Top 20 Disaster Recovery Questions and Answers
Top 20 Disaster Recovery Questions and Answers

Top 20 Disaster Recovery Questions and Answers

Disaster recovery is a critical aspect of modern business and technology operations. It involves the strategies, processes, and technologies employed to safeguard an organization’s data, systems, and operations in the event of unexpected disruptions or catastrophic events. From natural disasters to cyberattacks and hardware failures, disaster recovery planning is essential for ensuring business continuity and data integrity.

To assist you in understanding this vital topic, we have compiled the top 20 disaster recovery questions and answers that cover various aspects of disaster recovery planning, implementation, and best practices. Whether you’re an IT professional, a business owner, or someone concerned about the resilience of your organization, these questions and answers will provide valuable insights into the world of disaster recovery and help you better prepare for the unexpected.

Q1. The U.S. National Institute of Standards and Technology defines the incident response life cycle as having four main processes: 1) preparation; 2) detection and analysis; 3) containment, eradication, and recovery; and 4) __.

Select one:
a. incident report
b. triage
c. post-incident activity
d. resolution

Q2. A __ is an agency that provides physical facilities in the event of a disaster for a fee.

Select one:
a. time-share
b. service bureau
c. cold site
d. mobile site

Q3. A __ is commonly a single device or server that attaches to a network and uses TCP/IP-based protocols and communications methods to provide an online storage environment.

Select one:
a. storage area network
b. network-attached storage
c. remote journal
d. virtual machine monitor

Q4. A(n) __ backup only archives the files that have been modified since the last backup.

Select one:
a. daily
b. differential
c. incremental
d. copy

Q5. RAID 0 creates one logical volume across several available hard disk drives and stores the data using __, in which data segments are written in turn to each disk drive in the array.

Select one:
a. disk mirroring
b. disk striping
c. disk duplexing
d. disk coding

Q6. Some recovery strategies seek to improve the __ of a server or system in addition to, or instead of, performing backups of data.

Select one:
a. robustness
b. accuracy
c. speed
d. cost-effectiveness

Q7. __ uses a number of hard drives to store information across multiple drive units.

Select one:
a. Legacy backup
c. Continuous database protection
d. Virtualization

Q8. A CPMT should include _ who can oversee the security planning of the project and provide information on threats, vulnerabilities, and recovery requirements needed in the planning process

Select one:
a. business managers
b. human resource managers
c. physical plant managers
d. information security managers

Q9. An manual alternative to the normal way of accomplishing an IT task might be employed in the event that IT is unavailable. This is called a __.

Select one:
a. workload shift
b. business disruption experience
c. work outflow
d. work-around procedure

Q10. Companies may want to consider budgeting for contributions to employee loss expenses (such as funerals) as well as for counseling services for employees and loved ones as part of __.

Select one:
a. crisis management budgeting
b. incident response budgeting
c. risk assessment budgeting
d. recovery criticality budgeting

Q11. In a CPMT, a(n) __ leads the project to make sure a sound project planning process is used, a complete and useful project plan is developed, and project resources are prudently managed.

Select one:
a. incident manager
b. champion
c. crisis manager
d. project manager

Q12. To a large extent, incident response capabilities are part of a normal IT budget. The only area in which additional budgeting is absolutely required for incident response is the maintenance of __.

Select one:
a. audit documentation
b. redundant equipment
c. BIA questionnaires
d. local area networks

Q13. What is a common approach used in the discipline of systems analysis and design to understand the ways systems operate and to chart process flows and interdependency studies?

Select one:
a. database diagramming
b. network diagramming
c. application diagramming
d. systems diagramming

Q14. Which of the following collects and provides reports on failed login attempts, probes, scans, denial-of-service attacks, and detected malware?

Select one:
a. departmental reports
b. financial reports
c. scheduled reports
d. system logs

Q15. A __ attack seeks to deny legitimate users access to services by either tying up a server’s available resources or causing it to shut down.

Select one:
a. Trojan horse
b. DoS
c. social engineering
d. spyware

Q16. A __ deals with the preparation for and recovery from a disaster, whether natural or man-made.

Select one:
a. mitigation plan
b. disaster recovery plan
c. risk management
d. risk assessment

Q17. A __ is a document that describes how, in the event of a disaster, critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site.

Select one:
a. risk assessment plan
b. business continuity plan
c. incident response plan
d. disaster recovery plan

Q18. A(n) __ is an investigation and assessment of the impact that various attacks can have on the organization.

Select one:
a. business impact analysis (BIA)
b. incident response analysis (IRA)
c. business continuity analysis (BCA)
d. threat analysis

Q19. __ assigns a risk rating or score to each information asset. Although this number does not mean anything in absolute terms, it is useful in gauging the relative risk to each vulnerable information asset and facilitates the development of comparative ratings later in the risk control process.

Select one:
a. BC
b. Risk assessment
c. DR
d. Avoidance

Q20. Information assets have __ when they are not exposed (while being stored, processed, or transmitted) to corruption, damage, destruction, or other disruption of their authentic states.

Select one:
a. risk assessment
b. availability
c. integrity
d. confidentiality


  1. c
  2. b
  3. b
  4. c
  5. b
  6. a
  7. b
  8. d
  9. d
  10. a
  11. d
  12. b
  13. d
  14. d
  15. b
  16. b
  17. b
  18. a
  19. b
  20. c