ISC2 CC Business Continuity, DR & Incident Response • Complete Question Bank
Complete ISC2 CC Business Continuity, DR & Incident Response question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. --- Incident #1023 - Malware Infection Detection: Antivirus alert on workstation WKS-045 Time: 2024-03-15 14:22 UTC Actions: 14:25 - Isolated WKS-045 from network 14:30 - Scanned system, detected Trojan.Downloader 14:35 - Escalated to incident handler 14:45 - Removed malware via AV 15:00 - System back online ---
Refer to the exhibit. --- Backup Configuration (extract): - Full backup: Every Sunday at 01:00 - Differential backup: Monday-Saturday at 01:00 - Retention: 30 days --- A server fails on Wednesday at 10:00. The administrator restores from the most recent full backup and applies the latest differential backup. How much data loss is expected?
Refer to the exhibit.
syslog-ng configuration:
@version: 3.35
destination d_remote { syslog("10.0.0.10" transport("tls") port(6514)); };
log { source(s_sys); destination(d_remote); };
Firewall rule on logging server:
permit tcp host 10.0.0.10 eq 6514 host 192.168.1.100Refer to the exhibit. ! Configuration snippet from router R1 access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 80 access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 443 access-list 100 deny ip any any log ! interface GigabitEthernet0/0 ip access-group 100 in !
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Owner sets permissions
System-enforced labels
Roles determine access
Attributes and policies
Drag a concept onto its matching description — or click a concept then click the description.
Same key for encrypt and decrypt
Key pair: public and private
One-way transformation to fixed size
Ensures authenticity and non-repudiation
Binds a public key to an identity
Backup Log: 10/12/2024 02:00:00 INFO Starting full backup to tape 10/12/2024 02:30:00 ERROR Tape drive connection lost 10/12/2024 02:35:00 INFO Retrying... 10/12/2024 03:00:00 ERROR Backup failed: insufficient storage space
Backup Configuration: - Full backup: Every Sunday at 01:00 - Incremental backup: Every 4 hours - RTO: 4 hours - RPO: 1 hour
DR Drill Report: - Network failover: 5 minutes (success) - Database failover: FAILED (inconsistent data) - Root cause: Asynchronous replication lag caused data mismatch
2023-10-15 14:32:01 DENY TCP 10.0.1.10 192.168.1.1 80 8080 2023-10-15 14:32:02 DENY TCP 10.0.1.11 192.168.1.1 80 8080 2023-10-15 14:32:03 DENY TCP 10.0.1.12 192.168.1.1 80 8080
BackupPolicy: Source: /srv/db Destination: s3://backup-bucket/daily/ Schedule: 0 2 * * * Encryption: AES-256 Retention: 30 days Tests: Quarterly
ERROR 2023-10-16 03:00:00 Replication failed: checksum mismatch on table 'orders' between primary (hash: a1b2c3) and standby (hash: d4e5f6) WARN 2023-10-16 03:00:01 Automatic recovery initiated ERROR 2023-10-16 03:15:00 Replication failed: checksum mismatch again
[IDS Alert] Timestamp: 2024-01-20 14:30:00 Signature: SQL Injection Attempt Source IP: 10.10.10.5 Destination IP: 192.168.1.10 Payload: OR 1=1-- Action: Alert
Backup Job: prod_db_2024-01-15 Status: FAILED Reason: Checksum mismatch for file user_data.bak Expected: a1b2c3d4e5f6 Actual: 1a2b3c4d5e6f
access-list 100 permit tcp host 10.0.1.0 0.0.0.255 host 192.168.2.100 eq 443 access-list 100 deny tcp any any eq 443 access-list 100 permit ip any any
[2025-03-05 14:32:18] BLOCK: src=10.0.2.100 dst=203.0.113.50 port=4444 proto=TCP rule=IDS_Alert_Signature [2025-03-05 14:32:19] BLOCK: src=10.0.2.100 dst=203.0.113.51 port=4444 proto=TCP [2025-03-05 14:32:20] BLOCK: src=10.0.2.100 dst=203.0.113.52 port=4444 proto=TCP