CISSP - Question Bank 16

Test your knowledge of CISSP with these multiple choice questions. Each Question Bank includes 20 practice questions that have been designed to measure your knowledge of key ideas.

A key factor to keep in mind is that guessing is better than not answering a question.

Every single question on the CISSP exam is a four-option multiple choice question with a single correct answer. Some are straightforward, such as asking you to select a definition. Some are a bit more involved, such as asking you to select the appropriate concept or best practice. And some questions present you with a scenario or situation and ask you to select the best response.

Start

Q1. What is the end goal of Disaster Recovery Planning?

A. Preventing business interruption
B. Setting up temporary business operations
C. Restoring normal business activity
D. Minimizing the impact of a disaster

View Answer
The Correct Answer is C.
Explanation: Disaster Recovery Planning picks up where Business Continuity Planning leaves off. Once a disaster interrupts the business operations, the goal of DRP is to restore normal business activity as quickly as possible.
Q2. Which one of the following is an example of a man-made disaster?

A. Tsunami
B. Earthquake
C. Power outage
D. Lightning strike

View Answer
The Correct Answer is C.
Explanation: power outage is an example of a man-made disaster. The other events listed-tsunamis, earthquakes, and lightning strikes-are all naturally occurring events.
Q3. According to the Federal Emergency Management Agency, approximately what percentage of U.S. states is considered to have at least a moderate risk of seismic activity?

A. 20 percent
B. 40 percent
C. 60 percent
D. 80 percent

View Answer
The Correct Answer is D.
Explanation: As 50 U.S. states are considered to have a moderate, high, or very high risk of seismic activity.
Q4. Which one of the following disaster types is not normally covered by standard business or homeowner's insurance?

A. Earthquake
B. Flood
C. Fire
D. Theft

View Answer
The Correct Answer is B.
Explanation: Most general business insurance and homeowner’s insurance policies do not provide any protection against the risk of flooding or flash floods. If floods pose a risk to your organization, you should consider purchasing supplemental flood insurance under FEMA’s National Flood Insurance Program.
Q5. In the wake of the September 11, 2001 terrorist attacks, what industry made drastic changes that directly impact DRP/BCP activities?

A. Tourism
B. Banking
C. Insurance
D. Airline

View Answer
The Correct Answer is C.
Explanation: Although all of the industries listed in the options made changes to their practices after September 11, 2004, the insurance industry's change toward noncoverage of acts of terrorism most directly impacts the BCP/DRP process.
Q6. Which one of the following statements about Business Continuity Planning and Disaster Recovery Planning is not correct?

A. Business Continuity Planning is focused on keeping business functions uninterrupted when a disaster strikes.
B. Organizations can choose whether to develop Business Continuity Planning or Disaster Recovery Planning plans.
C. Business Continuity Planning picks up where Disaster Recovery Planning leaves off.
D. Disaster Recovery Planning guides an organization through recovery of normal operations at the primary facility.

View Answer
The Correct Answer is C.
Explanation: The opposite of this statement is true-Disaster Recovery Planning picks up where Business Continuity Planning leaves off. The other three statements are all accurate reflections of the role of Business Continuity Planning and Disaster Recovery Planning.
Q7. What does the term "100-year flood plain" mean to emergency preparedness officials?

A. The last flood of any kind to hit the area was more than 100 years ago.
B. A flood is expected to hit the area once every 100 years.
C. The area is expected to be safe from flooding for at least 100 years.
D. The last significant flood to hit the area was more than 100 years ago.

View Answer
The Correct Answer is B.
Explanation: The term "100-year flood plain" is used to describe an area where flooding is expected once every 100 years. It can also be said that there is a 1 percent probability of flooding in any given year.
Q8. In which one of the following database recovery techniques is an exact, up-to-date copy of the database maintained at an alternative location?

A. Transaction logging
B. Remote journaling
C. Electronic vaulting
D. Remote mirroring

View Answer
The Correct Answer is D.
Explanation: When you use remote mirroring, an exact copy of the database is maintained at an alternative location. You keep the remote copy up-to-date by executing all transactions on both the primary and remote site at the same time.
Q9. What disaster recovery principle best protects your organization against hardware failure?

A. Consistency
B. Efficiency
C. Redundancy
D. Primacy

View Answer
The Correct Answer is C.
Explanation: Redundant systems/components provide protection against the failure of one particular piece of hardware.
Q10. What Business Continuity Planning technique can help you prepare the business unit prioritization task of Disaster Recovery Planning?

A. Vulnerability Analysis
B. Business Impact Assessment
C. Risk Management
D. Continuity Planning

View Answer
The Correct Answer is B.
Explanation: During the Business Impact Assessment phase, you must identify the business priorities of your organization to assist with the allocation of BCP resources. This same information can be used to drive the DRP business unit prioritization.
Q11. Which one of the following alternative processing sites takes the longest time to activate?

A. Hot site
B. Mobile site
C. Cold site
D. Warm site

View Answer
The Correct Answer is C.
Explanation: The cold site contains none of the equipment necessary to restore operations. All of the equipment must be brought in and configured and data must be restored to it before operations can commence. This often takes weeks.
Q12. What is the typical time estimate to activate a warm site from the time a disaster is declared?

A. 1 hour
B. 6 hours
C. 12 hours
D. 24 hours

View Answer
The Correct Answer is C.
Explanation: Warm sites typically take about 12 hours to activate from the time a disaster is declared. This is compared to the relatively instantaneous activation of a hot site and the lengthy (at least a week) time required to bring a cold site to operational status.
Q13. Which one of the following items is a characteristic of hot sites but not a characteristic of warm sites?

A. Communications circuits
B. Workstations
C. Servers
D. Current data

View Answer
The Correct Answer is D.
Explanation: Warm sites and hot sites both contain workstations, servers, and the communications circuits necessary to achieve operational status. The main difference between the two alternatives is the fact that hot sites contain near real-time copies of the operational data and warm sites require the restoration of data from backup.
Q14. What type of database backup strategy involves bulk transfers of data to a remote site on a periodic basis but does not involve maintenance of a live backup server at the remote site?

A. Transaction logging
B. Remote journaling
C. Electronic vaulting
D. Remote mirroring

View Answer
The Correct Answer is C.
Explanation: In an electronic vaulting scenario, bulk transfers of data occur between the primary site and the backup location on a periodic basis. These backups are stored at the remote location but are not maintained on a live database server. Once a disaster is declared, technicians retrieve the data from the vault and apply it to production servers.
Q15. What type of document will help public relations specialists and other individuals who need a high-level summary of disaster recovery efforts while they are underway?

A. Executive summary
B. Technical guides
C. Department-specific plans
D. Checklists

View Answer
The Correct Answer is A.
Explanation: The executive summary provides a high-level view of the entire organization's disaster recovery efforts. This document is useful for the managers and leaders of the firm as well as public relations personnel who need a nontechnical perspective on this complex effort.
Q16. What Disaster Recovery Planning tool can be used to protect an organization against the failure of a critical software firm to provide appropriate support for their products?

A. Differential backups
B. Business Impact Assessment
C. Incremental backups
D. Software escrow agreement

View Answer
The Correct Answer is D.
Explanation: Software escrow agreements place the application source code in the hands of an independent third party, thus providing firms with a "safety net" in the event a developer goes out of business or fails to honor the terms of a service agreement.
Q17. What type of backup involves always storing copies of all files modified since the most recent full backup?

A. Differential backups
B. Partial backup
C. Incremental backups
D. Database backup

View Answer
The Correct Answer is A.
Explanation: A. Differential backups involve always storing copies of all files modified since the most recent full backup regardless of any incremental or differential backups created during the intervening time period.
Q18. What combination of backup strategies provides the fastest backup creation time?

A. Full backups and differential backups
B. Partial backups and incremental backups
C. Full backups and incremental backups
D. Incremental backups and differential backups

View Answer
The Correct Answer is C.
Explanation: Any backup strategy must include full backups at some point in the process. Incremental backups are created faster than differential backups due to the number of files it is necessary to back up each time.
Q19. What combination of backup strategies provides the fastest backup restoration time?

A. Full backups and differential backups
B. Partial backups and incremental backups
C. Full backups and incremental backups
D. Incremental backups and differential backups

View Answer
The Correct Answer is A.
Explanation: A. Any backup strategy must include full backups at some point in the process. If a combination of full and differential backups is used, a maximum of two backups must be restored. If a combination of full and incremental backups is chosen, the number of required restorations may be unlimited.
Q20. What type of disaster recovery plan test fully evaluates operations at the backup facility but does not shift primary operations responsibility from the main site?

A. Structured walk-through
B. Parallel test
C. Full-interruption test
D. Simulation test

View Answer
The Correct Answer is B.
Explanation: Parallel tests involve moving personnel to the recovery site and gearing up operations, but responsibility for conducting day-to-day operations of the business remains at the primary operations center.

Copyright © 2018 | All Rights Reserved | Designed & Developed by Yeahhub.com