Management support is critical to the success of a business continuity plan. Which of the following is the most important to be provided to management to obtain their support? Business case Business impact analysis Risk analysis Threat report

A business impact analysis is considered a functional analysis. Which of the following is not carried out during a business impact analysis? A parallel or full-interruption test The application of a classification scheme based on criticality levels The gathering of information via interviews Documentation of business functions

Which of the following is the best way to ensure that the company’s backup tapes can be restored and used at a warm site? Ask the offsite vendor to test them and label the ones that were properly read. Test them on the vendor’s machine, which won’t be used during an emergency. Retrieve the tapes from the offsite facility and verify that the equipment from the original site can read them. Inventory each tape kept at the vendor’s site twice a month.

An approach to alternate offsite facilities is to establish a reciprocal agreement. Which of the following describes the pros and cons of a reciprocal agreement? It is fully configured and ready to operate within a few hours, but is the most expensive of the offsite choices. It is an inexpensive option, but it takes the most time and effort to get up and running after a disaster. It is a good alternative for companies that depend upon proprietary software, but annual testing is not usually available. It is the cheapest of the offsite choices, but mixing operations could introduce many security issues.

The operations team is responsible for defining which data gets backed up and how often. Which type of backup process backs up files that have been modified since the last time all data was backed up? Incremental process Full backup Partial backup Differential process

Of the following plans, which establishes senior management and a headquarters after a disaster? Continuity of operations plan Cyber-incident response plan Occupant emergency plan IT contingency plan

It is not unusual for business continuity plans to become out of date. Which of the following is not a reason why plans become outdated? Changes in hardware, software, and applications Infrastructure and environment changes Personnel turnover That the business continuity process is integrated into the change management process

Preplanned business continuity procedures provide organizations a number of benefits. Which of the following is not a capability enabled by business continuity planning? Resuming critical business functions Letting business partners know your company is unprepared Protecting lives and ensuring safety Ensuring survivability of the business

Business continuity plans can be assessed via a number of tests. Which type of test continues up to the point of actual relocation to an offsite facility and actual shipment of replacement equipment? Parallel test Checklist test Structured walk-through test Simulation test

With what phase of a business continuity plan does a company proceed when it is ready to move back into its original site or a new site? Reconstitution phase Recovery phase Project initiation phase Damage assessment phase

Several teams should be involved in carrying out the business continuity plan. Which team is responsible for starting the recovery of the original site? Damage assessment team BCP team Salvage team Restoration team

There are several types of redundant technologies that can be put into place. What type of technology is shown in the graphic that follows? [*] Tape vaulting Remote journaling Electronic vaulting Redundant site

Here is a graphic of a business continuity policy. Which component is missing from this graphic? [*] Damage assessment phase Reconstitution phase Business resumption phase Continuity of operations plan

The Recovery Time Objective (RTO) and Maximum Tolerable Downtime (MTD) metrics have similar roles, but their values are very different. Which of the following best describes the difference between RTO and MTD metrics? The RTO is a time period that represents the inability to recover, and the MTD represents an allowable amount of downtime. The RTO is an allowable amount of downtime, and the MTD represents a time period that represents the inability to recover. The RTO is a metric used in disruptions, and the MTD is a metric used in disasters. The RTO is a metric pertaining to loss of access to data, and the MTD is a metric pertaining to loss of access to hardware and processing capabilities.

High availability (HA) is a combination of technologies and processes that work together to ensure that specific critical functions are always up and running at the necessary level. To provide this level of high availability, a company has to have a long list of technologies and processes that provide redundancy, fault tolerance, and failover capabilities. Which of the following best describes these characteristics? Redundancy is the duplication of noncritical components or functions of a system with the intention of decreasing reliability of the system. Fault tolerance is the capability of a technology to discontinue to operate as expected even if something unexpected takes place. If a technology has a failover capability, this means that if there is a failure that cannot be handled through normal means, then processing is “switched over“ to a working system. Redundancy is the duplication of critical components or functions of a system with the intention of increasing reliability of the system. Fault tolerance is the capability of a technology to continue to operate as expected even if something unexpected takes place. If a technology has a failover capability, this means that if there is a failure that cannot be handled through normal means, then processing is “switched over“ to a working system. Redundancy is the duplication of critical components or functions of a system with the intention of increasing reliability of the system. Fault tolerance is the capability of a technology to continue to operate as expected even if something unexpected tak Redundancy is the duplication of critical components or functions of a system with the intention of increasing reliability of the system. Fault tolerance is the capability of a technology to continue to operate as expected even if something unexpected tak

The NIST organization has defined best practices for creating continuity plans. Which of the following phases deals with identifying and prioritizing critical functions and systems? Identify preventive controls. Develop the continuity planning policy statement. Develop recovery strategies. Conduct the business impact analysis.

As his company’s business continuity coordinator, Matthew is responsible for helping recruit members to the business continuity planning (BCP) committee. Which of the following does not correctly describe this effort? Committee members should be involved with the planning stages, as well as the testing and implementation stages. The smaller the team the better, to keep meetings under control. The business continuity coordinator should work with management to appoint committee members. The team should consist of people from different departments across the company.

Gizmos and Gadgets has restored its original facility after a disaster. What should be moved in first? Management Most critical systems Most critical functions Least critical functions

Which of the following is a critical first step in disaster recovery and contingency planning? Plan testing and drills. Complete a business impact analysis. Determine offsite backup facility alternatives. Organize and create relevant documentation.

Which of the following incorrectly describes the concept of executive succession planning? Predetermined steps protect the company if a senior executive leaves. Two or more senior staff cannot be exposed to a particular risk at the same time. It documents the assignment of deputy roles. It covers assigning a skeleton crew to resume operations after a disaster.

What type of infrastructural setup is illustrated in the graphic that follows? [*] Hot site Warm site Cold site Reciprocal agreement