《 灾难恢复与业务连续性计划》由会员分享,可在线阅读,更多相关《 灾难恢复与业务连续性计划(10页珍藏版)》请在金锄头文库上搜索。
1、第六章:灾难恢复与业务连续性计划第六章:灾难恢复与业务连续性计划C6-1 During an audit, an IS auditor notes that an organizations business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include: A .the level of info
2、rmation security required when business recovery procedures are invoked. B. information security roles and responsibilities in the crisis management structure. C. information security resource requirements. D. change management procedures for information security that could affect business continuit
3、y arrangements. 6-1 在审计中,一个IS审计师注意到一个组织的业务持续计划不能适当解决恢复过程中的 信息机密性。这个IS审计师应该推荐计划被修改: A.当业务恢复进程被启用时信息安全所需要的层次 B.在危机管理架构中的信息安全角色和责任 C.信息安全资源需求 D.信息安全的改变管理进程可能会影响业务持续安排A Business should consider whether information security levels required during recovery should be the same, lower or higher than when bus
4、iness is operating normally. In particular, any special rules for access to confidential data during a crisis need to be identified. The other choices do not directly address the information confidentiality issue. 答案答案 A 解析:解析:.业务应该考虑是否在恢复时需要相同的安全级别,或者比平时的低或者高。 特别的是,一些在紧急时候访问加密数据的规则需要被辨识。其他选项并不直接解决信
5、息 机密性问题。C6-2 During a disaster recovery test, an IS auditor observes that the performance of the disaster recovery sites server is slow. To find the root cause of this, the IS auditor should FIRST review the: A. event error log generated at the disaster recovery site. B. disaster recovery test plan.
6、 C. disaster recovery plan (DRP). D. configurations and alignment of the primary and disaster recovery sites. 6-2 在灾难恢复测试中,一个IS审计师发现灾难恢复站点的服务器缓慢,为了找出根本原 因,信息系统审计师应该首先审查: A.灾难备份点的事件错误日志生成B.灾难备份测试计划 C.灾难备份计划 D.配置并确保主站与和灾难备份点保持一致 D Since the configuration of the system is the most probable cause, the I
7、S auditor should review that first. If the issue cannot be clarified, the IS auditor should then review the event error log. The disaster recovery test plan and the disaster recovery plan (DRP) would not contain information about the system configuration. 答案答案 D 解析:解析:.既然系统配置是最可能的原因,IS 审计师因为首先检查。如果问
8、题不能被 澄清,IS 审计师检查事件错误日志。灾备测试计划灾备计划不应该包含系统配置的信息。 C6-3 Which of the following is the GREATEST risk when storage growth in a critical file server is not managed properly? A. Backup time would steadily increase B. Backup operational cost would significantly increase C. Storage operational cost would sign
9、ificantly increase D. Server recovery work may not meet the recovery time objective (RTO) 6-3 当一个关键的文件服务器存储量增长没有被合理的管理,哪个是最大的风险? A.备份时间将持续增加 B.备份操作成本将会显著增加 C.存储操作成本将会显著增加 D.服务器恢复将不能满足 RTO 的要求 D In case of a crash, recovering a server with an extensive amount of data could require a significant amoun
10、t of time. If the recovery cannot meet the recovery time objective (RTO), there will be a discrepancy in IT strategies. Its important to ensure that server restoration can meet the RTO. Incremental backup would only take the backup of the daily differential, thus a steady increase in backup time is
11、not always true. The backup and storage costs issues are not as significant as not meeting the RTO. 答案答案 D 解析:解析:.如果发生故障,恢复具有一些数据的服务器将会需要一个明显的时间点。如 果恢复不能满足目标恢复时间,将会在 IT 策略上产生差异。保证服务器恢复符合 RTO 非 常重要。增量备份将只备份每天的差异,这样一个稳固的备份时间增长是不正确的。备份 和存储成本并不象不符合 RTO 那样重要。 C6-4 An organization has a recovery time obje
12、ctive (RTO) equal to zero and a recovery point objective (RPO) close to I minute for a critical system. This implies that the system can tolerate: A. a data loss of up to 1 minute, but the processing must be continuous. B. a 1-minute processing interruption but cannot tolerate any data loss. C. a pr
13、ocessing interruption of I minute or more. D. both a data loss and a processing interruption longer than I minute. 6-4 一个组织有一个目标恢复时间接近于 0,一个目标恢复点至于关键系统接近 1 分站。 这暗示系统能承受: A.数据丢失最多 1 分钟,但是进程是持续的 B.1 分钟的进程中断,但是不能容忍数据丢失 C.一分钟或更多的进程中断 D.数据丢失和进程中断都超过 1 分钟A The recovery time objective (RTO) measures an org
14、anizations tolerance for downtime and the recovery point objective (RPO) mea sures how much data loss can be accepted. Choices B, C and D are incorrect since they exceed the RTO limits set by the scenario. 答案答案 A 解析:解析:.RTO 衡量一个组织对宕机时间的容忍度,RPO 衡量多少数据丢失可以被接 收。选项 B,C,D 不正确因为他们超过了这个场景的 RTO 限制。 C6-5 Whi
15、ch of the following issues should be the GREATEST concern to the IS auditor when reviewing an IT disaster recovery test? A. Due to the limited test time window, only the most essential systems were tested. The other systems were tested separately during the rest of the year. B. During the test it wa
16、s noticed that some of the backup systems were defective or not working, causing the test of these systems to fail. C. The procedures to shut down and secure the original production site before starting the backup site required far more time than planned. D. Every year, the same employees perform the test. The recovery plan documents are not used since every step is well known by all participants. 6-5 以下哪个问题是 IT 审计师审
