Page425

  1. Which type of backup will include only those files that have changed since the most recent Full backup?
    A. Full
    B. Differential
    C. Incremental
    D. Binary

Correct Answer and Explanation: B. Answer B is correct; differential backups will only archive those files that have changed since the most recent full backup.

Incorrect Answers and Explanations: A, C, and D. Answers A, C, and D are incorrect. A full backup would archive all files regardless of whether they had changed or not. An incremental backup will only archive those files that have changed since the last incremental or full backup. Binary backups are used for forensics and incident response purposes and will backup everything on the entire disk, both allocated and unallocated space.

  1. Which preventive control would be most appropriate to defend a custom developed application from SQL injection attacks?
    A. Web Application Firewall (WAF)
    B. Vulnerability scanner
    C. Intrusion Prevention System (IPS)
    D. Sandboxing

Correct Answer and Explanation: A. Answer A is correct; the emphasis on a custom developed application coupled with SQL injection makes web application firewall (WAF) the best answer.

Incorrect Answers and Explanations: B, C, and D. Answers B, C, and D are incorrect. Vulnerability scanners, IPS, and sandboxing prove much less successful in defending against application security flaws, especially in the case of custom developed applications.

  1. What statement regarding the Business Continuity Plan is true?
    A. BCP and DRP are separate, equal plans
    B. BCP is an overarching “umbrella” plan that includes other focused plans such as DRP
    C. DRP is an overarching “umbrella” plan that includes other focused plans such as BCP
    D. COOP is an overarching “umbrella” plan that includes other focused plans such as BCP

Correct Answer and Explanation: B. Answer B is correct; the Business Continuity Plan is an umbrella plan that includes multiple specific plans, most importantly the Disaster Recovery Plan.

Incorrect Answers and Explanations: A, C, and D. Answers A, C, and D are incorrect. All incorrectly state that BCP is equal to, or a subset of other plans.

  1. Which HA solution involves multiple systems all of which are online and actively processing traffic or data?
    A. Active-active cluster
    B. Active-passive cluster
    C. Database shadowing
    D. Remote journaling

Correct Answer and Explanation: A. Answer A is correct; an active-active cluster involves multiple systems all of which are online and actively processing traffic or data. This configuration is also commonly referred to as load balancing, and is especially common with public facing systems such as Web server farms.

Incorrect Answers and Explanations: B, C, and D. Answers B, C, and D are incorrect. An active-passive involves devices or systems that are already in place, configured, powered on, and ready to begin processing network traffic should a failure occur on the primary system. Database shadowing uses two or more identical databases that are updated simultaneously. Remote journaling saves the database checkpoints and database journal to a remote site. In the event of failure at the primary site, the database may be recovered.

  1. Which plan is designed to provide effective coordination among the managers of the organization in the event of an emergency or disruptive event?
    A. Call tree
    B. Continuity of Support Plan
    C. Crisis Management Plan
    D. Crisis Communications Plan

Correct Answer and Explanation: C. Answer C is correct; the Crisis Management Plan (CMP) is designed to provide effective coordination among the managers of the organization in the event of an emergency or disruptive event.

Incorrect Answers and Explanations: A, B, and D. Answers A, B, and D are incorrect. The call tree works by assigning each employee a small number of other employees they are responsible for calling in an emergency event. The Continuity of Support Plan focuses narrowly on support of specific IT systems and applications. Crisis Communications Plan (sometimes simply called the communications plan); a plan for communicating to staff and the public in the event of a disruptive event. This plan is a subset of the CMP.