Chapter 8: Risk, Response, Recovery

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Clustering

involves connecting two or more computers to act like a single computer.

Supervisory Control and Data Acquisition

systems are common in industrial settings.

Impact

the amount of harm a threat exploiting a vulnerability can cause.

total risk

the combined risk to all business assets

Risk

the likelihood that a particular threat will be realized against a specific vulnerability.

annualized loss expectancy

the loss when an incident happens

Maximum total downtime

the most time a business can survive without a particular critical system.

Emergency operations center

the place where the recovery team will meet and work during a disruption.

residual risk

the risk that remains after you have deployed countermeasures and controls

risk register

A description of the risk, The expected impact if the associated event occurs, The probability of the event occurring, Steps to mitigate the risk, Steps to take should the event occur, Rank of the risk

SLE

AV × EF

Identifying risks consists of

Brainstorming, Surveys, Interviews, Working groups, Checklists, Historical information

two key risk management principles

Don't spend more to protect an asset than it is worth, A countermeasure without a corresponding risk is a solution seeking a problem

Steps in risk management

Identify risks, Assess risks, Plan risk response, Implement risk responses, Monitor and control risk responses

Mobile devices

Mobile operating system patches and upgrades are available and easy to apply, but not all users update their devices.

Critical business function

Once the BIA has identified the business systems that an incident will affect, you must rank the systems from most to least critical

ALE

SLE × ARO

Differential Backup

Start by making a full backup, perhaps on Sunday, when network traffic is lightest. As the week progresses, each night's backup takes a little longer.

Vehicle systems

category of static systems is a type of embedded system

Accept

The organization knows the risk exists and has decided that the cost of reducing it is higher than the loss would be.

Embedded systems

These are generally small computers that are contained in a larger device.

Mainframes

These large computers exist primarily in large organization data centers.

Safeguards

address gaps or weaknesses in the controls that could otherwise lead to a realized threat

Transfer

allows the organization to transfer the risk to another entity. Insurance is a common way to reduce risk.

Incident

any event that either violates or threatens to violate your security policy.

Vulnerability

any exposure that could allow a threat to be realized

RAID

are multiple disk drives that appear as a single disk driver but actually store multiple copies of data in case a disk drive in the array fails.

Quantitative risk assessment

attempts to describe risk in financial terms and put a dollar value on each risk.

activity phase controls

can be either administrative or technical

Gaming consoles

computers that are optimized to handle graphics applications efficiently.

Countermeasures

counter or address a specific threat

Avoid

deciding not to take a risk.

Multiple servers or devices

generalized implementation of load balancing simply makes multiple servers or network devices that can respond to the same requests for service available.

detective controls

identify that a threat has landed in your system, ex: IDS

Controls

include both safeguards and countermeasures

Qualitative risk assessment

ranks risks based on their probability of occurrence and impact on business operations. Allows the business units and technical experts to understand the ripple effects of an event on other departments or operations.

exposure factor

represents the percentage of the asset value that will be lost if an incident were to occur.

annualized rate of occurance

risk likelihood, usually per year

checklist test

simple review of the plan by managers and the business continuity team to make sure that contact numbers are current and that the plan reflects the company's priorities and structure.

Threat

something (generally bad) that might happen.

Incremental Backup

start with a full backup when network traffic is light. Then, each night, you back up only that day's changes. As the week progresses, the nightly backup takes about the same amount of time.

preventive controls

stop threats from coming in contact with a vulnerability, ex: IPS

purpose of risk management

to identify possible problems before something bad happens

Reduce

uses various controls to mitigate or reduce identified risks. These controls might be administrative, technical, or physical.

Load balancing

using two or more servers to respond to service requests

Enhance

you increase the probability or positive impact of the event associated with the risk.

Exploit

you take advantage of an opportunity that arises when you respond to that risk.

Share

you use a third party to help capture the opportunity associated with that risk.


Ensembles d'études connexes

Anatomy and Physiology Chapter 15 - The ANS

View Set

Pharmacology Ch 18 Drugs Affecting the Hematopoietic System *updated with current book questions*

View Set

Clicker questions beginning 1/11/18

View Set

Microeconomics: Chapter 15 - Economic Regulation and Antitrust Policy

View Set

History of Costume Exam 2: Past Quizzes

View Set

Introduction to information technology

View Set

Describe Tracking polls, exit polls, and push polls

View Set

Athletic Injuries: Chapter 3 Review Questions

View Set

Properties of Real Numbers Chapter 2

View Set