Chapter 7 ■ Security Operations (Domain 7) 157
C. PaaS
D. SaaS- Which one of the following information sources is useful to security administrators seek-
ing a list of information security vulnerabilities in applications, devices, and operating
systems?
A. OWA SP
B. Bugtraq
C. Microsoft Security Bulletins
D. CVE - Which of the following would normally be considered an example of a disaster when
performing disaster recovery planning?
I. Hacking incident
II. Flood
III. Fire
IV. Terrorism
A. II and III only
B. I and IV only
C. II, III, and IV only
D. I, II, III, and IV - Glenda would like to conduct a disaster recovery test and is seeking a test that will allow a
review of the plan with no disruption to normal information system activities and as mini-
mal a commitment of time as possible. What type of test should she choose?
A. Tabletop exercise
B. Parallel test
C. Full interruption test
D. Checklist review - Which one of the following is not an example of a backup tape rotation scheme?
A. Grandfather/Father/Son
B. Meet in the middle
C. Tower of Hanoi
D. Six Cartridge Weekly