by 0x4b4d


keywords:
Bookmark and Share



Front Back
1. Which plan or policy helps an organization determine how to relocate to an emergency site?
Disaster-recovery plan
Backup site plan
Privilege management policy
Privacy plan
1. A. The disaster-recovery plan deals with site relocation in the event of an emergency, natural disaster, or service outage.
2. Although you're talking to her on the phone, the sound of the administrative assistant's screams of despair can be heard down the hallway. She has inadvertently deleted a file that the boss desperately needs. Which type of backup is used for the immediate recovery of a lost file?
Onsite storage
Working copies
Incremental backup
Differential backup
2. B. Working copies are backups that are usually kept in the computer room for immediate use in recovering a system or lost file.
3. You're trying to rearrange your backup procedures to reduce the amount of time they take each evening. You want the backups to finish as quickly as possible during the week. Which backup system backs up only the files that have changed since the last backup?
Full backup
Incremental backup
Differential backup
Backup server
3. B. An incremental backup backs up files that have changed since the last full or partial backup.
4. Which backup system backs up all the files that have changed since the last full backup?
Full backup
Incremental backup
Differential backup
Archival backup
4. C. A differential backup backs up all the files that have changed since the last full backup.
5. You're a consultant brought in to advise MTS on its backup procedures. One of the first problems you notice is that the company doesn't utilize a good tape-rotation scheme. Which backup method uses a rotating schedule of backup media to ensure long-term information storage?
Grandfather, Father, Son method
Full Archival method
Backup Server method
Differential Backup method
5. A. The Grandfather, Father, Son backup method is designed to provide a rotating schedule of backup processes. It allows for a minimum usage of backup media, and it still allows for long-term archiving.
6. Which site best provides limited capabilities for the restoration of services in a disaster?
Hot site
Warm site
Cold site
Backup site
6. B. Warm sites provide some capabilities in the event of a recovery. The organization that wants to use a warm site will need to install, configure, and reestablish operations on systems that may already exist at the warm site.
7. You're the head of information technology for MTS and have a brother in a similar position for ABC. The companies are approximately the same size and are located several hundred miles apart. As a benefit to both companies, you want to implement an agreement that would allow either company to use resources at the other site should a disaster make a building unusable. What type of agreement between two organizations provides mutual use of their sites in the event of an emergency?
Backup-site agreement
Warm-site agreement
Hot-site agreement
Reciprocal agreement
7. D. A reciprocal agreement is between two organizations and allows one to use the other's site in an emergency.
8. The process of automatically switching from a malfunctioning system to another system is called what?
Fail safe
Redundancy
Fail-over
Hot site
8. C. Fail-over occurs when a system that is developing a malfunction automatically switches processes to another system to continue operations.
9. You've been brought in as a temporary for FRS, Inc. The head of IT assigns you the task of evaluating all servers and their disks and making a list of any data not stored redundantly. Which disk technology isn't fault tolerant?
RAID 0
RAID 1
RAID 3
RAID 5
9. A. RAID 0 is a method of spreading data from a single disk over a number of disk drives. It's used primarily for performance purposes.
10. Which agreement outlines performance requirements for a vendor?
MTBF
MTTR
SLA
BCP
10. C. A service-level agreement (SLA) specifies performance requirements for a vendor. This agreement may use MTBF and MTTR as performance measures in the SLA.
11. Your company is about to invest heavily in an application written by a new startup. Because it is such a sizable investment, you express your concerns about the longevity of the new company and the risk this organization is taking. You propose that the new company agree to store its source code for use by customers in the event that it ceases business. What is this model called?
Code escrow
SLA
BCP
CA
11. A. Code escrow allows customers to access the source code of installed systems under specific conditions, such as the bankruptcy of a vendor.
12. Which of the following would normally not be part of an incident response policy?
Outside agencies (that require status)
Outside experts (to resolve the incident)
Contingency plans
Evidence collection procedures
12. C. A contingency plan wouldn't normally be part of an incident response policy. It would be part of a disaster-recovery plan.
13. Which of the following is the measure of the anticipated incidence of failure for a system or component?
CIBR
AIFS
MTBF
MTTR
13. C. Mean time between failures (MTBF) is the measure of the anticipated incidence of failure for a system or component.
14. With high availability, the goal is to have key services available 99.999 percent of the time. What is this availability also known as?
Five nines
Three nines
Perfecta
Trifecta
14. A. With high availability, the goal is to have key services available 99.999 percent of the time (also known as five nines availability).
15. Which of the following outlines those internal to the organization who have the ability to step into positions when they open?
Succession planning
Progression planning
Emergency planning
Eventuality planning
15. A. Succession planning outlines those internal to the organization who have the ability to step into positions when they open.
16. What is another name for working copies?
Functional copies
Running copies
Operating copies
Shadow copies
16. D. Working copies are also known as shadow copies.
17. What is the maximum number of drive failures a RAID 5 array can survive from and still be able to function?
0
1
2
More than 2
17. B. A RAID 5 array can survive the failure of any one drive and still be able to function. It can't survive the failure of multiple drives.
18. The only difference between mirroring and which of the following is the addition of one more controller card?
Additioning
Duplexing
Failing over
Sanctifying
18. B. The only difference between mirroring and duplexing is one more controller card.
19. Which redundancy strategy has one spare part for every component in use?
1+1
JWDO
JIT
Rollovers
19. A. The redundancy strategy 1+1 has one spare part for every component in use.
20. With five nines availability, the total amount of downtime allowed per year is:
4.38 hours
526 minutes
52.65 minutes
5.26 minutes
20. D. With five nines availability, the total amount of downtime allowed per year is 5.26 minutes.
Full Backup
All data is archived
Incremental Backup
Archives data that has been changed since the last incremental backup
Differential Backup
Archives data that has been changed since the last full backup
Hot Site
Provides nearly everything for relocation
Minimum startup time
High cost of maintaining
Warm Site
Provides some systems
Moderate startup time
moderate cost
Cold Site
Provides almost nothing
Longest startup time
Lowest cost
BCP
Business Continuity Planning
policies, controls, and procedures to counteract losses, outages, or failures of critical processes
Failover
processing is transferred to a functioning system when another fails
expensive due to redundancies
RAID 0
Striping
faster performance, no fault tolerance
RAID 1
Mirroring
no performance gain
both drives are exact copies of each other
allows one drive to fail without performance degradation
RAID 3
Striping with parity disk
requires 3 drives
data is striped across two and parity information stored on the third
allows one drive to fail but may halt operation
RAID 5
Striping with parity
requires 3 disks
parity information is spread across all drives
allows one drive to fail but will continue with degraded performance
Disaster recovery
restoring operations after a disaster (nature, man-made, etc)
Working copies
AKA shadow copies.
Kept close by for fast recovery
Onsite storage considerations
use computer ratings not paper ratings
fire, moisture, pressure
Offsite storage
backups kept in a separate facility
Grandfather, Father, Son method
Backups at regular intervals.
ex. weekly backup = son
monthly backup = father
yearly backup = grandfather
Steps in incident response
Identify
Investigate
Repair
Document
Adjust procedures
Forensic investigation
ACt in order of volatility
Capture system image
Document network traffic and logs
Capture video
Record time offset
Take hashes
Capture screenshots
Talk to witnesses
Track man-hours and expense
x of y cards