The primary reason for classifying disasters as natural or man-made is:
To correctly determine their probable impact
To correctly determine their probability of occurrence
To classify different types of events to better understand them
To determine which contingency plans need to be carried out
For the purpose of business continuity and disaster recovery planning, the definition of a “disaster” is:
Any event that impairs the ability for an organization to continue operating
Any natural event that impairs the ability for an organization to continue operating
Any man-made event that impairs the ability for an organization to continue operating
Any event that impairs the ability for an organization’s IT systems to continue operating
The primary impact of a pandemic on an organization is:
Significant disruptions of public utilities
Significant disruptions of transportation systems
Large numbers of casualties that reduce the demand for services
Long periods of employee absenteeism that impact the organization’s ability to provide services
The activity that is concerned with the continuation of business operations is:
Emergency Response Procedures
Disaster Recovery Planning
Business Continuity Planning
Business Impact Analysis
The main reason that a DRP project should have executive support and approval is:
A DRP project is very expensive
A DRP project requires significant adjustments in the allocation of resources
A DRP project requires the redesign of all in-scope IT systems
A DRP project requires the redesign of all in-scope business processes
An organization is about to start its first disaster recovery planning project. The project manager is responsible for choosing project team members. Which staff members should be chosen for this project?
The project should use outsourced technical experts
The least experienced team members
The most experienced team members
The project should use outsourced disaster recovery planning experts
At the beginning of a disaster recovery planning project, the project team will be compiling a list of all of the organization’s most important business processes. This phase of the project is known as:
Risk Analysis
Business Process Analysis
Determination of maximum tolerable downtime (MTD)
In what sequence should a disaster recovery planning project be performed?
Business Impact Analysis, Maximum Tolerable Downtime, Recovery Point Objective, Recovery Time Objective, training, testing
Survey business processes, threat and risk analysis, develop recovery targets, criticality analysis
Project plan, risk assessment, statements of impact, criticality analysis, recovery targets, test recovery plans
Project plan, Business Impact Analysis, develop recovery plans, train personnel, test recovery plans
Benefits from disaster recovery and business continuity planning include all of the following EXCEPT:
Improved system resilience
Process improvements
Improved market advantage
Improved performance
The types of BCP and DRP tests are:
Document review, walkthrough, parallel test, cutover test
Document review, walkthrough, simulation, parallel test, cutover test
Document review, walkthrough, sanity test, parallel test, cutover test
Walkthrough, simulation, parallel test, cutover test, live test
The purpose of a cutover test is:
To determine the ability to perform live business transactions on production systems instead of on backup systems
To determine the ability for a recovery test to be interrupted
To determine the ability to perform live business transactions on production systems and backup systems at the same time
To determine the ability for the last minute substitution of a recovery team
The purpose of a parallel test is:
The greatest risk related to a cutover test is:
If backup servers do not function correctly, the test will fail
A cutover test tests only the live load and not the switchover
A cutover test tests only the switchover and not the live load
If backup servers do not function correctly, critical business processes may fail
A project team has just completed building the organization’s business continuity plan. Which of the following tests should be performed first?
Walkthrough
Simulation
Parallel test
Cutover test
An organization that is building a disaster recovery capability needs to re-engineer its application servers to meet new recovery requirements of 4 hour RPO and 24 hour RTO. Which of the following approaches will best meet this objective?
Active/Passive server cluster with replication
Tape backup and restore to a hot site
Tape backup and restore to a cold site
Server cluster with shared storage
The purpose of a server cluster includes all of the following EXCEPT:
Improve an application’s availability
Increase an application’s capacity
Increase an application’s data storage
Provide fault tolerance
The purpose of off-site media storage is:
To protect media from damage in the event of a disaster
To protect media from theft
To provide additional storage not available on-site
To meet regulatory requirements for media protection
An organization that is performing a disaster recovery planning project has determined that it needs to have on-site electric power available for as long as ten days, in the event of an electric utility failure. The best approach for this requirement is:
Uninterruptible power supply (UPS) and power distribution unit (PDU)
Electric generator
Uninterruptible power supply (UPS)
Uninterruptible power supply (UPS) and electric generator
The first priority for disaster response should be:
Backup media
Paper records
Personnel safety
Remote access
Which of the following would NOT be on a list of parties to notify in the event of a disaster-related emergency:
Civil authorities
Utilities
Shareholders
Customers
Why is disaster recovery-related training a vital component in a DRP project?
The plan will be able to be certified
Recovery is performed by outside organizations
The personnel who are most familiar with systems may be unavailable during a disaster
Personnel may be unfamiliar with recovery procedures
Why is it important to understand the cost of downtime of critical business processes?
Management will be able to make decisions about the cost of mitigating controls and contingency plans
Management will be able to determine which processes are the most critical
Management will be able to establish a training budget
Management will be able to compare recovery costs with those in similar organizations
The definition of Recovery Point Objective (RPO) is:
The location of the recovery site
The maximum amount of downtime
The method used to recover backup data
The maximum amount of data loss
The definition of Recovery Time Objective (RTO) is:
A DRP project team has determined that the RTO for a specific application shall be set to 180 minutes. Which option for a recovery system will best meet the application’s recovery needs?
Hot standby systems and tape recovery
Server clustering and data replication
Warm standby systems and tape recovery
Cold site and tape recovery
