Читаем CISSP Practice полностью

“Creating a Patch and Vulnerability Management Program (NIST SP800-40V2),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, November 2005.

“Engineering Principles for IT Security (NIST SP800-27 Revision A),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, June 2004.

“Guide to Malware Incident Prevention and Handling (NIST SP800-83),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, November 2005.

“Guide to Storage Encryption Technologies for End User Devices (NIST SP800-111Draft),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, August 2007.

“Guidelines for Media Sanitization (NIST SP800-88 Revision 1),” National Institute of Standards and Technology (NIST), U.S. Department of Commerce, Gaithersburg, Maryland, September 2006.

Walden, Bob. “Data Storage Management.” An NSS Group’s White Paper, 1991–2001.

Domain 8

Business Continuity and Disaster Recovery Planning

Traditional Questions, Answers, and Explanations

1. Which of the following information technology (IT) contingency solution for servers minimizes the recovery time window?

a. Electronic vaulting

b. Remote journaling

c. Load balancing

d. Disk replication

1. d. With disk replication, recovery windows are minimized because data is written to two different disks to ensure that two valid copies of the data are always available. The two disks are called the protected server (the main server) and the replicating server (the backup server). Electronic vaulting and remote journaling are similar technologies that provide additional data backup capabilities, with backups made to remote tape or disk drives over communication links. Load balancing increases server and application system availability.

2. Which of the following IT contingency solutions for servers provides high availability?

a. Network-attached storage

b. System backups

c. Redundant array of independent disks

d. Electronic vaulting

2. a. Virtualization network-attached storage (NAS) or storage-area network (SAN) provide high availability because it combines multiple physical storage devices into a logical, virtual storage device that can be centrally managed. System backups provide low availability. A redundant array of independent disks and electronic vaulting provide availability levels between high and low.

3. Regarding contingency planning, which of the following IT platforms requires vendor service-level agreements?

a. Desktop computers

b. Servers

c. Distributed systems

d. Wide-area networks

3. d. A wide-area network (WAN) is a data communications network that consists of two or more local-area networks (LANs) that are dispersed over a wide geographical area. WAN communication links, usually provided by a public carrier, enable one LAN to interact with other LANs. Service-level agreements (SLAs) can facilitate prompt recovery following software or hardware problems associated with the network. An SLA also may be developed with the network service provider (NSP) or the Internet service provider (ISP) to guarantee the desired network availability and establish tariffs if the vendor’s network is unavailable. Desktop computers, servers, and distributed system are not as complicated as WANs requiring SLAs.

4. Regarding business continuity planning (BCP) and disaster recovery planning (DRP), which of the following contingency solutions for wide-area networks (WANs) increases vulnerability to hackers?

a. Redundant communication links

b. Multiple network service providers

c. Multiple Internet connections

d. Redundant network connecting devices

4. c. It is true that multiple Internet connections increase a network’s vulnerability to hackers. But at the same time, multiple Internet connections provide redundancy, meaning that if one connection were to fail, Internet traffic could be routed through the remaining connection. So, there is a trade-off between security and availability.