CISSP PRACTICE QUESTIONS – 20210327

Effective CISSP Questions

You are evaluating alternative sites to support the continuous delivery of products and services if a disaster materializes. Which of the following is the best benefit of a cold site? (Wentz QOTD)
A. Shorten the relocation time
B. Provide off-site data vaulting
C. Respond to e-discovery requests
D. Reserve alternative computing capacities

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Shorten the relocation time.

A cold site does not have the computer equipment in place, so it doesn’t provide off-site data vaulting, reserve alternative computing capacities, or respond to e-discovery requests.

A cold site is the most inexpensive form of the alternative or backup site. It takes more time to recover the computer facility and resume business operations than a warm site or hot site. However, a cold site does shorten the relocation time in general. For example, it saves the time to locate an appropriate place, conduct a site survey (e.g., Crime Prevention Through Environmental Design), negotiate the contract with the landlord, and prepare basic facilities like raised floors, air conditioning, power, and communication lines, etc.

Alternative Sites

“Generally, an Alternate Site refers to a site where people and the equipment that they need to work is relocated for a period of time until the normal production environment, whether reconstituted or replaced, is available.” (Wikipedia)

Cold site: A backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place. The site is ready to receive the necessary replacement computer equipment in the event that the user has to move from their main computing location to an alternate site.

Warm site: An environmentally conditioned work space that is partially equipped with information systems and telecommunications equipment to support relocated operations in the event of a significant disruption.

Hot site: A fully operational offsite data processing facility equipped with hardware and software, to be used in the event of an information system disruption.

Source: NIST SP 800-34 Rev. 1

E-discovery

Electronic discovery (also e-discovery or ediscovery) refers to discovery in legal proceedings such as litigation, government investigations, or Freedom of Information Act requests, where the information sought is in electronic format (often referred to as electronically stored information or ESI).

Source: Wikipedia

Reference

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

您正在評估備援站點(alternative site),以便在災難發生時支持產品和服務的持續交付。以下哪個是冷站點(cold site)的最大好處? (Wentz QOTD)
A. 縮短搬遷(relocation)時間
B. 提供異地數據儲存(data vaulting)
C. 回應電子發現(e-discovery)要求
D. 保留替代計算能力(alternative computing capacities)

Leave a Reply