Your company decides to sell toys online and ships globally. An in-house team is responsible for developing the online shopping website, while an external software vendor will subcontract some modules. The management is concerned about the vendor’s software development capability. If the modules are outsourced as a project, which of the following vendor selection criteria best addresses the management’s concern? A. Projects are well-organized, executed, and repeatedly delivering results
B. Projects are managed proactively based on customizable organization-wide approaches
C. Projects are led by experienced, well-trained, and certified project managers.
D. Projects are awarded to a vendor with strong customer references and word of mouth
A disaster recovery team may be assigned to implement and maintain operations at the recovery site, and a salvage team is assigned to restore the primary site to operational capacity. Make these allocations according to the needs of your organization and the types of disasters you face.
Note: Recovery and restoration are separate concepts. In this context, recovery involves bringing business operations and processes back to a working state. Restoration involves bringing a business facility and environment back to a workable state.
Source: ISC2 CISSP Official Study Guide
AIO
The restoration team should be responsible for getting the alternate site into a working and functioning environment, and the salvage team should be responsible for starting the recovery of the original site.
Source: CISSP All-in-One Exam Guide
BCMPedia
Recovery Team
Recovery Team is a group of individuals with defined roles and responsibilities and is responsible for maintaining the recovery procedures and coordinating the recovery and resumption of business functions, processes or systems.
Restoration Team
The Restoration Team has the responsibility to return the damaged primary site to its normal condition.
Note: The team members are usually separate from the recovery team as they are not involved with the same issues the typical recovery team. The team has the mandate to safely clean, repair, salvage, and determine the viability of the primary site once the disaster has ended.
Salvage Team
The Salvage Team is to perform an assessment to determine the appropriate actions to be taken on the impacted assets.
Note: The team members are usually separate from the recovery team as they are not involved with the same issues the typical recovery team.
In some cases, an organization may have a separate team whose sole responsibility is to return the primary site back to operational status. This team usually is referred to as the Reconstitution Team.
While operations is ongoing at the alternate site, the Reconstitution Team works at the primary sitecleaning up, repairing equipment, and preparingeverything to return to normal operations so that a clean cutover back to the original site can be made.
Recovery is executing information system contingency plan activities to restore organizational missions/business functions.
Reconstitution takes place following recovery and includes activities for returning organizational information systems to fully operational states.
Recovery and reconstitution operations reflect mission and business priorities, recovery point/time and reconstitution objectives, and established organizational metrics consistent with contingency plan requirements.
Your company is constructing a new building with a structured cable system topology per the standard EIA/TIA 568. As a network engineer, you are designing an 802.3 network with hundreds of nodes. Which of the following is the least concern of your design? A. Attenuation
B. ARP Attack (Address Resolution Protocol)
C. CAM Table Overflows (Content Addressable Memory)
D. Teardrop Attack
You are designing a remote access solution to support sales representatives equipped with laptops, tablets, and smartphones as road warriors. Mobility, confidentiality, and integrity are your design objectives. Which of the following L2TP/IPsec VPN solutions best meets your requirements? A. IPsec Tunnel mode and AH protocol B. IPsec Tunnel mode and ESP protocol C. IPsec Transport mode and AH protocol D. IPsec Transport mode and ESP protocol
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
Your company is constructing a new building with a structured cable system topology per the standard EIA/TIA 568. As a network engineer, you are designing an 802.3 network with hundreds of nodes. Which of the following is the best strategy to mitigate the threat of network sniffing and denial of services? A. Manage the network with security domains
B. Separate the network into broadcast domains
C. Split the network into collision domains
D. Organize the network into DNS domains
Your company is constructing a new building with a structured cable system topology per the standard EIA/TIA 568. As a network engineer, you are designing an 802.3 network. The vertical backbone between floors is connected with optical cables. The horizontal cabling is implemented with Category 5e UTP. Which of the following is the most concern? A. Near-end Crosstalk (NEXT) between floors
B. Attenuation after signal transitioning by active hubs
C. Contention on media access
D. Loss of token and frames on high traffic transmission
Your company decides to sell toys online and ships globally. An in-house team is responsible for developing the online shopping website. A customer’s sales order is stored in a master table and several detail tables. Which of the following is least related to the data integrity across relations? A. Clark-Wilson Model
B. ACID (Atomicity, Consistency, Isolation, Durability)
C. Entity Integrity
D. Referential Integrity
Your company decides to sell toys online and ships globally. The in-house team and an outsourced team are collaborating to develop the online shopping website. The outsourced team is requesting customer data for software testing. The customer data are hashed, then masked with a star (*) symbol to prevent disclosing information about the subject to protect privacy. Which of the following best describes the de-identification technique? A. Anonymization
B. Scrambling
C. Deprivacy digesting
D. Pseudonymization
