Information Security And Risk Management

Chapter 13

 

 

QUESTION 1

1. It is dangerous to assume anything when creating a BCP, because assumptions are rarely accurate.

True

False

0.10000 points   

QUESTION 2

1. Who coordinates the actions of the DAT and works closely with the EMT lead and BCP coordinator?

    DAT coordinator
    TRT lead
    BCP PM
    DAT lead

0.10000 points   

QUESTION 3

1. What is NOT one of the three commonly used BCP teams?

    technical recovery
    emergency management
    critical contractor
    damage assessment

0.10000 points   

QUESTION 4

1. All critical systems should be included in a BCP.

True

False

0.10000 points   

QUESTION 5

1. Even though the BIA identifies priorities, it is common to reaffirm them in a BCP.

True

False

0.10000 points   

QUESTION 6

1. What correctly lists the overall steps of a BCP?

    purpose; scope; assumptions and planning principles; system descriptions and architecture; responsibilities; provide training; test and exercise plans; maintain and update plans
    charter the BCP and create scope statements; complete the BIA; identify countermeasures and controls; develop individual DRPs; provide training; test and exercise plans; maintain and update plans
    charter the BCP and create scope statements; complete the BIA; identify countermeasures and controls; develop individual DRPs; notification/activation phase; recovery phase; reconstitution phase; plan training, testing, and exercises; plan maintenance
    purpose; scope; assumptions and planning principles; system descriptions and architecture; responsibilities; notification/activation phase; recovery phase; reconstitution phase; plan training, testing, and exercises; plan maintenance

0.10000 points   

QUESTION 7

1. The overview section provides a description of the CBFs.

True

False

0.10000 points   

QUESTION 8

1. Who coordinates the actions of the EMT and works closely with the DAT lead and BCP coordinator?

    EMT lead
    BCP PM
    EMT coordinator
    TRT lead

0.10000 points   

QUESTION 9

1. If a disruption occurs during work hours, then the BCP PM will probably be on the scene quickly. If the disruption occurs after hours, then the BCP PM should be contacted first thing the next business day.

True

False

0.10000 points   

QUESTION 10

1. When is the notification/activation phase?

    when the BCP CM declares it so
    the first step of a BCP
    depends on the type of interruption
    when the disruption has occurred or is imminent

0.10000 points   

QUESTION 11

1. Criticality of operations identifies the order of importance of each of the seven domains of the typical IT infrastructure.

True

False

0.10000 points   

QUESTION 12

1. If a system houses data, you need to ensure that data is protected according to _______.

    the C-I-A triad
    the BCP’s scope
    its criticality
    its level of classification

0.10000 points   

QUESTION 13

1. The functional description builds on the __________.

    strategy
    overview
    BIA
    system description and architecture

0.10000 points   

QUESTION 14

1. What is the overall goal of BCP exercises?

    to ensure continued operations after a disruption or disaster
    to demonstrate how the BCP will work
    to verify that the BCP will work as planned
    to teach people the details of the BCP

0.10000 points   

QUESTION 15

1. When an emergency is declared, the ____________ usually contact(s) appropriate teams or team leads.

    BCP PM
    stakeholders
    BCP coordinator
    department heads

0.10000 points   

QUESTION 16

1. Training should be conducted at least annually.

True

False

0.10000 points   

QUESTION 17

1. The TRT lead needs to be very familiar with existing DRPs and may have even authored them.

True

False

0.10000 points   

QUESTION 18

1. What is the purpose of a BCP?

    to ensure that mission-critical elements of an organization continue to operate after a disruption
    to ensure that mission-critical elements of an organization are properly restored after a disruption
    to prevent loss of mission-critical activities of organization employees in case of a disruption
    to identify mission-critical elements of an organization in case of a disruption

0.10000 points   

QUESTION 19

1. Some personnel can be deemed mission-critical.

True

False

0.10000 points   

QUESTION 20

1. Having supplies on hand for continued production _______________.

    is a best practice in the creation and implementation of a BCP
    may be preferable to having an organization obtain parts and supplies as needed
    may conflict with other organizational planning principles
    is the definition of a just-in-time philosophy

0.10000 points   

Click Save and Submit to save and submit. Click Save All Answers to save all answers.

 

 

 

 

Chapter 12

 

 

 

QUESTION 1

1. Every resource has an MAO and an impact if it fails.

True

False

0.10000 points   

QUESTION 2

1. What is NOT a direct cost?

    equipment replacement costs
    building replacement costs
    penalty costs for noncompliance issues
    penalty costs for nonrepudiation issues

0.10000 points   

QUESTION 3

1. A BIA is intended to include all IT functions.

True

False

0.10000 points   

QUESTION 4

1. Choose the answer that correctly lists the seven steps of a BIA.

    develop the contingency planning policy statement; conduct the business impact analysis; identify preventive controls; identify critical resources; identify the maximum downtime; identify recovery priorities; and develop the BIA report
    identify the environment; identify stakeholders; identify critical business functions; identify critical resources; identify the maximum downtime; identify recovery priorities; and develop the BIA report
    develop the contingency planning policy statement; conduct the business impact analysis; identify preventive controls; create contingency strategies; develop an information system contingency plan; ensure plan testing, training, and exercises; and ensure plan maintenance
    identify the environment; identify stakeholders; identify critical business functions; create contingency strategies; develop an information system contingency plan; ensure plan testing, training, and exercises; and ensure plan maintenance

0.10000 points   

QUESTION 5

1. The seven steps of a BIA are the same as the seven steps of contingency planning.

True

False

0.10000 points   

QUESTION 6

1. You are a stakeholder who has just designated a function as critical. What must you do now?

    Dedicate resources to protect the function.
    Perform a CBA.
    Evaluate vulnerabilities.
    Bring it up in the next meeting.

0.10000 points   

QUESTION 7

1. What is NOT one of the steps of contingency planning?

    identifying assets
    ensuring plan maintenance
    conducting the business impact analysis
    creating contingency strategies

0.10000 points   

QUESTION 8

1. A BIA is concerned with identifying and implementing recovery methods.

True

False

0.10000 points   

QUESTION 9

1. Once you identify CBFs and critical business processes, you need to map them to a BIA.

True

False

0.10000 points   

QUESTION 10

1. BIAs identify an impact that can result from ____________.

    uncontrolled vulnerabilities
    disruptions in a business
    failure of a DMZ
    threats to the IT infrastructure

0.10000 points   

QUESTION 11

1. RPO stands for ____________.

    recovery point objective
    recovery program objective
    recovery policy objective
    recovery product objective

0.10000 points   

QUESTION 12

1. Questionnaires, forms, and surveys are the standard way to collect data for a BIA.

True

False

0.10000 points   

QUESTION 13

1. What is NOT an indirect cost?

    loss of goodwill
    costs to re-create or recover data
    lost opportunities during recovery
    costs to regain market share

0.10000 points   

QUESTION 14

1. What does POCs stand for?

    policies of compliance
    procedures of control
    policies of control
    system points of contact

0.10000 points   

QUESTION 15

1. What acronym is NOT a critical term when working with BIAs?

    MAO
    CBA
    CBF
    CSF

0.10000 points   

QUESTION 16

1. For a BIA, the step of “identifying the environment” means having a good understanding of the business function.

True

False

0.10000 points   

QUESTION 17

1. Low RTOs are _______ but _______.

    unachievable, ideal
    elusive, maintainable
    achievable, costly
    risky, high-yield

0.10000 points   

QUESTION 18

1. RTO stands for ________.

    recovery time obstacle
    repair transfer objective
    repair task objective
    recovery time objective

0.10000 points   

QUESTION 19

1. What is NOT a best practice when performing a BIA?

    using a top-down approach
    starting with clear objectives
    plan interviews and meetings in advance
    performing a CBA

0.10000 points   

QUESTION 20

1. There are seven steps of contingency planning.

True

False

0.10000 points   

Click Save and Submit to save and submit. Click Save All Answers to save all answers.

 

 

 

Lab 7

 

QUESTION 1

1. True or False: the BIA is similar to conducting a risk assessment except that it is focused on identifying critical, major and minor business functions and operations.

True

False

0.25000 points   

QUESTION 2

1. True or False: the larger the RTO and RPO maximum allowable time, the potentially more expensive the solution.

True

False

0.25000 points   

QUESTION 3

1. What is the proper sequence of development and implementation for the following?

    1. Risk Management plan, 2. Business Impact Analysis, 3. Business Continuity plan, then 4. Disaster Recovery plan.
    1. Business Continuity plan, 2. Business Impact Analysis, 3. Disaster Recovery plan, then 4. Risk Management plan.
    1. Risk Management plan, 2. Business Continuity plan, 3. Business Impact Analysis, then 4. Disaster Recovery plan.
    1. Business Continuity plan, 2. Risk Management plan, 3.Business Impact Analysis, then 4. Disaster Recovery plan.

0.25000 points   

QUESTION 4

1. True or False: Customer Service business functions typically have a short RTO and RPO maximum allowable time objective.

True

False

0.25000 points   

QUESTION 5

1. True or False: RTO is what the organization defines as the minimum allowable or acceptable downtime.

True

False

0.25000 points   

QUESTION 6

1. True or False: The BIA’s goal and purpose is to identify IT Infrastructure components that are critical to the organization.

True

False

0.25000 points   

QUESTION 7

1. True or False: If the RPO metric does not equal the RTO, you can potentially lose data that might not be backed up.

True

False

0.25000 points   

QUESTION 8

1. True or False: The BIA helps define the scope and priorities of the Business Continuity plan and the Disaster Recovery plan.

True

False

0.25000 points   

Click Save and Submit to save and submit. Click Save All Answers to save all answers.

 

 

 

 

 

Lab 8

 

1. True or False: Disaster Planning is not part of the BCP?

True

False

0.25000 points   

QUESTION 2

1. Which of the following should develop and participate in an organization’s BCP?

    All of the above
    Executive Management
    Human Resources
    IT

0.25000 points   

QUESTION 3

1. True or False: a BIA helps define the scope of the BCP itself.

True

False

0.25000 points   

QUESTION 4

1. True or False: the BCP should be updated at least once a year.

True

False

0.25000 points   

QUESTION 5

1. Which of the following is NOT true.  A BCP helps mitigate the risk of:

    Lengthy IT system outages.
    Losing human life.
    Lost revenue and lost intellectual property assets.
    All of the above are True

0.25000 points   

QUESTION 6

1. True or False: The purpose of having documented IT system, application and data recovery procedures/steps is to help achieve the RTO defined by executive management?

True

False

0.25000 points   

QUESTION 7

1. True or False: you still need a BCP or DRP if you have business liability insurance, asset replacement insurance and natural disaster insuranc

True

False

0.25000 points   

QUESTION 8

1. True or False: If a business cannot operate, the BCP assists in bringing the business back to life and operational readiness.

True

False

0.25000 points   

Click Save and Submit to save and submit. Click Save All Answers to save all answers.

 
Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!