Home

Tutoring

Subjects

Live Classes

Study Coach

Essay Review

On-Demand Courses

Colleges

Games

Opening subject page...

Loading your content

← Back to quizzes

CPA Isc

CPA Isc Quiz: Data Storage Backup Recovery Processes

Practice Data Storage Backup Recovery Processes in CPA Isc with focused quiz questions that help you check what you know, review explanations, and build confidence with test-style prompts.

What this quiz covers

This quiz focuses on Data Storage Backup Recovery Processes, giving you a quick way to practice the rules, question types, and explanations that matter most for CPA Isc.

How to use this quiz

Try each quiz question before looking at the correct answer. Use the explanations to review missed ideas, then come back to similar questions until the pattern feels familiar.

Question 1

A company performs full backups every Sunday and incremental backups Monday through Saturday. A system failure occurs on Friday. To restore the system completely, the company must restore:

  1. Only the most recent incremental backup from Thursday.
  2. The Sunday full backup only.
  3. The Sunday full backup plus all incremental backups from Monday through Thursday.
  4. All daily incremental backups from the past week without the full backup.
Explanation: Incremental backups only capture changes since the last backup. To restore fully, the last full backup (Sunday) must be restored first, then each incremental backup applied in sequence (Mon, Tue, Wed, Thu) to rebuild the complete data state. Answer C is correct. The most recent incremental alone (A) only contains Thursday's changes. The full backup alone (B) is missing a week of changes. Incrementals without the full backup (D) cannot reconstruct the complete dataset.

Question 2

Which of the following backup types captures only the data that has changed since the last full backup, regardless of whether intervening differential or incremental backups were performed?

  1. Incremental backup
  2. Differential backup
  3. Mirror backup
  4. Snapshot backup
Explanation: A differential backup captures all changes since the last full backup, growing larger over time but requiring only two restores (full + latest differential). Answer B is correct. An incremental backup (A) captures only changes since the last backup of any type. A mirror backup (C) is an exact real-time copy. A snapshot (D) captures the state at a specific point in time using pointers.

Question 3

The '3-2-1 backup rule' recommends that organizations:

  1. Perform backups three times per day, two days per week, once per month.
  2. Maintain three recovery team members, two recovery sites, and one recovery plan.
  3. Test backups three times per year, with two full restores and one partial restore.
  4. Maintain three copies of data, on two different storage media types, with one copy stored offsite.
Explanation: The 3-2-1 rule is a backup best practice: 3 total copies of data, stored on 2 different media types (e.g., disk and tape), with 1 copy kept offsite to protect against localized disasters. Answer D is correct. The other answers fabricate rules not associated with the 3-2-1 principle.

Question 4

An organization stores its backup tapes in a fireproof safe within the same building as its primary servers. The primary risk of this backup strategy is:

  1. A site-wide disaster (fire, flood, earthquake) could destroy both the primary systems and the backup tapes simultaneously, making recovery impossible.
  2. The backup tapes may be accessed by unauthorized personnel since they are stored on-site.
  3. On-site backup storage is more expensive than offsite storage.
  4. The backup tapes will degrade faster in a fireproof safe than in an offsite facility.
Explanation: Storing backups in the same location as primary systems means a single catastrophic event can destroy both, eliminating recovery capability. Offsite storage is required to protect against site-level disasters. Answer A is correct. While unauthorized access (B) is a risk, it is not the primary concern with on-site storage. Cost (C) and tape degradation (D) are not the primary risks.

Question 5

Which of the following best describes a 'hot site' in the context of disaster recovery?

  1. A backup location that stores only data backups with no active hardware.
  2. A partially equipped backup site where hardware must be configured before recovery can begin.
  3. A fully equipped and operational backup facility with live system replicas that can take over operations within minutes.
  4. A mobile recovery unit that can be deployed to any location within 48 hours.
Explanation: A hot site is a fully operational duplicate facility with live data replication, enabling near-instantaneous failover - the highest level of disaster recovery readiness. Answer C is correct. Data-only storage (A) describes a cold site's partial capability. Partially equipped hardware (B) describes a warm site. Mobile units (D) are a different recovery approach.

Question 6

During a disaster recovery test, the IT team discovers they cannot restore data from a six-month-old backup tape. The most likely cause and the preventive control that should have been in place is:

  1. The tape was stored offsite; backups should be kept on-site for faster access.
  2. The backup was never verified - periodic restore testing is required to confirm backups are complete, readable, and restorable.
  3. The backup format is incompatible with the new recovery server; hardware should never be upgraded.
  4. The tape degraded over six months; backups should not be retained for more than one month.
Explanation: Unverified backups that cannot be restored provide a false sense of security. Regular restore testing validates that backups are complete, uncorrupted, and restorable when needed. Answer B is correct. Offsite storage (A) reduces disaster risk and is best practice. Hardware upgrades are necessary (C). Retention periods depend on business requirements (D).

Question 7

An organization's backup policy requires that all backup media be encrypted before leaving the data center. The primary purpose of this requirement is to:

  1. Prevent unauthorized individuals from reading sensitive data if backup media is lost or stolen during transit or storage.
  2. Increase the compression ratio of backup data to reduce storage costs.
  3. Verify that the backup was completed successfully before it leaves the data center.
  4. Comply with the requirement to encrypt all data in transit over network connections.
Explanation: Encrypting backup media protects data confidentiality if media is lost, stolen, or mishandled during transport or offsite storage. Answer A is correct. Encryption does not improve compression (B), verify backup completeness (C), or apply specifically to network transmission (D) - though network transmission encryption is a separate requirement.

Question 8

Which of the following best describes a 'snapshot' in the context of storage and backup?

  1. A complete physical copy of all data on a storage volume at a given point in time.
  2. A point-in-time logical image of a storage volume that captures the state of data without necessarily copying all blocks immediately, enabling fast creation and recovery.
  3. A compressed archive of files exported to tape for long-term retention.
  4. An encrypted copy of a database transmitted to an offsite backup facility.
Explanation: A snapshot captures a logical point-in-time view of data, often using copy-on-write techniques to create it instantly without copying all data immediately. Snapshots enable fast rollback to prior states. Answer B is correct. A full physical copy (A) describes a clone or mirror. Tape archives (C) describe traditional backup. Encrypted offsite copies (D) describe encrypted backups.

Question 9

Which of the following correctly describes the difference between a warm site and a cold site disaster recovery option?

  1. A warm site has partially configured hardware and infrastructure that can be made operational within hours to days; a cold site has only basic facilities (power, space) with no pre-installed hardware.
  2. A warm site is located in a warm climate; a cold site is located in a northern region for temperature control.
  3. A warm site stores backups on disk; a cold site stores backups on tape.
  4. A warm site requires no activation time; a cold site requires weeks of preparation.
Explanation: A warm site sits between hot and cold - pre-installed hardware awaiting configuration and data restoration (hours to days). A cold site is an empty space where everything must be installed from scratch (days to weeks). Answer A is correct. Temperature/geography (B) is irrelevant. Storage media (C) does not define site types. A warm site still requires activation time (D).

Question 10

A company stores backup copies of its financial data for seven years to comply with regulatory retention requirements. The primary reason for this long retention period is:

  1. Seven-year retention ensures backup media does not degrade before it is used.
  2. All types of data must be retained for exactly seven years under GAAP.
  3. Regulatory requirements (such as SOX, tax laws, or audit standards) mandate that financial records be available for examination for a specified period.
  4. Seven-year retention allows the organization to recover from any type of system failure.
Explanation: Long retention periods for financial data are driven by regulatory requirements - various laws require organizations to retain financial records so they are available for audits and regulatory examinations. Answer C is correct. Media degradation (A) is a storage concern, not a driver of retention periods. GAAP does not specify a universal seven-year retention (B). Recovery from system failures (D) typically requires much shorter retention periods.

Question 11

Which of the following is the primary advantage of cloud-based backup solutions over traditional tape-based offsite backup?

  1. Cloud backups are always less expensive than tape regardless of data volume.
  2. Cloud backups can be performed continuously or on short intervals, accessed remotely, and restored without physical media retrieval, reducing both RPO and RTO.
  3. Cloud backups eliminate the need for backup testing since cloud providers guarantee data integrity.
  4. Cloud backups are not subject to data privacy regulations since data is stored off-premises.
Explanation: Cloud backup enables near-continuous backup, remote accessibility, and instant retrieval - significantly reducing RPO (by backing up more frequently) and RTO (by eliminating physical media transport). Answer B is correct. Cloud costs scale with volume and are not always cheaper (A). Backup testing remains essential regardless of medium (C). Cloud-stored data is still subject to privacy regulations (D).

Question 12

An organization implements a 'geo-redundant' storage strategy. This means:

  1. Data is stored in multiple formats (disk, tape, and cloud) to ensure format compatibility.
  2. Multiple users can access the same data simultaneously from different geographic locations.
  3. Data is organized geographically by the physical location of the business unit that created it.
  4. Data is replicated across multiple geographically separated data centers to protect against regional disasters.
Explanation: Geo-redundancy involves replicating data across physically separated locations - different buildings, cities, or regions - so that a localized disaster (flood, power outage, fire) affecting one location does not result in data loss. Answer D is correct. Multi-format storage (A), concurrent access (B), and geographic data organization (C) do not describe geo-redundancy.

Question 13

An organization uses deduplication technology in its backup system. The primary benefit of deduplication is:

  1. Improving the speed of data restoration during a disaster recovery event.
  2. Reducing backup storage requirements by identifying and eliminating redundant data blocks, storing only unique data.
  3. Encrypting backup data to prevent unauthorized access.
  4. Automatically verifying that backup data can be successfully restored.
Explanation: Deduplication analyzes backup data and stores only unique data blocks, replacing duplicates with pointers - significantly reducing storage consumption and backup transmission size. Answer B is correct. Deduplication does not inherently speed restoration (A), encrypt data (C), or verify restorability (D).

Question 14

Which of the following is the most important control to verify that backup processes are operating correctly on an ongoing basis?

  1. Requiring IT management to sign off on the backup policy annually.
  2. Storing backup media offsite in a climate-controlled facility.
  3. Monitoring backup job completion alerts and logs daily, with escalation procedures for failed or incomplete backups.
  4. Documenting the backup schedule in the disaster recovery plan.
Explanation: Daily monitoring of backup completion logs and immediate escalation of failures ensures that backup issues are detected and resolved quickly, before they create a recovery gap. Answer C is correct. Annual policy sign-off (A) and plan documentation (D) are governance activities. Offsite storage (B) addresses location, not completeness monitoring.

Question 15

A company experiences a ransomware attack that encrypts all production data. The attack also encrypted all backup files stored on the same network share as the production systems. Which backup practice would have prevented the backup data from being compromised?

  1. Using a faster backup solution to complete backups before ransomware can encrypt them.
  2. Storing backups on isolated, offline, or immutable storage that is not accessible from the production network.
  3. Encrypting the backup files before they are stored on the network share.
  4. Compressing backup files to make them harder for ransomware to identify.
Explanation: Ransomware encrypts everything accessible from an infected system. Backups stored on the same network are equally vulnerable. Offline (air-gapped) or immutable backups cannot be accessed or altered by ransomware, preserving recovery capability. Answer B is correct. Speed (A) is impractical against automated ransomware. Encrypting backups (C) doesn't prevent ransomware from re-encrypting them. Compression (D) does not protect against ransomware.

Question 16

Which of the following statements about business continuity planning (BCP) and disaster recovery planning (DRP) is correct?

  1. BCP and DRP are interchangeable terms referring to the same planning process.
  2. DRP is broader than BCP; it covers all aspects of organizational resilience.
  3. BCP focuses only on IT system recovery; DRP focuses on business process continuity.
  4. BCP is the broader plan addressing overall organizational resilience during disruptions; DRP is a component of BCP focused specifically on restoring IT systems and infrastructure.
Explanation: BCP encompasses all aspects of organizational continuity - people, processes, facilities, communications, and technology. DRP is a technical subset focused specifically on IT system and data recovery. Answer D is correct. They are not interchangeable (A). BCP is the broader concept (B). BCP addresses business processes, not just IT (C).

Question 17

An auditor is reviewing a company's backup and recovery controls and wants to assess whether backups are actually restorable. Which of the following audit procedures provides the most direct evidence?

  1. Reviewing the backup policy documentation.
  2. Interviewing the IT operations manager about the backup schedule.
  3. Inspecting the backup logs to verify that backups completed successfully.
  4. Observing or reviewing results of a backup restoration test where data is actually recovered from backup media.
Explanation: The only way to definitively confirm backups are restorable is to test the restoration process - verifying that data can actually be recovered, not just that the backup job completed. Answer D is correct. Policy review (A), interviews (B), and log inspection (C) provide indirect evidence of backup processes but do not confirm recoverability.

Question 18

The recovery point objective (RPO) determines:

  1. The maximum amount of data loss an organization can tolerate, expressed as a period of time between the last backup and the failure event.
  2. How quickly systems must be restored after a disruption.
  3. The physical location where backup data is stored.
  4. The number of backup copies that must be maintained at any given time.
Explanation: RPO defines the acceptable data loss window - if RPO is 4 hours, backups must occur at least every 4 hours so no more than 4 hours of data is lost in a failure. Answer A is correct. System restoration speed is RTO (B). Backup location (C) and copy count (D) are operational decisions informed by RPO/RTO requirements.

Question 19

A company's RTO is 4 hours and its RPO is 1 hour. Which of the following backup and recovery configurations would meet both objectives?

  1. Weekly full backups with no incremental backups and a warm site requiring 8 hours to activate.
  2. Daily full backups with a hot site that activates in 30 minutes.
  3. Hourly incremental backups with continuous replication and a hot site that activates in under 4 hours.
  4. Monthly full backups stored offsite with a cold site requiring 24 hours to activate.
Explanation: Hourly incrementals satisfy the 1-hour RPO (no more than 1 hour of data loss). A hot site activating in under 4 hours satisfies the RTO. Answer C is correct. Weekly backups (A) exceed the 1-hour RPO, and an 8-hour activation exceeds the 4-hour RTO. Daily backups (B) exceed the 1-hour RPO. Monthly backups and a 24-hour cold site (D) violate both objectives.

Question 20

The recovery time objective (RTO) is best defined as:

  1. The maximum amount of data an organization can afford to lose, measured in time.
  2. The point in time to which data must be restored following a disruption.
  3. The total cost of recovering systems after a disaster.
  4. The maximum acceptable duration of downtime before a system must be restored to operational status.
Explanation: RTO defines how long a system can be offline before the impact becomes unacceptable - the maximum tolerable downtime. Answer D is correct. The maximum data loss in time is the recovery point objective (RPO) - Answer A. The point-in-time restoration target is RPO (B). Recovery cost is not defined by RTO (C).