quiz ISOL 632

User Generated

Wlbguvfev

Computer Science

ISOL 632

University of the Cumberlands

Description

Test Information

Description

READ THESE INSTRUCTIONS BELOW BEFORE YOU START THIS EXAM

The midterm exam covers material from Chapter 1 – 6. There are a total of 100 questions in this exam and consists of true/false statements, fill in the blank, and multiple-choice options. In the fill in the blank portion of the quiz, you will need to type in your response to the question(s). In the fill in the blank portion of the quiz, you will type in your response to the question(s). There are incidences where you can receive credit for your response(s) if marked incorrect. I will go through the quiz after its due date, to make those adjustments. Please double check the spelling of your responses, as you will not receive credit for misspelled words.

Good luck everyone!

Instructions
Multiple AttemptsNot allowed. This test can only be taken once.
Force CompletionThis test can be saved and resumed later.

QUESTION 1

  1. A(n) ________________ stores files that have been added or modified since the organization’s last full backup.
    a.differential backup
    b.incremental backup
    c.daily backup
    d.copy backup

0.25000 points

QUESTION 2

  1. A(n) _______________ policy are codified as standards and procedures that are used when configuring or maintaining systems.

0.25000 points

QUESTION 3

  1. A(n) _______________________ approach shifts acknowledged threats to other assets, processes, or organizations and is accomplished by reconsidering how services, deployment models, outsourcing, or service contracts are offered or acquired.
    a.termination
    b.defense
    c.transferal
    d.mitigation

0.25000 points

QUESTION 4

  1. Vulnerabilities are specific identifiable threats that can efficiently exploit weaknesses within systems and technological infrastructure that were intended to protect and safeguard an organization’s assets.

0.25000 points

QUESTION 5

  1. A(n) _____________________ maintains the confidentiality, integrity, and available of an organization’s information system by identifying prospective vulnerabilities.
    a.risk control
    b.risk identification
    c.risk management
    d.risk determination

0.25000 points

QUESTION 6

  1. Online hot servers such as domain controllers, databases, web and e-mail servers, often or frequently use cold servers to provide a reliable backup for its redundant functions by remaining in standby or near online state.

0.25000 points

QUESTION 7

  1. Inclusive of all four functional components within contingency planning, a(n) _____________ approach decreases the impact of vulnerability exploitation with appropriate preparation and planning.
    a.termination
    b.mitigation
    c.transferal
    d.defense

0.25000 points

QUESTION 8

  1. The CSIRT service that is performed to respond to requests similar to a help desk alert, IDPS or service provider alarm for emerging vulnerabilities is a(n) _________________.
    a.reactive service
    b.security quality management service
    c.proactive service
    d.managing incident service

0.25000 points

QUESTION 9

  1. When an organization trains its CSIRT on its IR plan, the ___________________ training approach mimics the full performance and expectations for each task and its components within the plan, but it is short of conducting an actual physical session.

0.25000 points

QUESTION 10

  1. A(n) _______________________ approach is a physical host resource that is divided between the host itself and virtual machines which enables virtual machines to act as independent operating systems.
    a.Virtual cloud-level virtualization
    b.Hardware-level virtualization
    c.Application-level virtualization
    d.Operating system-level virtualization

0.25000 points

QUESTION 11

  1. RAID is an acronym for Redundant Array of Incident Disks.

0.25000 points

QUESTION 12

  1. A(n) _________________________ are triggered alarms that cause an IDPS to react as if a genuine attack was occurring.
    a.false positive
    b.noise
    c.true attack stimulus
    d.false attack stimulus

0.25000 points

QUESTION 13

  1. A(n) _____________________ is a replaceable unit monitoring and failure indicator that protects against data loss due or system failure.
    a.failure tolerant disk systems
    b.disaster tolerant disk systems
    c.disaster resistant disk systems
    d.failure resistant disk systems

0.25000 points

QUESTION 14

  1. Preventative measures prepared by the Incident Response team to effectively manage risks that are associated with specific attacks are a part of the ________________________ planning process.

0.25000 points

QUESTION 15

  1. A(n) ___________________________ team executes and manages an organization’s response plan by evalutating, responding, and detecting potential incidents.
    a.Crisis management
    b.Incident response
    c.Business continuity
    d.Disaster recovery

0.25000 points

QUESTION 16

  1. A (n) ______________________ process enables the NIDPS to identify patterns of attacks by comparing existing activity measurements to known signature and determine if an attack has or may occurred.

0.25000 points

QUESTION 17

  1. A(n) ________________________ provides the strategic vision and linkage to organizational leaders and other influential members within an organization.
    a.Business Manager
    b.Information Security Manager
    c.Project Manager
    d.Information Technology Manager

0.25000 points

QUESTION 18

  1. An organization's information infrastructure, to include its systems, hardware, data transmission, and other noncritical systems, are protected and secured by its information security personnel and policies.

0.25000 points

QUESTION 19

  1. When an organization observes that its network traffic has exceeded its measured and established baseline values, this is an indicator that an incident candidate is present. Under these circumstances, these occurrences are categorized with an unexpected time probable indicator.

0.25000 points

QUESTION 20

  1. In a properly designed system, a(n) _________________ event do not elevate to an incident level because legitimate incident and activities would not be wrongfully reported.

0.25000 points

QUESTION 21

  1. A(n) _______________________ team mitigates and manages the personal impact of an organization’s loss and distress by diminishing anticipated harm of life and welfare by ensuring fast and accurate accountability of its personnel.
    a.Incident response
    b.Crisis management
    c.Disaster recovery
    d.Business continuity

0.25000 points

QUESTION 22

  1. System resources that are placed into a functional system but has no normal use for in the system, is known as a(n) ________________________.

0.25000 points

QUESTION 23

  1. When an organization decides it needs its information assets to remain unprotected, these decisions are based on ____________________ to remove the asset from the risk environment.
    a.termination
    b.defense
    c.transferal
    d.mitigation

0.25000 points

QUESTION 24

  1. Fundamentally, warm sites provide an organization with facilities and services but exclude computer hardware, peripherals, and communication services which are installed after the organization takes occupancy of the facility.

0.25000 points

QUESTION 25

  1. Server recovery advancements have brought forth a(n) ______________ technology that is designed to replace operating systems and services whenever they fail.

0.25000 points

QUESTION 26

  1. Comparable to a majority of critical business processes, business continuity planning cannot fail even if there is not a clearly established or formal commitment from senior executives or organizational leaders; as long as employees and response team members are supportive of the plan its implement and execution will be successful.

0.25000 points

QUESTION 27

  1. An Incident Response Team (IRT) assumes the responsibility for intrusion detection functions within an organization because other response teams are challenged with other critical tasks and do not have sufficient time, expertise, or resources to accomplish the goal.

0.25000 points

QUESTION 28

  1. When an organization trains its CSIRT on its IR plan, a(n) _________________ enables the individual team member to perform expected and required task by completing those duties without interfering with the businesses operation.

0.25000 points

QUESTION 29

  1. While a number of vulnerabilities are latent and unrevealed until its discovery, a well documented, published and examined vulnerabilities is known as a(n) __________________________.

0.25000 points

QUESTION 30

  1. A formal team of individuals known as the Computer Security Incident Response Team (CSIRT) is not tasked with supporting an organization’s policies, procedures, technology, data, or other internal component that are necessary to prevent, detect, react, and recovery from incidents that will potentially damage the organization’s business information system.

0.25000 points

QUESTION 31

  1. Hosted by a third party source, a(n) _______________ enable multiple organizations with mutual interests to share computing and application resources.

0.25000 points

QUESTION 32

  1. A(n) _______________ comprises of two or more independent zones that safeguards an organization against the loss of data or multiple disk failure.
    a.disaster tolerant disk systems
    b.failure tolerant disk systems
    c.disaster resistant disk systems
    d.failure resistant disk systems

0.25000 points

QUESTION 33

  1. A(n) ________________ is the set of rules and configuration guidelines that governs the implementation and operation of IDPSs within an organization.
    a.attack stimulus
    b.site policy
    c.IR policy
    d.confidence

0.25000 points

QUESTION 34

  1. An IDPS or IPS automated response system, known as a(n) _____________, combines its resources to detect intrusions and then trail those intrusions back to its source.

0.25000 points

QUESTION 35

  1. An after action review serves as an invaluable learning tool for an organization’s response teams because it acts as a training tool for current and future team members by enabling them to observe what historical incidents occurred, what actions were performed, and if these actions were effective to mitigate the incident.

0.25000 points

QUESTION 36

  1. A(n) __________________ necessitates less time and space because this method archives all modified files since the organization’s last backup.
    a.incremental backup
    b.differential backup
    c.daily backup
    d.copy backup

0.25000 points

QUESTION 37

  1. An Enterprise Information Security Policy (EISP) supports an organizations vision and mission by serving as a strategic blueprint that guides development, implementation, and management of its technological framework and structure.

0.25000 points

QUESTION 38

  1. A(n) ______________ documents, examines, and assesses an organization’s information security posture and prospective problems it may contend with.
    a.risk determination
    b.risk identification
    c.risk control
    d.risk management

0.25000 points

QUESTION 39

  1. A(n) ______________________ gathers statistical summaries by observing traffic that is perceived or known to be normal.

0.25000 points

QUESTION 40

  1. The CSIRT service that is performed to prepare the organization and its stakeholders on how to protect and secure its systems by anticipating problems, attacks, and other security risk events is a(n) __________________________.
    a.reactive service
    b.managing incident service
    c.proactive service
    d.security quality management service

0.25000 points

QUESTION 41

  1. HIDPS’ benefit is that it maintains its file logs that are useful when an attacker successfully attempts to mask its tracks by modifying its registry and produces its own independent audit of the attack.

0.25000 points

QUESTION 42

  1. A(n) _______________ method increase resource utilization controls because it extends multiple OS virtual sessions that permits applications to operate independently of each other.
    a.Application-level virtualization
    b.Virtual cloud-level virtualization
    c.Operating system-level virtualization
    d.Hardware-level virtualization

0.25000 points

QUESTION 43

  1. The purpose of a(n) _____________________ is to define the scope of an organization’s CP operation and to establish its managerial intent in regards to acceptable timetables to respond to incidents, recover from disasters, or reestablish its operations.
    a.incident response policy
    b.cross-training policy
    c.disaster recovery policy
    d.contingency planning policy

0.25000 points

QUESTION 44

  1. A(n) ___________________ team implements and manages an organization’s response plan by detecting, evaluating, and responding to disasters and restablishing its operation at the primary location.
    a.Incident response
    b.Disaster recovery
    c.Crisis management
    d.Business continuity

0.25000 points

QUESTION 45

  1. The responsibilities and functions of the CSIRT are not useful when there is a need to compare previous baselines against current performance levels because an organization’s technology, information systems, and perceived threat levels are unchangeable.

0.25000 points

QUESTION 46

  1. A(n) __________________________ defines the expectations and necessary capabilities that are required at an organization’s alternative site.

0.25000 points

QUESTION 47

  1. Valid packet that exploits poorly configured DNS servers by introducting false information with the intent of corrupting server responses to queries from other network systems, is an attack example of a(n) ________________________.

0.25000 points

QUESTION 48

  1. In database replication, the ______________________ process involves merging data from multiple dateabases into segmented source.
    a.Snapshot replication
    b.Merger replication
    c.Transferral replication
    d.Transaction replication

0.25000 points

QUESTION 49

  1. The CSIRT that provides advice and guidance to other organizational teams but have no direct or immediate authority over the teams they advise is a(n) ____________________________.
    a.Fully outsource team
    b.Central team
    c.Coordinating team
    d.Distributed team

0.25000 points

QUESTION 50

  1. A(n) ___________________________ is a formal or informal group of information technology and information security personnel who are tasked with securing an organization’s information assets by detecting and preventing attacks to its assets.

0.25000 points

QUESTION 51

  1. The Business Impact Analysis (BIA) contains weighted tables that are valuable to information technology personnel when there is a need to determine the categorical data frequency of an occurrence and the probability of its success, as the information contained in the weighted tables within the BIA is information compiled from countless maintained equipment and logs.

0.25000 points

QUESTION 52

  1. In database replication, the _________________ process involves copying data from one database to another source.
    a.Transferral replication
    b.Transaction replication
    c.Snapshot replication
    d.Merger replication

0.25000 points

QUESTION 53

  1. A(n) ____________________ is an enforceable recovery strategy that is implemented during an incident to reestablish an organization’s functions, application, and systems.
    a.maximum acceptable downtime
    b.recovery time objective
    c.recovery point objective
    d.maximum tolerable downtime

0.25000 points

QUESTION 54

  1. An organization may use a broad range of network placement options for its Network-based, Host-based, and Application-based IDPS’. The placement of the detection device and software significantly affect how effectively and efficiently the IDPS operates.

0.25000 points

QUESTION 55

  1. A(n) ____________________ threat category encompasses antiquated infrastructure that leads to untrustworthy and unreliable systems.

0.25000 points

QUESTION 56

  1. In a system analysis and design, a(n) ___________________ is used to chart flow processes, system operations, and its dependencies.

0.25000 points

QUESTION 57

  1. A critical business function and documentation in emergency preparedness is a disaster recovery plan because it ensures that an organization is capable and able to continue its core operational functions at an alternative site after its primary site was compromised.

0.25000 points

QUESTION 58

  1. A mirrored site is the most desirable hot site option because it uses either periodic or live data transfer of identically backed up information from an organizations critical resources that are utilized at its primary site.

0.25000 points

QUESTION 59

  1. Incident response procedures are _____________________ that excludes any efforts taken to preate for such actions because they are not considered part of preventive control.

0.25000 points

QUESTION 60

  1. A(n) ___________________ is a group of individuals who are responsible for the planning and developing an organization’s contingency planning process which includes the oversight of its subordinate teams and plan.

0.25000 points

QUESTION 61

  1. When training the CSIRT team on the IR plan, a(n) ________________ testing involves allowing the team members to follow every process within the plan, to include taking the organization’s system down, performing data restoration from a backup, and conducting notifications.

0.25000 points

QUESTION 62

  1. Host-based IDPS’ scrutinizes an organizations network data traffic by searching for matching patterns in known signatures, such as preconfiguration and predetermined attack schemas.

0.25000 points

QUESTION 63

  1. A(n) _________________ is a method of applying controls to diminish organizational risks to information and data systems.

0.25000 points

QUESTION 64

  1. Business resumption plans enable an organization to better prepare for its recovery after a man-made or natural disaster.

0.25000 points

QUESTION 65

  1. A(n) ___________________________ is the preliminary phase in the business continuity planning development process, as it investigates and assesses the impact that attacks will have on a business.

0.25000 points

QUESTION 66

  1. An AppIDPS evaluates application events by examining files generated by the applications with the intent of categorizing anomalous incidences, invalid file executions, exceeded user authorizations, or other activities that indicate problems in regular interactions between the user, the application, or data.

0.25000 points

QUESTION 67

  1. A(n) ____________________ is the concluding component in the CPMT planning process.
    a.BIA data collection
    b.budgeting for contingency operations
    c.identifying recovery priorities
    d.prioritizing mission/business processes

0.25000 points

QUESTION 68

  1. Precursors are an indicator that an adverse event is underway and is highly probable to become an incident, whereas an indicator is a sign that an observed activity is a signal that an incident will probably occur in the future.

0.25000 points

QUESTION 69

  1. A(n) _______________________ is a period in time where data and systems are able to be recovered subsequent to an outage.
    a.recovery point objective
    b.recovery time objective
    c.maximum tolerable downtime
    d.maximum acceptable downtime

0.25000 points

QUESTION 70

  1. Operating systems initiates processes that creates records of the behavior of an object once the journaling function is abled; these records are then recorded as entries and are stored in the journal’s receiver.

0.25000 points

QUESTION 71

  1. A(n) _______________________ occurs when legitimate incidents fail to receive attention and goes unreported.

0.25000 points

QUESTION 72

  1. System and network administrators often will use a(n) _______________ to scan their organization’s internal computer and networks to determine which vulnerabilities a hacker can see.

0.25000 points

QUESTION 73

  1. Network IDPS’ detects more categories of attacks than a Host-based IDPS because it does not necessitate complex configurations and extensive maintenance programs.

0.25000 points

QUESTION 74

  1. A(n) ________________________ comprises of legal documents to safeguards vendors against legal liabilities or actions taken by its clients.
    a.intellectual property assurance
    b.nondisclosure agreement
    c.statement of indemnification
    d.covenant not to compete

0.25000 points

QUESTION 75

  1. Follow-on incidents are highly probable when infected machines or other infected computers what may have been offline during the time of the attack are brought back online.

0.25000 points

QUESTION 76

  1. A(n) ______________________ is undetectable by preconfigured signatures because overtime it changes its shape.

0.25000 points

QUESTION 77

  1. An organization’s established policies are living documents that must be cultivated because they are continually growing and changing; therefore, regular editions must be disseminated to organizational members to ensure that they are accessible for everyone to read, understand, and agree on its contents.

0.25000 points

QUESTION 78

  1. Avoidance is a(n) _________________ approach that counteracts system vulnerability and exploitation by adding safeguards to limit access to assets and eliminate those weaknesses.
    a.termination
    b.mitigation
    c.transferal
    d.defense

0.25000 points

QUESTION 79

  1. A(n) ___________________ regulates what systems are the responsibility of the CSIRT.
    a.mission
    b.policy
    c.scope of operations
    d.constituency

0.25000 points

QUESTION 80

  1. In database replication, the _____________ process involves using a master database for normal operations while periodically copying new or updating entries to a backup source.
    a.Merger replication
    b.Transferral replication
    c.Snapshot replication
    d.Transaction replication

0.25000 points

QUESTION 81

  1. Anomaly-based IDPS’ periodically samples network activities to establish a baseline and then measures events that surpasses the established parameter, this excess activity is known as a(n) ___________________.

0.25000 points

QUESTION 82

  1. When an adverse event become an authentic threat to a business’ operation, they are categorized as an incident; therefore, an incident candidate is a process of evaluating circumstances that will involve those events.

0.25000 points

QUESTION 83

  1. A(n) _____________________ oversees security planning projects and provides critical information about discovered susceptibilities, threats, and recovery requirements.
    a.Information technology manager
    b.Business manager
    c.Information security manager
    d.Project manager

0.25000 points

QUESTION 84

  1. The ___________________ is a Federal law that prohibits real-time monitoring of network traffic and data communication.
    a.Wiretap Act
    b.Fourth amendment to the U.S. Constitution
    c.Pen/Trap Statute
    d.Electronic Communication Protection Act

0.25000 points

QUESTION 85

  1. A(n) _______________________ approach enhances the compatibility and portability of computing resources because it acknowledges all API calls initiated by the application.
    a.Hardware-level virtualization
    b.Operating system-level virtualization
    c.Application-level virtualization
    d.Virtual cloud-level virtualization

0.25000 points

QUESTION 86

  1. It is ill-advised for an organization to assign its patch management responsibility to its Incident Response Team (IRT) because these endeavors are challenging time-intensive functions that necessitate a high degree of expertise and cannot be delayed while the IRT respond to other incidents.

0.25000 points

QUESTION 87

  1. A(n) ____________________ is an event that causes false positives or triggers alarms when no actual attacks are actually in progress.

0.25000 points

QUESTION 88

  1. A continuity policy is a formal statement that directs endeavors for all subordinate response teams when they are developing their team specific response plans, overall operations, and functional processes for contingency operations within their respective organizations.

0.25000 points

QUESTION 89

  1. A (n) ____________________ strategy focuses on backing up multiple copies of databases for recovery purposes, whereas other solutions offers instantaneous availability of dynamic redundant data.

0.25000 points

QUESTION 90

  1. Hot, warm, and cold sites are timeshare options that are secured by service agreements with business partners to enable an organization to have viable disaster recovery and business continuity options at a reduced cost.

0.25000 points

QUESTION 91

  1. An organization’s business resumption plan describes and lists all of the necessary efforts and critical components that are required to resume workforce assignment and normal operation at its primary business location.

0.25000 points

QUESTION 92

  1. In the last phase of an after the incident action, the incident response team works to disinfect an organization’s system by running anti-malware and spyware software.

0.25000 points

QUESTION 93

  1. A(n) ___________________ replicates specific file subsets regardless if the files were identified or modified.
    a.incremental backup
    b.copy backup
    c.daily backup
    d.differential backup

0.25000 points

QUESTION 94

  1. A(n) _______________________ protects against data access loss caused by cache, device channel, power supply, and controller module failures.
    a.disaster tolerant disk systems
    b.failure tolerant disk systems
    c.disaster resistant disk systems
    d.failure resistant disk systems

0.25000 points

QUESTION 95

  1. Incident response processes attempt to contain and resolve identifiable incidents aligned to the incident response plan; whereas, the overall incident process is inclusive of preparation, detection, analysis, containment, eradication, recovery, and all other post-incident activities.

0.25000 points

QUESTION 96

  1. The primary responsibility for an organization’s management team and its leadership is to deal with unexpected situations and more importantly to reestablish the organization’s information system posture and the security of its information assets.

0.25000 points

QUESTION 97

  1. A(n) ___________________ represents the total time organizational leaders or administrators are agreeable to consent to disruptions or outages to its critical business processes.
    a.recovery time objective
    b.maximum acceptable downtime
    c.maximum tolerable downtime
    d.maximum allowable downtime

0.25000 points

QUESTION 98

  1. A(n) ____________________ team performs and manages an organization’s response by setting up and starting its operation at an off-site in the event of an incident occurring.
    a.Business continuity
    b.Incident response
    c.Disaster recovery
    d.Crisis management

0.25000 points

QUESTION 99

  1. A(n) __________________ is a group of individuals within an organization who shares values and have a common goal of ensuing that an organization functions to meet its objectives and mission.

0.25000 points

QUESTION 100

  1. Essentially a(n) _______________ are tasks that an organization must develop and perform to support its objectives and mission.

0.25000 points

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello, I have done your work. Thank you.
Attached.

Running head: QUIZ ISOL 632

1

QUIZ ISOL 632
Student name:
Course:
University:

QUIZ ISOL 632
QUIZ ISOL 632
1.

a) differential backup

2.

System-specific security policies (SysSP)

3.

c) transferal

4.

False

5.

c) risk management

6.

True

7.

d) defense

8.

a) reactive service

9.

Simulation

10.

b) Hardware-level virtualization

11.

False

12.

c) true attack stimulus

13.

d) failure resistant disk systems

14.

Before ac...


Anonymous
Just what I was looking for! Super helpful.

Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Content

Related Tags