Regulations like SOX and the recently approved Personal Data Privacy and Security Act are bringing the importance of data protection to light. Loss of data -- be it inadvertent or surreptitious -- can result in fines, loss of revenue and loss of customer confidence. Take our quiz to see how much you know about securing data storage.
1.) Which of the following is not a potential problem associated with encrypting data when it's backed up?
a. Slow down in backup and recoveries
b. Loss of compression
c. Rogue admins can read old backups
d. Can't encrypt data when transmitted
2.) Which type of backup is the safer of the two?
a. Cold backup
b. Hot backup
3.) True or false: It is possible to encrypt all backups?
4.) California SB-1386 requires companies to...
a. Alert customers when a third-party has requested access to their data.
b. Notify customers in writing after a data breach.
c. Encrypt backed up data with 128-bit encryption.
d. Appoint a data steward to secure customer information.
5.) What type of backup encryption has the highest upfront cost?
a. Backup software encryption
b. In-line hardware encryption
c. Source encryption
d. Initial costs are roughly equivalent.
Disaster recovery/Business continuity
6.) What is the first step in business continuity planning?
a. Put in place failover mechanisms
b. Apportion available budget
c. Identify essential functions
d. None of the above
7.) Which of the following precautions help limit downtime?
a. Constant monitoring
b. Regular testing of recovery procedure
c. Thorough documentation of system configurations, patches, etc.
d. All of the above
8.) Which of the following plans specifies a means of maintaining essential services at a crisis location?
a. Contingency plan
b. Business recovery plan
c. Business resumption plan
d. Disaster recovery plan
9.) Which of the following, as part of a business continuity plan, is applied to mission-critical systems that must be constantly available?
10.) What do incident response and business continuity plans have in common?
a. They both seek to reduce recovery time and costs.
b. They both define in specific terms what constitutes an incident.
c. They are only practical for larger enterprises.
d. The first step of both is to identify essential functions of the organization.