BUSA 462 Final – Flashcards
Unlock all answers in this set
Unlock answersquestion
Any disaster, whether large or small, will have a ___________ effect through the entire organization. A. controlled B. known C. positive D. ripple
answer
Answer Key: D Ripple
question
Business Continuity Planning is interested in ____________ disasters if possible A. avoiding B. recognizing C. reacting to D. planning
answer
Answer Key: A Avoiding
question
Customers and clients will have ______ in the outcome of the disaster recovery. A. an important role B. a direct interest C. no interest D. no effect
answer
Answer Key: B A direct interest
question
Disaster recovery is ___________ an information technology problem A. Mostly B. only C. not just D. not
answer
Answer Key: C Not just
question
Disaster recovery typically looks at the ___________. A. long run B. continuation of the business C. overall business plan D. short term
answer
Answer Key: D Short term
question
On a business level, disasters are often thought of as _________ occurrences that affect the business or organization, or those occurrences on a grand scale that disrupt the business's ability to function. A. catastrophic B. natural C. minimal D. IT
answer
Answer Key: A Catastrophic
question
On whose web site can you find itemized lists, by state and counties within a state, of the declared disasters on a yearly basis? A. CIA B. FEMA C. FBI D. IRS
answer
Answer Key: B FEMA
question
The disaster recovery team will be made up of many different people in the ______ who have a stake in the outcome of recovering from a disaster: A. Organization B. Government C. Community D. Customer pool
answer
Answer Key: A Organization
question
What is a disaster? A. The ability of a company to recover from a catastrophe and get back to business as usual B. Any event or occurrence that can have a detrimental effect on an organization either in whole or in part C. Any event or occurrence that can have a lasting effect on an organization either in whole or in part D. all of the above
answer
Answer Key: B Any event or occurrence that can have a detrimental effect on an organization either in whole or in part
question
What is one of the leading causes of system loss seen by organizations? A. Lack of a sprinkler system B. Lack of security in a computer system C. Lack of a tornado shelter D. Lack of qualified employees
answer
Answer Key: B Lack of security in a computer system
question
Which of the following is an example of a lack of computer security? A. Chemical spill B. Employee death C. Spam D. Air conditioning failure
answer
Answer Key: C Spam
question
Which of the following is an example of a technological breakdown? A. Chemical spill B. Employee death C. Spam D. Air conditioning failure
answer
Answer Key: D Air conditioning failure
question
Which of the following must be included in the disaster recovery plan? A. Business functions B. Critical support functions C. Corporate-level support functions D. all of the above
answer
Answer Key: D all of the above
question
Which of the following should be protected in your disaster recovery plan? A. Ability to increase sales B. Ability to continue day-to-day operations C. Ability to hold down business expenses D. Ability to hire qualified people
answer
Answer Key: B Ability to continue day-to-day operations
question
Which of the following ties up valuable computer resources with no added value to the company? A. E-mail B. Internet C. Spam D. Junk mail
answer
Answer Key: C Spam
question
A well-written disaster recovery plan, including well-written desk instructions, will come as a result of the _____________ process A. Recovery B. Backup C. Planning and testing D. Disaster
answer
Answer Key: C Planning and testing
question
A(n) __________ of the existing infrastructure is the first step in the assessing risk A. diagram B. comprehensive list C. audit D. tour
answer
Answer Key: C audit
question
Creating a _________ may be one of the most difficult tasks that will fall to the disaster recovery team leader. A. need for the plan B. diverse team C. qualified team D. team spirit
answer
Answer Key: D team spirit
question
The disaster recovery team will _________ the disaster recovery planning team A. always be the same as B. not be the same as C. not be a informed as D. oversee
answer
Answer Key: B not be the same as
question
When is the best time to secure dedicated backup servers, networks, and either hotsites or redundant and independent sites? A. As soon as possible after a disater is declared B. Prior to any disaster C. Prior to establishing the disaster recovery planning team D. Once "business as usual" is established aftera disaster is declared
answer
Answer Key: B Prior to any disaster
question
Which disaster recovery sub-team must often be outsourced A. Communications Team B. Damage Assessment Team C. Software Team D. Departmental Recovery Team
answer
Answer Key: B Damage Assessment Team
question
Which of the following are external team members that may need to be involved in a disaster recovery plan? A. Police B. Red Cross C. Cleaning service providers D. All of the above
answer
Answer Key: D All of the above
question
Which of the following ensures that communication will be timely and efficient? A. Notification directory B. Backup computers C. Logistics support team D. Facilities support team
answer
Answer Key: A Notification directory
question
Which of the following is part of the disaster recovery plan? A. Assess the extent of damage B. Assign individuals to test the disaster recovery plan C. Recover data from backups D. All of the above
answer
Answer Key: B Assign individuals to test the disaster
question
Which of the following may request a company to develop a disaster recovery plan? A. Insurance company B. Government agency C. Clients D. All of the above
answer
Answer Key: D All of the above
question
Which sub-team of the disaster recovery team will provide information on exactly which systems are on the critical path? A. Departmental Recovery Team B. Business Recovery Team C. Damage Assessment Team D. Administrative Support Team
answer
Answer Key: B Business Recovery Team
question
Which two disaster recovery sub-teams are likely to be manned by the same people? A. Facilities Support Team/Damage assessment team B. Departmental Recovery Team/Business Recovery Team C. Logistics Support Team/Facilities Support Team D. Computer Backup Team/Computer Recovery Team
answer
Answer Key: D Computer Backup Team/Computer Recovery Team
question
Who recovers the hardware and the software installations and the data in the computer system? A. Departmental Recovery Team B. Computer Backup Team C. Off-site Storage Team D. Computer Recovery Team
answer
Answer Key: D Computer Recovery Team
question
Who should be on the disaster recovery planning team? A. The same people who will go to disaster recovery drills B. The same people involved in the actual recovery effort should a disaster be declared C. People who have a fundamental understanding of what it takes to get back to business as usual D. The board of directors
answer
Answer Key: C People who have a fundamental understanding of what it takes to get back to business as usual
question
Who will be responsible for creating the disaster recovery plan and will likely be responsible for testing it and keeping up with its ongoing maintenance A. The disaster recovery team B. Upper management C. The disaster recovery planning team D. The insurance company
answer
Answer Key: C The disaster recovery planning team
question
A(n) _________ is the chance that someone or something could be harmed by a hazard... A. Recovery plan B. Assessment C. Risk D. Disaster
answer
Answer Key: C Risk
question
Each business process contributes to the operation of the enterprise, but there are some without which the enterprise cannot carry out the others. What are these called? A. Disaster recovery processes B. Mission-critical processes C. Risk management processes D. Risk assessment processes
answer
Answer Key: B Mission-critical processes
question
Each __________ needs a plan and a measured response spelled put in the disaster recovery plan. A. assessment B. recovery C. threat D. plan
answer
Answer Key: C threat
question
How is asset-based risk assessment different from disaster-based risk assessment? A. You assess all assets, rather than hazards B. You assess all hazards, rather than assets C. You assess all risks, rather than assets D. You assess all assets, rather than risks
answer
Answer Key: A You assess all assets, rather than hazards
question
In the disaster recovery plan, each response should detail the use of resources and assign only those resources needed to _________ the problem. A. assess B. quantify C. delegate D. fix
answer
Answer Key: D fix
question
In today's world, the possibility of attack by outside agencies has ________ dramatically. A. been exaggerated B. been downplayed C. decreased D. increased
answer
Answer Key: D increased
question
It is important to ___________ for preventative measures and the recovery from any disaster situation. A. set priorities B. allow C. compete D. look
answer
Answer Key: A set priorities
question
One of the first considerations in the business impact analysis is the _________. A. assets that are vulnerable B. service-level agreements that the organization must meet C. risks D. hazards
answer
Answer Key: B service-level agreements that the organization must meet
question
The assessment of various levels of risk cannot be compared to each other unless the methods used to assess them are __________. A. the same B. diverse C. simplified D. detailed
answer
Answer Key: A the same
question
The best disaster is the one you don't have to __________. A. plan for B. avoid C. recovery from D. assess
answer
Answer Key: C recovery from
question
The possibility of harm or loss from any given disaster is different depending on the ________. A. organization B. situation C. severity of the disaster D. all of the above
answer
Answer Key: D all of the above
question
What is the primary goal of a risk assessment? A. Recovering from a disaster B. Mitigating loss of productivity C. Developing a disaster recovery plan D. Developing a business continuity plan
answer
Answer Key: B Mitigating loss of productivity
question
Which assets must be considered when using asset-based risk assessment? A. all intangible assets B. all tangible assets C. all assets D. those assets valued at more than a determined threshold
answer
Answer Key: C all assets
question
Which of the following is among the most difficult to recover? A. Microfilm B. Paper C. Computer disks D. Hard drives
answer
Answer Key: B Paper
question
Why must a disaster plan be continually revisited and updated? A. threats change B. assets change C. processes and abilities within the organization change D. all of the above
answer
Answer Key: D all of the above
question
Why must backups be tested? A. Without knowing that they can be recovered, backups are useless B. To determine the cost if they are needed during a disaster recovery C. To determne if they are needed D. All of the above
answer
Answer Key: A Without knowing that they can be recovered, backups are useless
question
Conducting a(n) _____ of the disaster recovery documentation for accuracy should be a standard practice for the organization. A. weekly audit B. daily check C. annual review D. restructuring
answer
Answer Key: C annual review
question
It is a(n) _____ step in the disaster planning process to gather information on all of the company's assets. A. vital last B. vital early C. unnecessary D. low priority
answer
Answer Key: B vital early
question
It is critical to include those areas that either generate revenue for the organizatioin or process revenue for it in _________. A. tier 1 systems B. tier 2 systems C. tier 3 systems D. tier 4 systems
answer
Answer Key: A tier 1 systems
question
One function that is often overlooked during recovery is _____. A. payroll B. disaster assessment C. accounts receivable D. backup
answer
Answer Key: D backup
question
The difference between a situation that may simply be an inconvenience and one that is an actual disaster often depends on _________. A. the severity of the situation B. the point of view of those affected C. the point of view of those responsible for declaring the disaster D. All of the above
answer
Answer Key: D All of the above
question
Unfortunately, hardware tracking still requires some _______ effort on the part of the organization regardless of which method an organization chooses to track the assets. A. manual B. electronic C. minor D. expensive
answer
Answer Key: A manual
question
What is as important as generating an organization's assets? A. accounting for an organization's assets B. evaluating an organization's assets C. inventorying an organization's assets D. protecting an organization's assets
answer
Answer Key: D protecting an organization's assets
question
What provides a simple mechanism for determining what hardware is located in what location? A. taking a physical inventory monthly B. Taking a physical inventory weekly C. Bar coding all assests and scanning into an inventory system D. Tagging all assets and keeping a written log of their locations
answer
Answer Key: C Bar coding all assests and scanning into an inventory system
question
What will become the source of information for many different systems? A. tier 1 systems B. disaster recovery document C. asset tracking software D. all of the above
answer
Answer Key: B disaster recovery document
question
What will likely result in some tier 2 and tier 3 systems moving from one tier to the other? A. Prioritizing disaster recovery B. Identifying functions and processes C. Dependency analysis D. Identifying critical assets
answer
Answer Key: C Dependency analysis
question
Which category does the payroll system likely fall into? A. tier 1 systems B. tier 2 systems C. tier 3 systems D. tier 4 systems
answer
Answer Key: B tier 2 systems
question
Which external processes and functions need to be identified and accounted for in the eventuality that the disaster recovery plan needs to be implemented? A. Phone systems or broadband connections B. Fire department C. Police department D. All of the above
answer
Answer Key: A Phone systems or broadband connections
question
Who helps you determine what will go into each tier, or what might not go into any tier at all? A. The disaster recovery planning team B. FEMA C. Asset tracking software team D. Subject matter experts
answer
Answer Key: D Subject matter experts
question
A disaster recovery site is a(n) _________ location so that you can keep from having the business close while the long-term solution can be accomplished. A. permanent B. new C. expanded D. stop gap
answer
Answer Key: D stop gap
question
Any agreement should, as a part of the services provided, allow your organization to _________ your disaster recovery plan. A. test B. develop C. monitor D. All of the above
answer
Answer Key: A test
question
Data that must be retained for legal reasons is considered ________ data. A. sensitive B. vital C. critical D. noncritical
answer
Answer Key: C critical
question
One of the most _________ things in a disaster recovery plan and in the selection of the disaster recovery site location selection is the ability to acquire office supplies. A. overworked B. overlooked C. obvious D. confusing
answer
Answer Key: B overlooked
question
Reciprocal agreements are often a viable and useful alternative to a _______ recovery site A. hot B. warm C. cold D. All of the above
answer
Answer Key: B warm
question
The restore time is _______ for tape than for disk-stored recovery A. shorter B. longer C. safer D. more risky
answer
Answer Key: B longer
question
What information do organizations forget to bring to the disaster recovery site? A. software licenses B. software C. hardware D. backups
answer
Answer Key: A software licenses
question
What is an advantage to using on site climate-controlled, fireproof, waterproof, and even tornado-proof safes? A. Lessens the risk of the tapes being damaged in a disaster B. Allows for rapid access by the organization when necessary C. Guarantees the chain of custody and minimizes the points of access to the data D. All of the above
answer
Answer Key: D All of the above
question
Which of the following allows the people involved to be as productive as possible while at a remote recovery site? A. Available office supplies B. Postal services C. Recreational facilities D. All of the above
answer
Answer Key: D All of the above
question
Which of the following governmental regulations deals with health and insurance information privacy protection for individuals? A. Gramm-Leach-Bliley Act B. Sarbanes-Oxley Act C. HIPAA D. All of the above
answer
Answer Key: C HIPAA
question
Which of the following is an appropriate method for backing up your data? A. online B. hard disk C. tape D. All of the above
answer
Answer Key: D All of the above
question
Which of the following is more likely to be overlooked by the disaster recovery planning team? A. hardware B. data C. software D. backups
answer
Answer Key: C software
question
Which of the following provides the fastest backup scenario? A. Full backups B. Incremental backups C. Differential backups D. Mirror backups
answer
Answer Key: B Incremental backups
question
Why is it important to have the availability of more than one recovery location? A. A single disaster may effect more than one location B. Different disasters may happen in different locations at the same time C. More than one location can mean that you have choices in the event of a declared disaster D. All of the above
answer
Answer Key: D All of the above
question
How should disaster recovery drills be executed? A. They should be scheduled on a regular basis and everyone involved should be notified of the dates. B. If the disaster recovery plan is complete and up-to-date drills are not needed C. They should start with a phone call in the middle of the night to all relevant individuals or a surprise announcement during working hours D. They should be scheduled on an irregular basis, but everyone invloved should have at least a weeks notice to ensure that everyone will be available
answer
Answer Key: C They should start with a phone call in the middle of the night to all relevant individuals or a surprise announcement during working hours
question
In the case of the recovery document, what is a recovery scenario? A. the instructions on how to recover B. the different kinds of ways that the organization may be called upon to recover C. the written plan needed in case of a disaster D. the backup site needed in case of a disaster
answer
Answer Key: B the different kinds of ways that the organization may be called upon to recover
question
Small businesses are more apt to use which type of backup? A. full backups B. incremental backups C. split-mirror backups D. none of the above
answer
Answer Key: A full backups
question
What is an emergency operations center? A. the backup recovery site where computer systems are restored B. the site that the local emergency agencies have set up to aid victims of a natural disaster C. a central location where information on the current status of the organization during the emergency recovery is available D. the location where the disaster recovery plan is developed
answer
Answer Key: C a central location where information on the current status of the organization during the emergency recovery is available
question
What is one of the first things to be done after a recovery or drill? A. Have everyone that was involved sit down and debrief B. Decide who is at fault for any failures in the system C. Notify the disaster recovery team that a disaster has taken place D. All of the above
answer
Answer Key: A Have everyone that was involved sit down and debrief
question
What is the most important thing that the disaster recovery team leader needs to do once a disaster is declared? A. to define and assign roles and responsibilities as the players arrive at the recovery site B. plan for the disaster C. make sure all software licensing agreements are in place D. all of the above
answer
Answer Key: A to define and assign roles and responsibilities as the players arrive at the recovery site
question
What is the role of the owner of the disaster recovery document? A. ultimately responsible for the maintenance of the document B. oversees the changes and change control C. see to it that all pieces of the document are kept in sync D. all of the above
answer
Answer Key: D all of the above
question
Which backup allows very large amounts of data to be backed up in a matter of seconds or just a few minutes? A. full backups B. incremential backups C. split-mirror backups D. none of the above
answer
Answer Key: C split-mirror backups
question
Which backups are particularly good for organizations that have a significent amount of data, much of which remains unchanged? A. full backups B. incremential backups C. split-mirror backups D. none of the above
answer
Answer Key: B incremential backups
question
Which of the following is an example of an upstream relationship? A. clients B. suppliers C. competitors D. all of the above
answer
Answer Key: B suppliers
question
Which of the following is considered a support tool in disaster recovery? A. contact information for computer vendors B. completed questionnaires verifying that the vendors are planning for their own disaster recovery C. list of customers D. contact information for upper management
answer
Answer Key: B completed questionnaires verifying that the vendors are planning for their own disaster recovery
question
Which of the following should be included in the list of contacts in a disaster recovery plan? A. computer vendor B. emergency services C. customers D. all of the above
answer
Answer Key: D all of the above
question
Which of the following should be kept in mind when considering software licensing agreements in disaster recovery planning? A. Staying supportable in the releases that you have running on your systems is a good idea. B. Make sure that your software is licensed to run on your disaster recovery hardware C. It is important that you maintain not only the name and contact information of your vendors but licensing information as well D. All of the above
answer
Answer Key: D All of the above
question
How are gaps in a recovery plan typically found? A. During a declared disaster B. Observing how other businesses react to a disaster C. In the cycle of planning, backing up, testing recovery, and restarting the cycle D. All of the above
answer
Answer Key: D All of the above
question
In the ideal situation, who should be able to work on the recovery team? A. Employees will trained in disaster recovery B. The employees most familiar with the system being restored C. Anyone that is available to be drafted into the position D. Outside personnel contracted for this purpose
answer
Answer Key: C Anyone that is available to be drafted into the position
question
One risk associated with disaster recovery is _________. A. employees are likely to be more mindful of security precautions if they are different than those at the primary work location B. employees will realize that longer than usual work hours, and altered work schedules, will likely be the case C. employees can become less cautious than they may be in other situations, more aggressive, and pay less attention to detail than might be prudent D. all of the above
answer
Answer Key: C employees can become less cautious than they may be in other situations, more aggressive, and pay less attention to detail than might be prudent
question
What is often left out of support contracts related to the recovery site? A. The SLAs B. The eventuality of a second disaster occuring at the recovery site C. The cost of using the recovery site D. The frequency of disaster drills
answer
Answer Key: B The eventuality of a second disaster occuring at the recovery site
question
What is the best way to handle SLAs if a secondary emergency occurs during an emergency situation? A. The SLAs are made null and void B. SLAs should be written such that this secondary situation causes the clock to be reset. C. It is unavoidable that the SLAs will be violated D. Try to renegotiate the SLA when the second disaster is declared.
answer
Answer Key: B SLAs should be written such that this secondary situation causes the clock to be reset.
question
What is the first area where gaps in the recovery plan are identified? A. Testing B. Backups C. Planning D. Recovery
answer
Answer Key: B Backups
question
Where should you keep disaster recovery documents? A. In a safety deposit box in another city B. With every set of backups that the organization maintains for the eventuality of a disaster recovery C. With the organization under contract D. All of the above
answer
Answer Key: B With every set of backups that the organization maintains for the eventuality of a disaster recovery
question
Which of the following can put an organization at risk? A. Backups are put in place and are taken routinely B. Security measures are put in place and followed C. SLAs are in place D. Shortcuts are taken
answer
Answer Key: D Shortcuts are taken
question
Which of the following is a disaster recovery risk? A. Everyone is in an unfamiliar location B. People are likely to be less mindful of security precautions if they are different than those at the primary work location C. The recovery will be performed on different systems than everyone is used to dealing with D. All of the above
answer
Answer Key: D All of the above
question
Which of the following is the best test scenario? A. The recovery team is notified one week in advance of a disaster drill B. The recovery team is not sure if the situation is a drill or an actual disaster C. The recovery team is awakened in the middle of the night to initiate a disaster drill D. The recovery team knows the dates of disaster drills which are scheduled twice a year.
answer
Answer Key: B The recovery team is not sure if the situation is a drill or an actual disaster
question
Who should be put in charge of maintaining backups? A. Someone in IT B. Someone in Auditing C. Someone in Quality Control D. Any of the above
answer
Answer Key: A Someone in IT
question
Your SLAs should limit the number of nested disasters to _________. A. 2 B. 5 C. 10 D. No limit
answer
Answer Key: D No limit
question
A well-tuned and repeatable test plan needs to be _________. A. written B. organized C. acquired D. memorized
answer
Answer Key: A written
question
Accurate changes reflecting changes in ________ or changes in assets and processes need to be made to the disaster recovery plan. A. needs B. personnel C. customers D. vendors
answer
Answer Key: A needs
question
After recovery procedures and criteria have been completed a structured ______ test should be performed. A. full interruption B. simulation C. walk-through D. parallel
answer
Answer Key: C walk-through
question
By testing the recovery plan you can determine the feasibility and compatibility of _____ facilities and procedures A. primary B. backup C. intermediate D. corporate
answer
Answer Key: B backup
question
How often should the disaster recovery team have scheduled meetings? A. weekly B. monthly C. semiannually D. annually
answer
Answer Key: B monthly
question
How often, at a minimum, should the disaster recovery plan be reviewed? A. weekly B. monthly C. semiannually D. annually
answer
Answer Key: D annually
question
It is vital to the organization and the success of the disaster recovery plan that the plan be thoroughly tested on a(n) _________ basis. A. weekly B. monthly C. annual D. bi-annual
answer
Answer Key: C annual
question
Realistic _____ should be assigned to each step of the plan. A. backups B. software C. stakeholders D. time limits
answer
Answer Key: D time limits
question
The least intrusive sections of the plan can be tested _____ hours. A. after business B. during normal business C. during peak business D. during offline
answer
Answer Key: B during normal business
question
The _________ will provide the organization with the assurance that all necessary steps are included in the disaster recovery plan. A. planning stage B. test C. actual disaster recovery D. backups
answer
Answer Key: B test
question
What is a benefit of written testing scenarios? A. remembering to test the special processing situations B. the need to rely on people's memory C. functional units will be thrilled with the prospect of creating the scenarios D. all of the above
answer
Answer Key: A remembering to test the special processing situations
question
What is the main reason organizations give for not testing the recovery plan? A. it is a drain on time and resources B. they have confidence in the plan C. it provides motivation for maintaining and updating the recovery plan D. it may reveal gaps in the plan
answer
Answer Key: A it is a drain on time and resources
question
Whether the recovery in question is a recovery test or a declared disaster, it is critical that ________ be invloved at every step. A. all stakeholders B. management C. customers D. vendors
answer
Answer Key: B management
question
Which of the following is a reason for testing the disaster recovery plan? A. determine the feasibility and compatibility of backup facilities and procedures B. identify areas of the plan that need modification C. provide training to the team managers and team members on how to recover the organization from a disaster D. all of the above
answer
Answer Key: D all of the above
question
Which of the following is defined as a "formal process used to ensure a product, service, or process is only modified in line with the identified necessary change?" A. change control B. change document C. risk control D. risk document
answer
Answer Key: A change control
question
With change control in place, changes usually have to pass through _______. A. the disaster recovery team B. upper management C. the change control board D. IT
answer
Answer Key: C the change control board
question
It is important that the meetings conducted after a test not become a place to judge either processes or people but to _________. A. determine success or failure B. develop a test plan C. determine what needs to be backed up D. find facts
answer
Answer Key: D find facts
question
It may even be to an organization's benefit to schedule at least _______ dedicated to finding all the places where the system can be broken. A. one recovery meeting that is B. two recovery meetings that are C. one test cycle that is D. two test cycles that are
answer
Answer Key: C one test cycle that is
question
Once you discover a threat at the recovery site which of the following is important to analyze? A. Exploitable B. Reproducible C. Users/Systems Affected D. Discoverable
answer
Answer Key: B Reproducible
question
What can be learned from a failed recovery test? A. the time necessary for a full recovery B. the list of possible disasters C. the existence of forgotten applications that were not backed up D. all of the above
answer
Answer Key: C the existence of forgotten applications that were not backed up
question
What is the next vital step after a recovey test? A. Decide where to place blame on the things that went wrong B. Meet as a team and discuss lessons learned C. Determine the order in which backups need to be restored D. All of the above
answer
Answer Key: B Meet as a team and discuss lessons learned
question
What type of threat occurs when a Web page is faked to look exactly like a legitimate company's Web page? A. Repudiation B. Denial of service C. Tampering D. Spoofing
answer
Answer Key: D Spoofing
question
What usually follows the fact-finding meetings which follow a recovery, whether drill or real? A. changes to the recovery plan B. a completely new recovery plan C. blame for failure is assigned as needed D. a walk-through test
answer
Answer Key: A changes to the recovery plan
question
Which of the following is a diagram showing a hierarchy of threats or vulnerabilities? A. Threat tree B. Spoofing C. Denial of service D. Repudiation
answer
Answer Key: A Threat tree
question
Which of the following is a tool that not only exposes threats to an organization, but points out strengths as well? A. Denial of service B. SWOT analysis C. Threat tree D. Repudiation
answer
Answer Key: B SWOT analysis
question
Which of the SWOT terms point out places where an organization might have core competencies or a competitive edge over the competition? A. Strengths B. Weaknesses C. Opportunities D. Threats
answer
Answer Key: A Strengths
question
Which threat analysis involves the use of backdoors? A. Discoverable B. User/Systems affected C. Exploitable D. Reproducible
answer
Answer Key: A Discoverable
question
______ occurs when the spoofer sets up a redirection of a domain name from its intended IP address destination to an alternative destination in order to gain access to sensitive information. A. Spoofing B. Pharming C. Tampering D. Repudiation
answer
Answer Key: B Pharming