACKUP OF ALL DATA CHANGED SINCE FRIDAY’S BACKUP. WHAT TYPE
OF BACKUP SCHEDULE IS THIS?
• Full
• Full and incremental
• Full and differential
• Fully incremental
THE CHIEF SECURITY OFFICER AT A NATIONAL BANK CHAIN WILL BE RETIRING NEXT
YEAR AND AN IT SECURITY EMPLOYEE MUST BE GROOMED TO FILL THAT POSITION.
WHAT TERM ENCOMPASSES THIS PROCEDURE?
• Retirement
• Job rotation
• Succession planning
• Disaster recovery
YOU ARE A NETWORK ENGINEER FOR A LOS ANGELES LAW FIRM. AFTER THE 1989 EARTHQUAKE,
AN EMPHASIS ON CONTINUED BUSINESS OPERATION AFTER FUTURE EARTHQUAKES DOMINATED
THE LOS ANGELES BUSINESS COMMUNITY. WHAT TYPE OF PLAN FOCUSES ON ENSURING THAT
PERSONNEL, CUSTOMERS, AND THE IT SYSTEM ARE MINIMALLY AFFECTED AFTER A DISASTER?
• Risk management
• Fault tolerant
• Disaster recovery
• Business continuity
A SERVER IS CONFIGURED WITH THREE HARD DISKS AS THE FIGURE BELOW. WHAT
TYPE OF CONFIGURATION IS THIS?
• RAID 0
• RAID 1
• RAID 5
• RAID 5+1 (RAID 6)
WINDOWS SERVER 2012 BACKUPS ARE SCHEDULED AS FOLLOWS: FULL BACKUPS ON
SATURDAYS AT 3 A.M. AND INCREMENTAL BACKUPS WEEKNIGHTS AT 9 P.M. WRITE
VERIFICATION HAS BEEN ENABLED. BACKUP TAPES ARE STORED OFFSITE AT A THIRD-PARTY
LOCATION. WHAT SHOULD BE DONE TO ENSURE THE INTEGRITY AND CONFIDENTIALITY OF THE
BACKUPS? (CHOOSE TWO)
• Have a different person than the backup operator
analyze each day’s backup logs.
• Ensure the user performing the backup is a ember of
the Administrators group
• Encrypt the backup media.
• Use SSL to encrypt the backup media.
YOU ARE AN IT NETWORK ARCHITECT. YOUR FIRM HAS BEEN HIRED TO PERFORM A NETWORK
SECURITY AUDIT FOR ACME SHIPPING INC. ONE OF THE ACME’S WAREHOUSES HAS A SERVER
ROOM CONTAINING ONE WINDOWS SERVER AND TWO LINUX SERVERS. AFTER INTERVIEWING
THE SERVER ADMINISTRATORS, YOU LEARN THEY HAVE NO IDEA WHAT TO DO IF THE LINUX
SERVERS CEASE TO FUNCTION. WHAT IS NEEDED HERE?
• Disaster Recovery Plan
• Risk analysis
• Windows server
• Server clustering
WHICH ITEMS SHOULD BE CONSIDERED WHEN ENSURING HIGH AVAILABILITY FOR
AN E-COMMERCE WEB SITE? (CHOOSE TWO)
• Using TPM to encrypt server hard disks
• Using redundant Internet links
• Network load balancing
• Upgrading the server CMOS to the latest version
WHICH ITEMS SHOULD BE CONSIDERED WHEN CREATING A DISASTER RECOVERY
PLAN? (CHOOSE THREE)
• Determine which class of IP addresses are in use.
• Rank risks.
• Disable unused switch ports
• Assign recovery tasks to personnel
• Establish an alternate location to continue business
operations
AS PART OF YOUR DISASTER RECOVERY PLANNING, YOU CREATE A PRIORITIZED
LIST OF PROFESSIONALS WHO CAN BE CONTACTED IN THE EVENT OF A FLOOD. WHO
ARE THEY? (CHOOSE THREE)
• Property restoration specialist
• Document restoration specialist
• Server backup specialist
• Server restoration specialist
WHAT SHOULD BE USED TO MAKE INFORMED DECISIONS REGARDING YOUR
SPECIFIC DISASTER RECOVERY PLAN?
• DRP template freely downloaded from a web site
• ROI analysis
• TCO analysis
• Business impact analysis
IDENTIFY THE DISASTER RECOVERY PLAN ERRORS? (CHOOSE TWO)
• Perform a business impact analysis
• Base your DRP on a downloaded template
• Data backups are never tested; it costs the company
too much money
• Keep existing backup solutions in place even though
the software is two versions out-of-date
YOU ARE CREATING A DRP FOR A SMALL INDEPENDENT CARE DEALERSHIP. THERE ARE FOUR
EMPLOYEES WHO EACH USE DESKTOP COMPUTER; THERE ARE NO SERVERS. ALL COMPANY
DATA IS STORED ON THE FOUR COMPUTERS. A SINGLE HIGH-SPEED DSL LINKS IS SHARED BY
ALL USERS. WHAT ARE THE BEST DRP SOLUTIONS? (CHOOSE TWO)
• Store data with an online data storage service
• Ensure employees know exactly what to do in the
event of a disaster
• Purchase faster desktops
• Purchase a file server
MARK IS THE SERVER SPECIALIST FOR BIG GAME HUNTING, INC. WHILE INSTALLING
A NEW SERVER DATA HARD DISK, MARK SPILLS HIS CUP OF COFFEE ON THE OLD
SERVER DATA HARD DISK. WHAT SHOULD MARK DO?
• Cry
• Use a blow dryer to dry the hard disk
• Immerse the hard disk in warm water to remove the
coffee
• Place the hard disk in an air-sealed container
• Contact a network specialist
YOU ARE WORKING WITH MANAGEMENT TO JUSTIFY THE COST OF A WARM SITE
VERSUS A COLD SITE. WHAT FACTORS CAN HELP JUSTIFY THE COST OF A WARM
SITE? (CHOOSE TWO)
• Larger revenue loss during short downtime
• Small revenue loss during long downtime
• Customer contracts tolerating no more than 8 hours
downtime
• Customer contracts tolerating no more than 72 hours
downtime
YOUR SENIOR NETWORK ADMINISTRATOR HAS DECIDED THAT THE FIVE PHYSICAL SERVERS AT
YOUR LOCATION WILL BE VIRTUALIZED AND RUN ON A SINGLE PHYSICAL HOST. THE FIVE
VIRTUAL GUESTS WILL USE THE PHYSICAL HARD DISKS IN THE PHYSICAL HOST. THE PHYSICAL
HOST HAS THE HARD DISKS CONFIGURED WITH RAID 1. IDENTIFY THE FLAW IN THIS PLAN.
• The physical server should be using RAID 5
• The physical hard disks must not reside in the physical
host
• You cannot run five virtual machines on a physical
host simultaneously
• The physical host is a single point of failure
YOUR COMPANY IS VIRTUALIZING DNS, DHCP, WEB, AND E-MAIL SERVERS AT YOUR LOCATION.
EACH OF THE FOUR VIRTUAL MACHINES WILL BE SPREAD OUT ACROSS TWO PHYSICAL HOSTS.
VIRTUAL MACHINES ARE USING VIRTUAL HARD DISKS AND THESE FILES EXIST ON A SAN
(STORAGE AREA NETWORK). CHOOSE THE BEST VIRTUAL MACHINE BACKUP STRATEGY THAT
WILL ALLOW THE QUICKEST GRANULAR RESTORE.
• Back up the virtual machine hard disks at the SAN level
• Install a backup agent in each virtual machine and
perform backups normally
• Duplicate your SAN disk array so that backups are not
necessary
• All four virtual machines must run on the same physical
host to be backed up
WHAT SHOULD YOU DO WHEN STORING SERVER BACKUP TAPES OFFSITE?
• Encrypt backed-up data
• Generate file hashes for each backed-up file
• Place backup tapes in static shielding bags
• It is security violation to store backup tapes offsite
YOU ARE THE ADMINISTRATOR FOR A VIRTUAL WINDOWS 2012 SERVER RUNNING ACTIVE
DIRECTORY DOMAIN SERVICES (AD DS). ABNORMAL SERVER BEHAVIOR AND FINALLY A
SERVER FREEZE LEADS YOU TO BELIEVE THAT THE SERVER HAS A VIRUS INFECTION. WHAT
SHOULD YOU DO?
• Revert to an earlier virtual machine snapshot prior to
the virus infection
• Format the hard disk, reinstall the server, and restore
from tape
• Refer to your DRP
• Refer to your ARP
WHAT IS THE PURPOSE OF A DISASTER RECOVERY PLAN? (CHOOSE TWO.)
• To minimize economic loss
• To have a premeditated reaction to public relations
blunders
• To install confidence in shareholders
• To earn a high rate of return annually
WHICH OF THE FOLLOWING WOULD APPEAR ON A DRP?
• Prioritized list of critical computer systems
• Single points of failure
• Employee birth dates
• Dollar value associated with an hour of downtime
WHICH OF THE FOLLOWING WOULD APPEAR ON A DRP?
• Prioritized list of critical computer systems
• Single points of failure
• Employee birth dates
• Dollar value associated with an hour of downtime
• A school uniform policy
WHICH OF THE FOLLOWING REGARDING DISASTER RECOVERY ARE TRUE? (CHOOSE
TWO.)
• Once the plan is complete, it need never be revisited
• Once the plan is complete, it must have
management approval
• The plan is never complete; it must evolve with the
business
• The plan should only include IT systems
GOOD LUCK ON THE TEST!