23FA ISYS 231 - Week 3 Quiz 5
Which two communities of interest are usually associated with contingency planning? Which community must give authority to ensure broad support for the plans?
1. Internal Stakeholders: This includes employees, managers, and other individuals within the organization who have a vested interest in the organization's continuity and are directly affected by contingency plans. 2. External Stakeholders: These are individuals or groups outside the organization interested in its operations, such as customers, suppliers, regulatory agencies, and the local community. The community that must give authority to ensure broad support for the plans is typically the executive or leadership team within the organization. They can endorse and allocate resources for contingency planning efforts, ensuring that programs receive the necessary support and commitment from all stakeholders.
A fundamental difference between a BIA and risk management is that risk management focuses on identifying threats, vulnerabilities, and attacks to determine which controls can protect information, while the BIA assumes _____.
All of the above
The CPMT conducts the BIA in three stages. Which of the following is NOT one of those stages?
All of these are BIA stages
A business policy is a task performed by an organization or one of its units in support of the organization's overall mission and operations. _____
False
A cold site provides many of the same services and options of a hot site, but at a lower cost.
False
A disaster recovery plan shows the organization's intended efforts to establish operations at an alternate site in the aftermath of a disaster.
False
A planning check is a testing strategy in which copies of the appropriate plans are distributed to all individuals who will be assigned roles during an actual incident or disaster. _____
False
An affidavit is a sworn testimony that certain facts are in the possession of an investigating officer and that they warrant the examination of specific items located at a specific place.
False
An affidavit is permission to search for evidentiary material at a specified location or to seize items to return to an investigator's lab for examination.
False
An external event is an event with negative consequences that could threaten the organization's information assets or operations; also referred to as an incident candidate.
False
Changes to systems logs are a possible indicator of an actual incident.
False
The work response time (WRT) is the amount of effort (expressed as elapsed time) needed to make business functions work again after the technology element is recovered. _____
False
Two ways to activate an alert roster are simultaneously and in parallel.
False
Which type of organizations should prepare for the unexpected?
Organizations of every size and purpose should also prepare for the unexpected.
A business process is a task performed by an organization or one of its units in support of the organization's overall mission and operations.
True
An alert message is a description of the incident or disaster that usually contains just enough information so that each person knows what portion of the IR or DR plan to implement without slowing down the notification process.
True
Incident response is an organization's set of planning and preparation efforts for detecting, reacting to, and recovering from an incident.
True
Prior to the development of each of the types of contingency planning documents, the CP team should work to develop the policy environment.
True
The recovery point objective (RPO) is the point in time prior to a disruption or system outage to which mission/business process data can be recovered after an outage. _____
True
The most common schedule for tape-based backup is a _____ backup, either incremental or differential, with a weekly off-site full backup.
daily-on-site
The storage of duplicate online transaction data, along with the duplication of the databases, at a remote site on a redundant server is called _____.
database shadowing
The business _____ analysis is a preparatory activity common to both CP and risk management,
impact
Digital forensics involves the _____, identification, extraction, documentation, and interpretation of digital media.
investigation
A ____ is an agency that provides physical facilities in the event of a disaster for a fee.
service bureau
The _____ recovery time is the amount of effort (expressed as elapsed time) needed to make business functions work again after the technology element is recovered.
work
