Chapter 4 & 11
FFIEC (Federal Financial Institutions Examination Council)
Aditya recently assumed an information security role for a financial institution located in the United States. He is tasked with assessing the institution's risk profile and cybersecurity maternity level. What compliance regulation applies specifically to Aditya's institution?
Simulation
As a follower-up to her annual testing, Isabella would like to conduct quarterly disaster recovery tests. Theses test should include role-playing and introduce as much realism as possible without affecting live operations. What type of test should Isabella conduct>
Hot site
Dawn is selecting an alternative processing facility for her organization's primary data center. She needs a facility with the least switchover time, even if it's the most expensive option. What is the most appropriate option in this situation?
Preparation
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders?
False
Regarding data-center alternatives for diaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time
2
Susan performs a full backup of her server every Sunday at 1:00 am and differential backups on Mondays through Friday at 1:00 am. Her server fails at 9:00 am on Wednesday. How many backups does Susan need to restore?
Business continuity plan (BCP)
Tom is the IT manager for an organization that experienced a server failure that affected a single business function. What type of plan should guide the organization's recovery effort?
True
True/False? A business continuity plan (BCP) directs all activities required to ensure that an organization's critical busiess functions continue when an interruption occurs that affects the organization's viability
True
True/False? A parallel test of a contigency plan is the same a full-interruption test except that processing does not stop at the primary site.
True
True/False? A successful business impact analysis (BIA) maps the context, the critical business functions (CBFs), and the processes on which they rely.
True
True/False? Any component that, if it fails, could interrupt business processing is called a single point of failure (SPOF)
True
True/False? Examples of major disruptions include extreme weather, application failure, and criminal activity.
True
True/False? In remote journaling, a system writes a log of online transactions to an offiste location.
True
True/False? Mobile device management (MDM) includes a software application that allows organizations to monitor, control, data wipe, or data delete business data from a personally owned device.
True
True/False? Regarding diaster recovery, an alternate processing center or mirrored site is always ready and under the organization's control.
True
True/False? Screen locks are a form of endpoint device security
False
True/False? The business continuity plan (BCP) identifies the resources for which a business impact analysis (BIA) is necessary.
True
True/False? The term "risk management" describes the process of identifying, assessing, priortizing, and addressing risk.
Random Access Memory (RAM)
Which data source comes first in the order of volatility when conducting a forensic investigation?
Continue normal processes, such as separation of duties or spending limits
Which of the following should you avoid during a diaster and recovery?