SPM401 - Chapter 10

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

If operations at the primary site cannot be quickly restored, the ____________________ occurs concurrently with the DR plan, enabling the business to continue at an alternate site.

BCP business continuity plan BC plan

The four components of contingency planning are the ____________________, the incident response plan, the disaster recovery plan, and the business continuity plan.

BIA Business Impact Analysis

____________________ planning ensures that critical business functions can continue if a disaster occurs.

Business continuity

In a warm site, all services and communications links are fully configured and the site can be fully functional within minutes.

False

In most organizations, the COO is responsible for creating the IR plan.

False

Training should be as specialized as possible; personnel who are responsible for one duty should not be trained on other duties to avoid confusion during a disaster.

False

When an incident takes place, the disaster recovery (DR) plan is invoked before the incident response (IR) plan.

False

When performing parallel testing, normal operations of the business are not impacted.

True

In which type of site are no computer hardware or peripherals provided? a. cold site b. warm site c. timeshare d. hot site

a cold site

Which of the following is an example of a rapid-onset disaster? a. Flood b. Pest infestation c. Famine d. Environmental degradation

a flood

In the event of an incident or disaster, which team sets up and starts off-site operations? a. project management b. business continuity c. disaster recovery d. incident response

b business continuity

When a disaster renders the current business location unusable, which plan is put into action? a. crisis management b. business continuity c. incident response d. disaster recovery

b business continuity

After an incident, but before returning to its normal duties, the CSIRT must do which of the following? a. create the incident damage assessment b. conduct an after-action review c. restore data from backups d. restore services and processes in use

b conduct an after-action review

Which of the following has the main goal of restoring normal modes of operation with minimal cost and disruption to normal business activities after an event? a. risk management b. contingency planning c. business response d. disaster readiness

b contingency planning

Which of the following determines the scope of the breach of confidentiality, integrity, and availability of information and information assets? a. incident report b. incident damage assessment c. information loss assessment d. damage report

b incident damage assessment

Which of the following is a tool that can be useful in resolving the issue of what business function is the most critical? a. BIA questionnaire b. weighted analysis tool c. recovery time organizer d. MTD comparison

b weighted analysis tool

At what point in the incident lifecycle is the IR plan initiated? a. before an incident takes place b. when an incident is detected c. once the DRP is activated d. once the BCP is activated

b when an incident is detected

Which of the following is a responsibility of the crisis management team? a. Restoring the data from backups b. Evaluating monitoring capabilities c. Activating the alert roster d. Restoring the services and processes in use

c activating the alert roster

Which of the following is true about a hot site? a. It is an empty room with standard heating, air conditioning, and electrical service. b. It includes computing equipment and peripherals with servers but not client workstations. c. It duplicates computing resources, peripherals, phone systems, applications, and workstations. d. All communications services must be installed after the site is occupied.

c it duplicates computing resources, peripherals, phone systems, applications and workstations

Which is the first step in the contingency planning process? a. business continuity training b. disaster recovery planning c. incident response planning d. business impact analysis

d business impact analysis

Which of the following is usually conducted via leased lines or secure Internet connections whereby the receiving server archives the data as it is received?. a. Database shadowing b. Timesharing c. Traditional backups d. Electronic vaulting

d electric vaulting

In which contingency plan strategy do individuals act as if an actual incident occurred, and begin performing their required tasks and executing the necessary procedures, without interfering with the normal operations of the business? a. a desk check b. a simulation c. a structured walk-through d. parallel testing

d parallel testing

What is the last stage of the business impact analysis? a. identify resource requirements b. analysis and prioritization of business processes c. collect critical information about each business unit d. prioritize resources associated with the business processes

d prioritize resources associated with the business processes

Which of the following is a definite indicator of an actual incident? a. Unusual system crashes b. Reported attack c. Presence of new accounts d. Use of dormant accounts

d use of dormant accoutns

The bulk batch-transfer of data to an off-site facility is known as ____________________.

electronic vaulting

In ____________________ testing of contingency plans, the individuals follow each and every procedure, including the interruption of service, restoration of data from backups, and notification of appropriate individuals.

full-interruption

A(n) ____________________ occurs when an attack affects information resources and/or assets, causing actual damage or other disruptions.

incident

The ____________________ plan is a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.

incident response IR

A(n) ____________________ is an agency that provides, in the case of DR/BC planning, physical facilities for a fee.

service bureau

Which of the following is a part of the incident recovery process? a. Identifying the vulnerabilities that allowed the incident to occur and spread b. Determining the event's impact on normal business operations and, if necessary, making a disaster declaration c. Supporting personnel and their loved ones during the crisis d. Keeping the public informed about the event and the actions being taken to ensure the recovery of personnel and the enterprise

a identifying the vulnerabilites that allowed the incident to occur and spread.

Which of the following is the process of examining a possible incident and determining whether it constitutes an actual incident? a. Incident classification b. Incident identification c. Incident registration d. Incident verification

a incident classification

Which of the following is the transfer of live transactions to an off-site facility? a. Remote journaling b. Electronic vaulting c. Database shadowing d. Timesharing

a remote journaling

Which of the following is a possible indicator of an actual incident? a. Unusual consumption of computing resources b. Activities at unexpected times c. Presence of hacker tools d. Reported attacks

a unusual consumption of computing resources

When dealing with an incident, the incident response team must conduct a(n) ____________________, which entails a detailed examination of the events that occurred from first detection to final recovery.

after action review

A(n) ____________________ is a document containing contact information of the individuals to notify in the event of an actual incident.

alert roster

Which contingency plan strategy do individuals work on their own tasks and are responsible for identifying the faults in their own procedures? a. A desk check b. A simulation c. A structured walk-through d. Parallel testing

b a simulation


Ensembles d'études connexes

Chapter 2 - The Accounting Cycle: During the Period

View Set

Homeostasis (Text Chapter 1/ Workbook Chapter 6)

View Set

intro to criminal justice Chapter 10: pretrial and trial procedures

View Set

Chapter 19 | The Cardiovascular System: The Heart mcq

View Set

Psychiatric-Mental Health Practice Exam HESI###

View Set

MKT Research and Analysis- Ch. 13

View Set

Ch 5 A Survey of Probability Concepts

View Set

Nursing Fundamental- Nursing Processing

View Set