CISSP认证考试（业务连续性和灾难恢复）模拟试卷1 - 众享搜题网

登录　| 注册　| 充值

首页 > 计算机 > CISSP认证 > CISSP认证考试（业务连续性和灾难恢复）模拟试卷1

The NIST organization has defined best practices for creating continuity plans. Which of the following phases deals with identifying and prioritizing critical functions and systems? Identify preventive controls. Develop the continuity planning policy statement. Develop recovery strategies. Conduct the business impact analysis.

As his company’s business continuity coordinator, Matthew is responsible for helping recruit members to the business continuity planning (BCP) committee. Which of the following does not correctly describe this effort? Committee members should be involved with the planning stages, as well as the testing and implementation stages. The smaller the team the better, to keep meetings under control. The business continuity coordinator should work with management to appoint committee members. The team should consist of people from different departments across the company.

A business impact analysis is considered a functional analysis. Which of the following is not carried out during a business impact analysis? A parallel or full-interruption test The application of a classification scheme based on criticality levels The gathering of information via interviews Documentation of business functions

Which of the following is the best way to ensure that the company’s backup tapes can be restored and used at a warm site? Ask the offsite vendor to test them and label the ones that were properly read. Test them on the vendor’s machine, which won’t be used during an emergency. Retrieve the tapes from the offsite facility and verify that the equipment from the original site can read them. Inventory each tape kept at the vendor’s site twice a month.

An approach to alternate offsite facilities is to establish a reciprocal agreement. Which of the following describes the pros and cons of a reciprocal agreement? It is fully configured and ready to operate within a few hours, but is the most expensive of the offsite choices. It is an inexpensive option, but it takes the most time and effort to get up and running after a disaster. It is a good alternative for companies that depend upon proprietary software, but annual testing is not usually available. It is the cheapest of the offsite choices, but mixing operations could introduce many security issues.

Which of the following steps comes first in a business impact analysis? Calculate the risk for each different business function. Identify critical business functions. Create data-gathering techniques. Identify vulnerabilities and threats to business functions.

The operations team is responsible for defining which data gets backed up and how often. Which type of backup process backs up files that have been modified since the last time all data was backed up? Incremental process Full backup Partial backup Differential process

After a disaster occurs, a damage assessment needs to take place. Which of the following steps occurs last in a damage assessment? Determine the cause of the disaster. Identify the resources that must be replaced immediately. Declare a disaster. Determine how long it will take to bring critical functions back online.

Of the following plans, which establishes senior management and a headquarters after a disaster? Continuity of operations plan Cyber-incident response plan Occupant emergency plan IT contingency plan

It is not unusual for business continuity plans to become out of date. Which of the following is not a reason why plans become outdated? Changes in hardware, software, and applications Infrastructure and environment changes Personnel turnover That the business continuity process is integrated into the change management process

Preplanned business continuity procedures provide organizations a number of benefits. Which of the following is not a capability enabled by business continuity planning? Resuming critical business functions Letting business partners know your company is unprepared Protecting lives and ensuring safety Ensuring survivability of the business

Management support is critical to the success of a business continuity plan. Which of the following is the most important to be provided to management to obtain their support? Business case Business impact analysis Risk analysis Threat report

Gizmos and Gadgets has restored its original facility after a disaster. What should be moved in first? Management Most critical systems Most critical functions Least critical functions

Which of the following is a critical first step in disaster recovery and contingency planning? Plan testing and drills. Complete a business impact analysis. Determine offsite backup facility alternatives. Organize and create relevant documentation.

Which of the following is not a reason to develop and implement a disaster recovery plan? Provide steps for a post-disaster recovery. Extend backup operations to include more than just backing up data. Outline business functions and systems. Provide procedures for emergency responses.

Business continuity plans can be assessed via a number of tests. Which type of test continues up to the point of actual relocation to an offsite facility and actual shipment of replacement equipment? Parallel test Checklist test Structured walk-through test Simulation test

With what phase of a business continuity plan does a company proceed when it is ready to move back into its original site or a new site? Reconstitution phase Recovery phase Project initiation phase Damage assessment phase

Several teams should be involved in carrying out the business continuity plan. Which team is responsible for starting the recovery of the original site? Damage assessment team BCP team Salvage team Restoration team

ACME Inc. paid a software vendor to develop specialized software, and that vendor has gone out of business. ACME Inc. does not have access to the code and therefore cannot keep it updated. What mechanism should the company have implemented to prevent this from happening? Reciprocal agreement Software escrow Electronic vaulting Business interruption insurance

Which of the following incorrectly describes the concept of executive succession planning? Predetermined steps protect the company if a senior executive leaves. Two or more senior staff cannot be exposed to a particular risk at the same time. It documents the assignment of deputy roles. It covers assigning a skeleton crew to resume operations after a disaster.

相关试卷

CISSP认证考试模拟试卷4
CISSP认证考试模拟试卷3
CISSP认证考试模拟试卷2
CISSP认证考试模拟试卷1
CISSP认证考试（软件开发安全）模拟试卷1
CISSP认证考试（访问控制）模拟试卷1
CISSP认证考试（信息安全治理与风险管理）模拟试卷1
CISSP认证考试（通信安全与网络安全）模拟试卷1
CISSP认证考试（安全体系结构和设计）模拟试卷1
CISSP认证考试（密码学）模拟试卷1
CISSP认证考试（物理安全与环境安全）模拟试卷1
CISSP认证考试（法律、法规、调查与合规）模拟试卷1
CISSP认证考试（业务连续性和灾难恢复）模拟试卷1
CISSP认证考试（安全运营）模拟试卷1