CHAPTER 8

Business Continuity Planning—Disaster Recovery Planning

This chapter is supplemental to and coordinated with the Business Continuity Planning—Disaster Recovery Planning Chapter in the CISSP Prep Guide. The fundamentals of business continuity planning-disaster recovery planning are covered in Chapter 8 of the CISSP Prep Guide at a level on par with that of the CISSP Examination.

It is assumed that the reader has a basic knowledge of the material contained in Chapter 8 and has the CISSP Prep Guide available to provide background information for the advanced questions pertaining to the Business Continuity Planning—Disaster Recovery Planning chapter. Here we'll discuss business continuity, business resumption, disaster recovery, emergency management, and vulnerability assessments.

Advanced Sample Questions

1. Which choice below is the MOST accurate description of a warm site?
   1. A backup processing facility with adequate electrical wiring and air conditioning, but no hardware or software installed
   2. A backup processing facility with most hardware and software installed, which can be operational within a matter of days
   3. A backup processing facility with all hardware and software installed and 100% compatible with the original site, operational within hours
   4. A mobile trailer with portable generators and air conditioning
2. Which choice below is NOT an accurate description or element of remote sensing technology?
   1. Photographic, radar, infrared, or multi-spectral imagery from manned or unmanned aircraft.
   2. Photographic, radar, infrared, or multi-spectral imagery from land-based tracking stations.
   3. Photographic, radar, infrared, or multi-spectral imagery from geostationary or orbiting satellites.
   4. RS intelligence may be integrated into geographic information systems (GIS) to produce map-based products.
3. Which disaster recovery/emergency management plan testing type below is considered the most cost-effective and efficient way to identify areas of overlap in the plan before conducting more demanding training exercises?
   1. Full-scale exercise
   2. Walk-through drill
   3. Table-top exercise test
   4. Evacuation drill
4. Which task below would normally be considered a BCP task, rather than a DRP task?
   1. Life safety processes
   2. Project scoping
   3. Restoration procedures
   4. Recovery procedures
5. Which choice below is NOT a role or responsibility of the person designated to manage the contingency planning process?
   1. Providing direction to senior management
   2. Providing stress reduction programs to employees after an event
   3. Ensuring the identification of all critical business functions
   4. Integrating the planning process across business units
6. Which choice below is NOT an emergency management procedure directly relating to financial decision making?
   1. Establishing accounting procedures to track the costs of emergencies
   2. Establishing procedures for the continuance of payroll
   3. Establishing critical incident stress procedures
   4. Establishing program procurement procedures
7. Which choice below is NOT considered an appropriate role for senior management in the business continuity and disaster recovery process?
   1. Delegate recovery roles
   2. Publicly praise successes
   3. Closely control media and analyst communications
   4. Assess the adequacy of information security during the disaster recovery
8. Which choice below is NOT considered a potential hazard resulting from natural events?
   1. Earthquake/land shift
   2. Forest fire
   3. Arson
   4. Urban fire
9. Which choice below represents the most important first step in creating a business resumption plan?
   1. Performing a risk analysis
   2. Obtaining senior management support
   3. Analyzing the business impact
   4. Planning recovery strategies
10. Which choice below would NOT be a valid reason for testing the disaster recovery plan?
    1. Testing provides the contingency planner with recent documentation.
    2. Testing verifies the accuracy of the recovery procedures.
    3. Testing prepares the personnel to properly execute their emergency duties.
    4. Testing identifies deficiencies within the recovery procedures.
11. Which choice below is NOT a commonly accepted definition for a disaster?
    1. An occurrence that is outside the normal computing function
    2. An occurrence or imminent threat to the entity of widespread or severe damage, injury, loss of life, or loss of property
    3. An emergency that is beyond the normal response resources of the entity
    4. A suddenly occurring event that has a long-term negative impact on social life
12. Which choice below is NOT considered an appropriate role for Financial Management in the business continuity and disaster recovery process?
    1. Tracking the recovery costs
    2. Monitoring employee morale and guarding against employee burnout
    3. Formally notifying insurers of claims
    4. Reassessing cash flow projections
13. Which choice below most accurately describes a business continuity program?
    1. Ongoing process to ensure that the necessary steps are taken to identify the impact of potential losses and maintain viable recovery
    2. A program that implements the mission, vision, and strategic goals of the organization
    3. A determination of the effects of a disaster on human, physical, economic, and natural resources
    4. A standard that allows for rapid recovery during system interruption and data loss
14. What is the responsibility of the contingency planner regarding LAN backup and recovery if the LAN is part of a building server environment?
    1. Getting a copy of the recovery procedures from the building server administrator
    2. Recovering client/server systems owned and supported by internal staff
    3. Classifying the recovery time frame of the business unit LAN
    4. Identifying essential business functions
15. Which choice below is the correct definition of a Mutual Aid Agreement?
    1. A management-level analysis that identifies the impact of losing an entity's resources
    2. An appraisal or determination of the effects of a disaster on human, physical, economic, and natural resources
    3. A prearranged agreement to render assistance to the parties of the agreement
    4. Activities taken to eliminate or reduce the degree of risk to life and property
16. In which order should the following steps be taken to create an emergency management plan?
    1. _____ a. Implement the plan
    2. _____ b. Form a planning team
    3. _____ c. Develop a plan
    4. _____ d. Conduct a vulnerability assessment
17. Place the BRP groups below in their properly tiered organizational structure, from highest to lowest:
    1. _____ a. Policy group
    2. _____ b. Senior executives
    3. _____ c. Emergency response team
    4. _____ d. Disaster management team
18. Which choice below most accurately describes a business impact analysis (BIA)?
    1. A program that implements the strategic goals of the organization
    2. A management-level analysis that identifies the impact of losing an entity's resources
    3. A prearranged agreement between two or more entities to provide assistance
    4. Activities designed to return an organization to an acceptable operating condition
19. In which order should the following steps be taken to perform a vulnerability assessment?
    1. _____ a. List potential emergencies
    2. _____ b. Estimate probability
    3. _____ c. Assess external and internal resources
    4. _____ d. Assess potential impact
20. According to FEMA, which choice below is NOT a recommended way to purify water after a disaster?
    1. Adding 16 drops per gallon of household liquid bleach to the water
    2. Boiling from 3 to 5 minutes
    3. Adding water treatment tablets to the water
    4. Distilling the water for twenty minutes
21. Which choice below is NOT a recommended step to take when resuming normal operations after an emergency?
    1. Re-occupy the damaged building as soon as possible.
    2. Account for all damage-related costs.
    3. Protect undamaged property.
    4. Conduct an investigation.
22. In developing a emergency or recovery plan, which choice below would NOT be considered a short-term objective?
    1. Priorities for restoration
    2. Acceptable downtime before restoration
    3. Minimum resources needed to accomplish the restoration
    4. The organization's strategic plan
23. When should security isolation of the incident scene start?
    1. Immediately after the emergency is discovered
    2. As soon as the disaster plan is implemented
    3. After all personnel have been evacuated
    4. When hazardous materials have been discovered at the site
24. Place the following backup processing alternatives in order, from the most expensive solution to the least expensive:
    1. _____ a. Warm site
    2. _____ b. Hot site
    3. _____ c. Cold site
    4. _____ d. Mutual aid agreement
25. Which choice below is incorrect regarding when a BCP, DRP, or emergency management plan should be evaluated and modified?
    1. Never; once it has been tested it should not be changed.
    2. Annually, in a scheduled review.
    3. After training drills, tests, or exercises.
    4. After an emergency or disaster response.
26. Which choice below refers to a business asset?
    1. Events or situations that could cause a financial or operational impact to the organization
    2. Protection devices or procedures in place that reduce the effects of threats
    3. Competitive advantage, credibility or good will
    4. Personnel compensation and retirement programs
27. Which choice below is an example of a potential hazard due to a technological event, rather than a human event?
    1. Sabotage
    2. Financial collapse
    3. Mass hysteria
    4. Enemy attack
28. When should the public and media be informed about a disaster?
    1. Whenever site emergencies extend beyond the facility
    2. When any emergency occurs at the facility, internally or externally
    3. When the public's health or safety is in danger
    4. When the disaster has been contained
29. Which choice below is the first priority in an emergency?
    1. Communicating with employees' families the status of the emergency
    2. Notifying external support resources for recovery and restoration
    3. Protecting the health and safety of everyone in the facility
    4. Warning customers and contactors of a potential interruption of service