Page 0

Faculty of Informatics and Computer Science ICS 606: Business Continuity and Risk Management
Dr. Alia El Bolock Spring Semester 2022
June 26, 2022 Second Chance Exam

Bar Code

Instructions: Read carefully before proceeding.

a) Duration of the exam: 2 hours (120 minutes).

b) No books or other aids are permitted for this test.

c) This exam booklet contains 9 pages, including this one. Two extra sheets of scratch paper are attached and
have to be kept attached. Note that if one or more pages are missing, you will lose their points. Thus,
you must check that your exam booklet is complete.
d) Write your solutions in the space provided. If you need more space, write on the back of the sheet containing
the problem or on the four extra sheets and make an arrow indicating that. Scratch sheets will not be graded
unless an arrow on the problem page indicates that the solution extends to the scratch sheets.
e) When you are told that time is up, stop working on the test.

Good Luck!

Don’t write anything below ;-)

P
Exercise 1 2 3
Possible Marks 20 10 20 50
Final Marks
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 1

Exercise 1 (20 Marks)

Clearly circle the correct answer in each question.

1 - A ———– is the recognition, enumeration, and documentation of risks to an organization’s information

assets.
a . risk appetite
b . risk identification
c . risk analysis
d . risk treatment
2 - Information assets have ———- when authorized users, are able to access them in the specified format
without interference or obstruction.

a . integrity
b . availability
c . confidentiality
d . risk assessment

3 - A(n) ————- represents a formal statement of the organization’s managerial philosophy.

a . policy
b . procedure
c . guideline
d . standard

4 - A(n) ————– security policy addresses specific areas of technology and contains a statement about the
organization’s position on a specific issue.

a . issue-specific
b . enterprise information
c . systems-specific
d . technology-specific

5 - ———– is/are responsible for the overall planning and development of the contingency planning process,
including the organization of subordinate teams and oversight of subordinate plans.

a . Executive management
b . The contingency planning management team (CPMT)
c . IT managers
d . The disaster recovery planning team

6 - Policy compliance means the employee ———.

a . must agree to the policy

b . must have read the policy
c . should follow the policy
d . has the option to comply with the policy
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 2

7 - A(n) —— is a detailed examination of the events that occurred, from first detection of an incident to final
recovery.

a . after-action review
b . reactive review
c . proactive review
d . audit review

8 - A resumption location known as a ———- is a fully configured computer facility capable of establishing
operations at a moment’s notice.

a . cold site
b . mirror site
c . service bureau
d . hot site

9 - A data ——– is the duplication of systems data to external media or a secondary location for the purpose of
long term retention; it is typically mandated by policy or regulation.
a . archive
b . backup
c . recovery
d . mirroring
10 - The ——- is the amount of effort (expressed as elapsed time) needed to make business functions work again
after the technology element is recovered.
a . recovery point objective
b . mean time to repair
c . work recovery time
d . training objective
11 - What is a common approach used in the discipline of systems analysis and design to understand the ways
systems operate and to chart process flows and inter-dependency studies?
a . database diagramming
b . network diagramming
c . application diagramming
d . systems diagramming
12 - The final component to the CPMT planning process is to deal with ——-.
a . BIA data collection
b . prioritizing mission/business processes
c . budgeting for contingency operations
d . identifying recovery priorities
13 - In contingency planning operations, ———– requires the largest budget expenditure; maintaining service
contracts to cover all the contingencies that the organization faces can be
a . business continuity
b . disaster recovery
c . incident response
d . crisis management
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 3

14 - The ———– is applying controls and safeguards that eliminate or reduce the remaining uncontrolled risk
a . Transference
b . Mitigation
c . Defense
d . Termination
15 - A recommended practice for the implementation of the IR plan document is to organize the contents so that
the first page contains the —— actions.

a . before attack
b . training
c . during attack
d . testing

16 - The IR plan is usually ——- when an indicator of an intrusion is reported.

a . placed on standby
b . not activated
c . placed on alert
d . activated

17 - The —— of an organization defines the roles and responsibilities for incident response by the CSIRT and
others who will be mobilized in the activation of the plan.

a . CSIRT policy
b . IR plan
c . IR procedures
d . IR policy

18 - The incident response policy element of —— states that the policy must use concrete language that directs
behavior and avoid statements that are subject to individual interpretation.
a . functionality
b . realism
c . enforceability
d . clarity
19 - The CP testing strategy in which the organization conducts a role-playing exercise as if an actual incident or
disaster had occurred is called a ———-.
a . desk check
b . simulation
c . structured walk-through
d . full-interruption test
20 - What is a description of a potential attack that includes as much information as the IRPT can document on
the most likely attack methods and attack points?
a . CSIRT
b . Attack scenario end case
c . Malicious Code
d . Attack scenario
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 4

Exercise 2 Definitions (10 = 5+2+3 Marks)

a) What are the five basic strategies used to control risk? Define ea ch.

b) What is disk striping, and how might it be considered the opposite of disk mirroring?

c) What are the three sets of time-based procedures that are often part of the IR planning process?
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 5

Exercise 3 Case Study (20 = 5+4+2+4+5 Marks)

eHealth or “digital health”, according to the World Health Organization’s European Office, “involves a broad
group of activities that use electronic means to deliver health-related information, resources and services: it is the
use of information and communication technologies for health” (World Health Organization 2017).
Solve the following questions based on the business units for the institute:
IT Department: Offering technologies that track the health records and related-data of the patients. It is used to
connect the health care professionals with patients.
Medical Department: Responsible for transforming data coming from the IT department to meaningful insight
that improve the patients health status.
Financial Department: Offering financial services for the technologies used and salaries of the employees.

a) Describe the business model of your business unit (IT Department, Medical Department and Financial De-
partment) in a few sentences. Mention 2 departments only for each business unit. NO EXTRA POINTS
WILL BE GRADED.

b) Describe what kind of assets is essential for your business, such as personnel, IT equipment and Information
technology. Mention 4 assets only for your suggested business model in each business unit. NO EXTRA
POINTS WILL BE GRADED.

c) Prioritize 2 assets only based on the importance of its contribution on the business. NO EXTRA POINTS
WILL BE GRADED.
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 6

d) Describe possible threats scenarios/attack vectors that may affect 4 assets only. NO EXTRA POINTS
WILL BE GRADED.

e) Find 4 security measurements that can protect against the aforementioned threats/attacks.
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 7

Scratch paper
ICS 606: Business Continuity and Risk Management, Second Chance Exam, June 26, 2022 Page 8

Scratch paper