Читаем CISSP Practice полностью

163. a. Full restores are used to recover from catastrophic events or when performing system upgrades and system reorganizations and consolidations. All the data on media is fully restored.

Individual file restores, by their name, restore the last version of a file that was written to media because it was deleted by accident or ruined. Redirected restores store files on a different location or system than the one they were copied from during the backup operations. Group file restores handle two or more files at a time.

164. Which of the following file backup strategies is preferred when a full snapshot of a server is required prior to upgrading it?

a. Full backups

b. Incremental backups

c. Differential backups

d. On-demand backups

164. d. On-demand backups refer to the operations that are done outside of the regular backup schedule. This backup method is most useful when backing up a few files/directories or when taking a full snapshot of a server prior to upgrading it. On-demand backups can act as a backup for regular backup schedules.

Full backups are incorrect because they copy all data files and programs. It is a brute force method providing a peace of mind at the expense of valuable time. Incremental backups are incorrect because they are an inefficient method and copy only those files that have changed since the last backup. Differential backups are incorrect because they copy all data files that have changed since the last full backup. Only two files are needed to restore the entire system: the last full backup and the last differential backup.

165. Which one of the following database backup strategies is executed when a database is running in a local-area-network environment?

a. Cold backup

b. Hot backup

c. Logical backup

d. Offline backup

165. b. Hot backups are taken when the database is running and updates are being written to it. They depend heavily on the ability of log files to stack up transaction instructions without actually writing any data values into database records. While these transactions are stacking up, the database tables are not being updated, and therefore can be backed up with integrity. One major problem is that if the system crashes in the middle of the backup, all the transactions stacking up in the log file are lost.

The idea of cold backup is to shut down the database and back it up while no end users are working on the system. This is the best approach where data integrity is concerned, but it does not service the customer (end user) well.

Logical backups use software techniques to extract data from the database and write the results to an export file, which is an image file. The logical backup approach is good for incremental backups. Offline backup is another term for cold backup.

166. Contrary to best practices, information systems’ security training is usually not given to which of the following parties?

a. Information systems security staff

b. Functional users

c. Computer operations staff

d. Corporate internal audit staff

166. c. The information systems’ security training program should be specifically tailored to meet the needs of computer operations staff so that they can deal with problems that have security implications. However, the computer operations staff is usually either taken for granted or completely forgotten from training plans.

The information systems’ security staff is provided with periodic training to keep its knowledge current. Functional users will definitely be given training so that they know how to practice security. Corporate internal audit staff is given training because it needs to review the IT security goals, policies, procedures, standards, and practices.

167. Which one of the following is a direct example of social engineering from a computer security viewpoint?

a. Computer fraud

b. Trickery or coercion techniques

c. Computer theft

d. Computer sabotage

167. b. Social engineering is a process of tricking or coercing people into divulging their passwords. Computer fraud involves deliberate misrepresentation, alteration, or disclosure of data to obtain something of value. Computer theft involves stealing of information, equipment, or software for personal gain. Computer sabotage includes planting a Trojan horse, trapdoor, time bomb, virus, or worm to perform intentional harm or damage. The difference in the other three choices is that there is no trickery or coercion involved.