Management of Information Security Notes Chapter 10- Planning for Contingencies

Ace your homework & exams now with Quizwiz!

True

Rapid-onset disasters occur suddenly, and may take the lives of people and destroy the means of production.

hierarchical

A ____ activation requires that the first person call designated people on the roster, who in turn call other designated people, and so on.

hot site

A ____ is a fully configured computer facility that needs only the latest data backups and the personnel to function.

mutual agreement

A contract between two organizations in which each party agrees to assist the other in the event of a disaster is called a ____.

alert roster

A document that contains contact information on the individuals to be notified in the event of an actual incident is called a(n) ____.

CISO

A project manager—possibly a mid level manager or even the ____________________ — leads the project, putting in place a sound project planning process, guiding the development of a complete and useful project, and prudently managing resources.

alert message

A scripted set of instructions about an incident is known as a(n) ____.

False

A structured walk-through is the simplest kind of validation for reviewing the perceived feasibility and effectiveness of the contingency plan.

hot

A warm site offers many of the advantages of a(n) ________________ site, but at a lower cost.

incident damage assestment

A(n) ____ determines the extent of the breach of confidentiality, integrity, and availability of information and information assets.

after-action review

A(n) ____ entails a detailed examination of the events that occurred from first detection to final recovery.

attack scenario end case

A(n) ____ shows the estimated cost of the best, worst, and most likely outcomes of an attack.

alert roster

A(n) ____________________ is a document containing contact information of the individuals to notify in the event of an actual incident.

structure walk-through

A(n) ____________________ is a method of testing contingency plans in which all involved individuals walk through the steps they would take during an actual event.

incident

A(n) ____________________ occurs when an attack affects information resources and/or assets, causing actual damage or other disruptions.

True

A(n) alert message is a scripted set of initial instructions used to respond to an incident.

False

A(n) attack scenario consists of a detailed description of the activities that usually occur during an attack.

True

A(n) champion is an executive who supports, promotes, and endorses the findings of the CP project.

False

A(n) structured walk-through is a method of testing contingency plans in which each involved person works individually to simulate the performance of each task that he or she is responsible for.

True

Activities at unexpected times are probable indicators of an actual incident.

False

An organization should start documenting an incident after the incident has been contained.

emergency

As part of DR plan readiness, each employee should have two types of ____ information cards in his or her possession at all times.

True

Classifying an incident is the responsibility of the IR team.

True

Continuous process improvement (CPI) suggests that each time the organization rehearses its plans, it should learn from the process, improve the process, and then rehearse again.

True

Crisis management entails a set of focused steps that deal primarily with the people involved in a disaster.

people

Crisis management is designed to deal primarily with ____.

rapid-onset

Disasters that occur suddenly, with little warning, are classified as ____________________ disasters.

False

Electronic vaulting involves the transfer of live transactions to an off-site facility.

CEO

The BC Plan is most properly managed by the ____.

incident

In CP, an unexpected event is called a(n) ____.

Statement of management commitment Purpose and objectives of the policy Scope of the policy Definition of information security incidents Organizational structure and delineation of roles Prioritization or severity ratings of incidents Reporting and contact forms Performance measures

List the key components of a typical IR policy.

False

Parallel testing is the most rigorous strategy for testing contingency plans.

IT community of interest

The DRP is usually managed by the ____.

IR

The ____ plan focuses on the immediate response to an incident.

CP

The ____ team collects information about information systems and the threats they face, and creates the contingency plans for incident response, disaster recovery, and business continuity.

incident response

The ____________________ plan comprises a detailed set of processes and procedures that anticipate, detect, and mitigate the effects of an unexpected event that might compromise information resources and assets.

business continuity

The ____________________ team is charged with setting up and starting off-site operations in the event of an incident or disaster.

electronic vaulting

The bulk batch-transfer of data to an off-site facility is known as ________________.

True

The disaster recovery team is responsible for detecting, evaluating, and responding to disasters, and reestablishing operations at the primary business site.

business impact analysis

The four components of contingency planning are the ____________________, the incident response plan, the disaster recovery plan, and the business continuity plan.

incident damage assessment

The immediate determination of the scope of the breach of confidentiality, integrity, and availability of information and information assets is called ____________________.

contingency planning

The overall process of preparing for unexpected events is called _________________.

True

The presence of hacker tools in a system definitely signals that an incident is in progress or has occurred.

False

The process of examining a possible incident and determining whether it constitutes an actual incident is called incident verification.

A simulation

____ is a method of testing contingency plans in which each involved person works individually to simulate the performance of each task.

incident classification

____ is the process of examining a possible incident and determining whether it constitutes an actual incident.

Database shadowing

____ is the storage of duplicate online transaction data, along with the duplication of the databases at the remote site on a redundant server.

Disaster recovery

_______ planning ensures that critical business functions can continue if a disaster

Incident Response

_______________ is a set of procedures that commence when an incident is detected.


Related study sets

Which bone articulates with which bone(s)?

View Set

Art History II- Impressionism and Post Impressionism movements

View Set

GEOG 202 Final Exam (Australia and Oceania MG)

View Set

Micro End of chapter 5 questions

View Set

Compensation and Benefits Test 2

View Set