Module 3 Study Questions CYBR 155
A(n) _________ is a document containing contact information for the people to be notified in the event of an incident. emergency notification system alert roster phone list call register
alert roster
Computer ____________________ is the process of collecting, analyzing, and preserving computer-related evidence. forensics
forensics
A(n) ____________________ directs members of an organization as to how issues should be addressed and how technologies should be used. policy
policy
A(n) ____________________ plan ensures that critical business functions continue if a catastrophic incident or disaster occurs.
BC business continuity
A(n) ____________________ is a detailed examination of the events that occurred from first detection to final recovery.
AAR after-action review
A policy should state that if employees violate a company policy or any law using company technologies, the company will protect them, and the company is liable for the employee's actions. True False
False
A standard is a written instruction provided by management that informs employees and others in the workplace about proper behavior. True False
False
A(n) capability table specifies which subjects and objects users or groups can access. _________________________ True False
False
A(n) disaster is any adverse event that could result in loss of an information asset or assets, but does not currently threaten the viability of the entire organization. _________________________ True False
False
Database shadowing duplicates data in real-time data storage, but does not back up the databases at the remote site. True False
False
Summarize the strategies that can be chosen by an organization when planning for business continuity. Your Answer: Business Continuity (BC): The documented product of business continuity planning; aplan that shows the organization's intended efforts to continue critical functions whenoperations at the primary site are not feasible. Business Continuity Planning (BCP):The actions taken by senior management to develop andimplement the BC policy, plan, and continuity teams business resumption planning (BRP) The actions taken by senior management to develop andimplement a combined DR and BC policy, plan, and set of recovery teams. contingency plan The documented product of contingency planning; a plan that shows theorganization's intended efforts in reaction to adverse events. contingency planning (CP) The actions taken by senior management to specify the organization'sefforts and actions if an adverse event becomes an incident or disaster. This planning includesincident response, disaster recovery, and business continuity efforts, as well as preparatorybusiness impact analysis. contingency planning management team (CPMT) The group of senior managers and projectmembers organized to conduct and lead all CP efforts.
Not Graded yet
Disaster recovery personnel must know their roles without supporting documentation, which is a function of preparation, training, and rehearsal. True False
True
Evidence is the physical object or documented information that proves an action occurred or identifies the intent of a perpetrator. _________________________ True False
True
NIST 800-14's Principles for Securing Information Technology Systems can be used to make sure the needed key elements of a successful effort are factored into the design of an information security program and to produce a blueprint for an effective security architecture. True False
True
NIST Special Publication 800-18 Rev. 1, The Guide for Developing Security Plans for Federal Information Systems, includes templates for major application security plans, and provides detailed methods for assessing, designing, and implementing controls and plans for applications of varying size. True False
True
NIST responded to a mandate and created a voluntary Risk Management Framework that provides an effective approach to manage cybersecurity risks. _________________________ True False
True
The policy administrator is responsible for the creation, revision, distribution, and storage of the policy. True False
True
The recovery point objective (RPO) is the point in time prior to a disruption or system outage to which mission/business process data can be recovered after an outage. _________________________ True False
True
To achieve defense in depth, an organization must establish multiple layers of security controls and safeguards. True False
True
In 2016, NIST published a new Federal Master Cybersecurity Framework to create a mandatory framework for managing cybersecurity risk for the delivery of critical infrastructure services at every organization in the United States, based on vendor-specific technologies. True False
False
One of the basic tenets of security architectures is the layered implementation of security, which is called defense in redundancy. _________________________ True False
False
An attack, breach of policy, or other incident always constitutes a violation of law, requiring notification of law enforcement. True False
False
An information security ________ is a specification of a model to be followed during the design, selection, and initial and ongoing implementation of all subsequent security controls, including information security policies, security education, and training. plan framework model policy
framework
A(n) ____________________ site is a fully configured computer facility with all services, communications links, and physical plant operations provided, including heating and air conditioning. hot
hot
A(n) ____________________ is an adverse event that could result in loss of an information asset or assets, but does not currently threaten the viability of the entire organization.
incident