Page 1561 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1561
Chapter 18: Disaster Recovery Planning
1. C. Once a disaster interrupts the business operations, the goal of
DRP is to restore regular business activity as quickly as possible.
Thus, disaster recovery planning picks up where business
continuity planning leaves off.
2. C. A power outage is an example of a man-made disaster. The other
events listed—tsunamis, earthquakes, and lightning strikes—are all
naturally occurring events.
3. D. Forty-one of the 50 U.S. states are considered to have a
moderate, high, or very high risk of seismic activity. This rounds to
80 percent to provide the value given in option D.
4. B. Most general business insurance and homeowner’s insurance
policies do not provide any protection against the risk of flooding
or flash floods. If floods pose a risk to your organization, you
should consider purchasing supplemental flood insurance under
FEMA’s National Flood Insurance Program.
5. B. Redundant arrays of inexpensive disks (RAID) are fault
tolerance controls that allow an organization’s storage service to
withstand the loss of one or more individual disks. Load balancing,
clustering, and HA pairs are all fault tolerance services designed
for servers, not storage.
6. C. Cloud computing services provide an excellent location for
backup storage because they are accessible from any location.
7. B. The term 100-year flood plain is used to describe an area where
flooding is expected once every 100 years. It is, however, more
mathematically correct to say that this label indicates a 1 percent
probability of flooding in any given year.
8. D. When you use remote mirroring, an exact copy of the database
is maintained at an alternative location. You keep the remote copy
up-to-date by executing all transactions on both the primary and
