SEC 402 WK 11 Final Exam
TRUE/FALSE
1. The goal of enterprise continuity management is to develop and then oversee a process to ensure that the critical elements of the organizations information and information processing function survive in the event of a disaster or other adverse event.
2. The disaster planning process is different from general continuity in that it is much less focused on responses to well-defined and highly specific occurrences.
3. The adverse events that an information operation might encounter typically involve the storage and transmission of data.
4. It is inappropriate in a business impact analysis to consider the effect of such events as a reduction of the funds to support preparedness, or an unanticipated increase in the cost of maintaining the response at a given level of desirability.
5. Without a continuously functioning operational threat analysis process in place, it is impossible to ensure the continuing effectiveness of the preparedness plan.
MULTIPLE CHOICE
1. Most organizational planning and monitoring processes are focused on ____.
a. detection c. recovery
b. reporting d. prevention
2. The enterprise continuity function is built around a ____.
a. pre-defined set of activities
b. set of improvised activities
c. standard set of activities
d. hybrid set of planned and improvised activities
3. ____ itemizes and describes all foreseeable contingencies that might impact the organization.
a. Enterprise planning c. Strategic planning
b. Continuity planning d. Disaster planning
4. ____ is meant to ensure a disciplined recovery from a specific disaster.
a. Emergency planning c. Continuity planning
b. Disaster planning d. Recovery planning
5. ____ ensures that all of the people involved in the continuity process understand their assigned roles.
a. Continuity management c. Recovery management
b. Disaster management d. Enterprise management
6. The ____ encompasses those principles, policies, and procedures that ensure essential business functions in the event of a disaster.
a. enterprise recovery function c. strategic planning function
b. enterprise planning function d. enterprise continuity function
7. The key to success in continuity is ____.
a. standardization c. planning
b. preparation d. operation
8. The actions outlined in the ____ represent the steps that the organization plans to take to address every contingency of significance.
a. recovery plan c. preparedness plan
b. disaster plan d. restoration plan
9. The information needed to support the planning for a response in the information processing function is obtained by means of a(n) ____ process.
a. conventional risk analysis c. conventional recovery
b. emergency risk analysis d. conventional continuity
10. ____ seek to ensure that the enterprise will continue to function in the face of a wide range of potential occurrences.
a. Emergency plans c. Hazard plans
b. Preparedness plans d. Recovery plans
11. A well-defined set of ____ ensures a proper response should events continue to worsen or not meet the planning assumptions.
a. elevation procedures c. recovery procedures
b. intervention procedures d. escalation procedures
12. The ____ is assigned based on the criticality of the component in the overall business process.
a. RPO c. SOW
b. RTO d. SLA
13. The ____ documents all of the organizations assumptions about continuity and has to be based on a careful analysis of the various business circumstances and environmental conditions for a given organization.
a. SOW c. RPO
b. RTO d. SLA
14. The next step down from total redundancy is the ____.
a. Data Recovery Hotsite c. Data Recovery Warmsite
b. Data Recovery Coldsite d. Data Continuity Warmsite
15. The ____ defines the backup interval, which is established as part of the overall continuity plan.
a. RTO c. SLA
b. SOW d. RPO
16. ____ are meant to optimize the cost/risk factors for information that would be lost.
a. Checkpoints c. Recovery points
b. Restore points d. Backup points