Q. 1 What is the first step that individuals responsible for the development of a business continuity plan should perform?
- A. BCP team selection
- B. Business organization analysis
- C. Resource requirements analysis
- D. Legal and regulatory assessment
- A. Business impact assessment
- B. Business organization analysis
- C. Resource requirements analysis
- D. Legal and regulatory assessment
Q. 3 What is the term used to describe the responsibility of a firm’s officers and directors to ensure that adequate measures are in place to minimize the effect of a disaster on the organization’s continued viability?
- A. Corporate responsibility
- B. Review and validation of the business organization analysis
- C. Due diligence
- D. Going concern responsibility
Q. 4 What will be the major resource consumed by the BCP process during the BCP phase?
- A. Hardware
- B. Software
- C. Processing time
- D. Personnel
Q. 5 What unit of measurement should be used to assign quantitative values to assets in the priority identification phase of the business impact assessment?
- A. Monetary
- B. Utility
- C. Importance
- D. Time
Q. 6 Which one of the following BIA terms identifies the amount of money a business expects to lose to a given risk each year?
- A. ARO
- B. SLE
- C. ALE
- D. EF
Q. 7 What BIA metric can be used to express the longest time a business function can be unavailable without causing irreparable harm to the organization?
- A. SLE
- B. EF
- C. MTD
- D. ARO
Q. 8 You are concerned about the risk that an avalanche poses to your $3 million shipping facility. Based on expert opinion, you determine that there is a 5 percent chance that an avalanche will occur each year. Experts advise you that an avalanche would completely destroy your building and require you to rebuild on the same land. Ninety percent of the $3 million value of the facility is attributed to the building, and 10 percent is attributed to the land itself. What is the single loss expectancy of your shipping facility to avalanches?
- A. $3,000,000
- B. $2,700,000
- C. $270,000
- D. $135,000
Q. 9 You are concerned about the risk that an avalanche poses to your $3 million shipping facility. Based on expert opinion, you determine that there is a 5 percent chance that an avalanche will occur each year. Experts advise you that an avalanche would completely destroy your building and require you to rebuild on the same land. Ninety percent of the $3 million value of the facility is attributed to the building, and 10 percent is attributed to the land itself. What is the annualized loss expectancy?
- A. $3,000,000
- B. $2,700,000
- C. $270,000
- D. $135,000
Q. 10 You are concerned about the risk that a hurricane poses to your corporate headquarters in South Florida. The building itself is valued at $15 million. After consulting with the National Weather Service, you determine that there is a 10 percent likelihood that a hurricane will strike over the course of a year. You hired a team of architects and engineers who determined that the average hurricane would destroy approximately 50 percent of the building. What is the annualized loss expectancy (ALE)?
- A. $750,000
- B. $1.5 million
- C. $7.5 million
- D. $15 million
Q. 11 Martin recently completed a thorough quantitative risk assessment for his organization. Which one of the following risks is least likely to be adequately addressed by his assessment?
- A. Downtime from data center flooding
- B. Cost of recovery from denial of service attack
- C. Reputational damage from data breach
- D. Remediation costs from ransomware attack
Q. 12 Which resource should you protect first when designing continuity plan provisions and processes?
- A. Physical plant
- B. Infrastructure
- C. Financial resources
- D. People
Q. 13 Which one of the following concerns is not suitable for quantitative measurement during the business impact assessment?
- A. Loss of a plant
- B. Damage to a vehicle
- C. Negative publicity
- D. Power outage
Q. 14 Lighter Than Air Industries expects that it would lose $10 million if a tornado struck its aircraft operations facility. It expects that a tornado might strike the facility once every 100 years. What is the single loss expectancy for this scenario?
- A. 0.01
- B. $10,000,000
- C. $100,000
- D. 0.10
Q. 15 Referring to the scenario in question 14, what is the annualized loss expectancy?
- A. 0.01
- B. $10,000,000
- C. $100,000
- D. 0.10
Q. 16 In which business continuity planning task would you actually design procedures and mechanisms to mitigate risks deemed unacceptable by the BCP team?
- A. Strategy development
- B. Business impact assessment
- C. Provisions and processes
- D. Resource prioritization
Q. 17 What type of mitigation provision is utilized when redundant communications links are installed?
- A. Hardening systems
- B. Defining systems
- C. Reducing systems
- D. Alternative systems
Q. 18 What type of plan addresses the technical controls associated with alternate processing facilities, backups, and fault tolerance?
- A. Business continuity plan
- B. Business impact assessment
- C. Disaster recovery plan
- D. Vulnerability assessment
Q. 19 What is the formula used to compute the single loss expectancy for a risk scenario?
- A. SLE = AV × EF
- B. SLE = RO × EF
- C. SLE = AV × ARO
- D. SLE = EF × ARO
Q. 20 Of the individuals listed, who would provide the best endorsement for a business continuity plan’s statement of importance?
- A. Vice president of business operations
- B. Chief information officer
- C. Chief executive officer
- D. Business continuity manager
No comments:
Post a Comment