BCP and DR Initiative

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

What is the FIRST step taken by the security team in the initiative?

  • Implement replication of all servers and application data to back-to-back up datacenters
  • Have each business unit conduct a BIA and categorize applications (correct)
  • Perform a review of all policies and procedures related to BCP and DR
  • Create an SLA for each application with business units

What is the primary goal of the security team's initiative?

  • To develop an educational module on BCP/DR events
  • To create an SLA for each application with business units
  • To determine the order of applications to be brought back online (correct)
  • To implement replication of all servers and application data

What is the purpose of a Business Impact Analysis (BIA)?

  • To develop an SLA for each application with business units
  • To determine the operational importance of each application (correct)
  • To create an educational module on BCP/DR events
  • To implement replication of all servers and application data

Why is it important to determine the operational importance of each application?

<p>To determine the order in which applications must be brought back online (B)</p> Signup and view all the answers

What is the geographical scope of the social media application?

<p>Multi-geographic locations around the world (D)</p> Signup and view all the answers

Where is the organization's headquarters and only datacenter located?

<p>New York City (D)</p> Signup and view all the answers

What was the primary issue that the e-commerce company's web server faced during the last two holiday seasons?

<p>Performance issues due to too many connections (D)</p> Signup and view all the answers

What is the most cost-effective solution to address the e-commerce company's web server performance issues?

<p>Move the server to a cloud provider (A)</p> Signup and view all the answers

What is the primary security objective when applying cryptography to control messages in an ICS?

<p>Assuring the integrity of messages (D)</p> Signup and view all the answers

What is the estimated time required to restore the human resources fileshare after a ransomware attack?

<p>4 hours (D)</p> Signup and view all the answers

How often did the human resources fileshare get backed up?

<p>Every 48 hours (A)</p> Signup and view all the answers

What was the impact of the ransomware attack on the human resources fileshare?

<p>The entire fileshare was encrypted (B)</p> Signup and view all the answers

What is the primary requirement for web servers in the given corporate firewall architecture?

<p>Receive updates via HTTP/S from the corporate network (D)</p> Signup and view all the answers

What is the purpose of Firewall_A in the given architecture?

<p>Route traffic from the corporate network to web servers (D)</p> Signup and view all the answers

What is the purpose of the rule 'Add the following to Firewall_A: 15 PERMIT FROM 10.0.0.0/16 TO 0.0.0.0/0 TCP 80,443'?

<p>Allow incoming HTTP/S traffic from the corporate network (C)</p> Signup and view all the answers

What is the primary goal of the developer in maintaining integrity to each module of a program?

<p>Ensure the code cannot be altered by malicious users (B)</p> Signup and view all the answers

What is the purpose of Firewall_B in the given architecture?

<p>Route traffic from web servers to the corporate network (A)</p> Signup and view all the answers

What is the primary requirement for employees' computing devices in the given corporate firewall architecture?

<p>Connect to web services over ports 80 and 443 (C)</p> Signup and view all the answers

What is the recommended action based on the RPO requirement of 24 hours?

<p>Increase the frequency of backups and create SIEM alerts for IOCs (B)</p> Signup and view all the answers

What is the first step the security analyst should take upon observing suspicious network traffic?

<p>Investigate web logs to determine if the traffic is normal (D)</p> Signup and view all the answers

What is the primary concern of the security analyst regarding the malicious piece of code on the Linux system?

<p>The code is performing a lot of input/output (I/O) on the disk drive (A)</p> Signup and view all the answers

What should the management team prioritize based on the RPO requirement?

<p>Increasing the frequency of backups (C)</p> Signup and view all the answers

What is the most likely reason for the security analyst to investigate the web logs?

<p>To identify potential security threats (B)</p> Signup and view all the answers

What should the security analyst do next after identifying the process ID of the malicious code?

<p>Access the host via EDR and identify processes with network connections (D)</p> Signup and view all the answers

Who is ultimately responsible for a breach in a cloud-hosted application with a managed database?

<p>The pharmaceutical company (D)</p> Signup and view all the answers

What is the primary risk associated with failed API calls in an e-commerce site?

<p>Damage to the company's reputation (B)</p> Signup and view all the answers

What is the purpose of a self-healing system?

<p>To address system unavailability (C)</p> Signup and view all the answers

What is the primary purpose of the secure storage room?

<p>To restrict access to authorized personnel (D)</p> Signup and view all the answers

What is the purpose of the cameras positioned on both sides of the door?

<p>To identify any unauthorized individuals (A)</p> Signup and view all the answers

What is the purpose of the card reader issued by the security team?

<p>To restrict access to authorized personnel (C)</p> Signup and view all the answers

Flashcards are hidden until you start studying

More Like This

Use Quizgecko on...
Browser
Open
Browser
Browser