Scribd Logo
Importer

Bienvenue sur Scribd !

  • Quiz and Answer 12

    Transféré par

    Aditya Mishra
    7 vues2 pages
    Quiz and Answer 12

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Quiz and Answer 12

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    7 vues2 pages

    Quiz and Answer 12

    Transféré par

    Aditya Mishra
    Quiz and Answer 12

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 2

    5/1/2017 techbus.safaribooksonline.com/print?

    xmlid=9781118105948%2Fscenariobased_questions_answer0025

    Username:AdityaMishraBook:CISSPPractice:2,250Questions,Answers,andExplanationsforPassingtheTest.Nopartofanychapterorbookmaybe
    reproducedortransmittedinanyformbyanymeanswithoutthepriorwrittenpermissionforreprintsandexcerptsfromthepublisherofthebookorchapter.
    RedistributionorotherusethatviolatesthefairuseprivilegeunderU.S.copyrightlaws(see17USC107)orthatotherwiseviolatestheseTermsofServiceis
    strictlyprohibited.ViolatorswillbeprosecutedtothefullextentofU.S.FederalandMassachusettslaws.

    SCENARIOBASEDQUESTIONS,ANSWERS,ANDEXPLANATIONS
    Usethefollowinginformationtoanswerquestions1through7.
    TheGKMCompanyhasjustcompletedthebusinessimpactanalysis(BIA)foritsdataprocessingfacilities.Thecontinuityplanningteamfoundintheriskanalysisthatthereis
    asinglepointoffailureinthatbackuptapesfromoffsitelocationsarecontrolledbyanindividualwhoworksforthevendor.Thecontractforthevendordoesnotexpirefor3
    years.

    1.Whichofthefollowingusesbothqualitativeandquantitativetools?

    a.Anecdotalanalysis

    b.Businessimpactanalysis

    c.Descriptiveanalysis

    d.Narrativeanalysis

    1.b.ThepurposeofBIAistoidentifycriticalfunctions,resources,andvitalrecordsnecessaryforanorganizationtocontinueitscriticalfunctions.Inthisprocess,the
    BIA uses both quantitative and qualitative tools. The other three choices are incorrect because they are examples that use qualitative tools. Anecdotal records
    constituteadescriptionornarrativeofaspecificsituationorcondition.

    2.Withrespecttobusinesscontinuityplanning/disasterrecoveryplanning(BCP/DRP),riskanalysisispartofwhichofthefollowing?

    a.Costbenefitanalysis

    b.Businessimpactanalysis

    c.Backupanalysis

    d.Recoveryanalysis

    2.b. The risk analysis is usually part of the business impact analysis (BIA). It estimates both the functional and financial impact of a risk occurrence to the
    organizationandidentifiesthecoststoreducetheriskstoanacceptablelevelthroughtheestablishmentofeffectivecontrols.Costbenefitanalysis,backupanalysis,
    andrecoveryanalysisarepartoftheBIA.

    3.WithrespecttoBCP/DRP,theBIAidentifieswhichofthefollowing?

    a.Threatsandrisks

    b.Costsandimpacts

    c.Exposuresandfunctions

    d.Eventsandoperations

    3.a.BIAistheprocessofidentifyinganorganization'sexposuretothesuddenlossofselectedbusinessfunctionsand/orthesupportingresources(threats)and
    analyzingthepotentialdisruptiveimpactofthoseexposures(risks)onkeybusinessfunctionsandcriticalbusinessoperations.TheBIAusuallyestablishesacost
    (impact)associatedwiththedisruptionlastingvaryinglengthsoftime.

    4.Thebusinessimpactanalysis(BIA)shouldcriticallyexaminethebusinessprocessesandwhichofthefollowing?

    a.Composition

    b.Priorities

    c.Dependencies

    d.Servicelevels

    4.c.Thebusinessimpactanalysis(BIA)examinesbusinessprocessescompositionandpriorities,businessoroperatingcycles,servicelevels,and,mostimportant,the
    businessprocessdependencyonmissioncriticalinformationsystems.

    5.Themajorthreatsthatadisasterrecoveryandcontingencyplanshouldaddressincludewhichofthefollowing?

    a.Physicalthreats,softwarethreats,andenvironmentalthreats

    b.Physicalthreatsandenvironmentalthreats

    c.Softwarethreatsandenvironmentalthreats

    http://techbus.safaribooksonline.com/print?xmlid=9781118105948%2Fscenariobased_questions_answer0025 1/2
    5/1/2017 techbus.safaribooksonline.com/print?xmlid=9781118105948%2Fscenariobased_questions_answer0025
    d.Hardwarethreatsandlogicalthreats

    5. b. Physical and environmental controls help prevent contingencies. Although many of the other controls, such as logical access controls, also prevent
    contingencies,themajorthreatsthatacontingencyplanaddressesarephysicalandenvironmentalthreats,suchasfires,lossofpower,plumbingbreaks,ornatural
    disasters.Logicalaccesscontrolscanaddressboththesoftwareandhardwarethreats.

    6.Risksintheuseofcellularradioandtelephonenetworksduringadisasterincludewhichofthefollowing?

    a.Securityandswitchingoffice

    b.Securityandredundancy

    c.Redundancyandbackuppowersystems

    d.Backuppowersystemsandswitchingoffice

    6.a.Theairwavesarenotsecure,andamobiletelephoneswitchingofficecanbelostduringadisaster.Thecellularcompanymayneedadiverseroutefromthecell
    sitetoanothermobileswitchingoffice.

    7.Contingencyplanningintegratestheresultsofwhichofthefollowing?

    a.Businesscontinuityplan

    b.Businessimpactanalysis

    c.Corebusinessprocesses

    d.Infrastructuralservices

    7.b.Contingencyplanningintegratesandactsontheresultsofthebusinessimpactanalysis.Theoutputofthisprocessisabusinesscontinuityplanconsistingofa
    setofcontingencyplanswithasingleplanforeachcorebusinessprocessandinfrastructurecomponent.Eachcontingencyplanshouldprovideadescriptionofthe
    resources,staffroles,procedures,andtimetablesneededforitsimplementation.

    http://techbus.safaribooksonline.com/print?xmlid=9781118105948%2Fscenariobased_questions_answer0025 2/2

    Vous aimerez peut-être aussi