This exam is a total of 100 questions and consists of true/false statements, fill in the blank, and MCQs

Anonymous
timer Asked: Oct 16th, 2018
account_balance_wallet $40

Question Description

The final exam covers materials in Chapter 7 – 12. You may notice some concepts that were covered in earlier chapters. The point of these questions is to reinforce key concepts. This exam is a total of 100 questions and consists of true/false statements, fill in the blank, and multiple-choice questions. In the fill in the blank portion of the quiz, you will type in your response to the question(s). There are incidences where you could receive credit for your response(s) if marked incorrect. To make this determination, I will go through the exam, after the due date, to make those adjustments accordingly. However, please double check the spelling of your responses, as you will not receive credit for misspelled words.

Unformatted Attachment Preview

1. When selecting an off-site facility to house data backups and other equipment, it is important to note that the DR and IR planning extend partial care for minimizing risks at the location. True False QUESTION 2 1. A valuable operation and training method that is conducted under adverse conditions is known as a(n) _____________________. QUESTION 3 1. Formal statements that direct all actions for an organization’s subordinate response team are the continuity policy, as it is developed to guide the team's overall operations and functional processes required for the contingency of its operations. True False QUESTION 4 1. Adverse events are authentic threats to an organization’s operations because they are categorized as incidents, whereas incident candidates are processes for evaluating circumstances that are inclusive of those events. True False QUESTION 5 1. When infection machines or computers that were offline during the time of an attack are brought back online, there is a high probability that a(n) __________________ will occur. QUESTION 6 1. Online hot servers such as domain controllers, databases, web and e-mail servers, often or frequently use cold servers to provide a reliable backup for its redundant functions by remaining in standby or near online state. True False QUESTION 7 1. A(n) ________________ team assesses hardware, wiring, intra- and internet connectivity, and works to reestablish these operations by replacing its destroyed or damage components. QUESTION 8 1. An advantage of law enforcement involvement after an incident is that an organization can lose control over its information and evidence when seeking to prosecute an attacker. True False QUESTION 9 1. During emergency preparedness, a critical documented function is the disaster recovery plan because it ensures that business capabilities and core functions continue to operate at its alternative location after the primary site was compromised. True False 0.25 points QUESTION 10 1. The disaster recovery team has a team champion, who is also a member of the emergency planning team which is comprised of a representative from every major organizational department. True False 0.25 points QUESTION 11 1. _________________ is the process of certifying that every employee is competent to accomplish at least a portion of the work functions of another employee. a. Cross-training b. Cross-training c. Task rotation d. Job rotation 0.25 points QUESTION 12 1. The preliminary phase when developing business continuity processes is to create a(n) _______________ because it investigates and assesses the impact that potential attacks or events would have on critical business operations. 0.25 points QUESTION 13 1. An organization that has effectively industrialized its policies should establish a(n) ______________________________ program to thoroughly integrate those policies within its organization and employees. 0.25 points QUESTION 14 1. A(n) ____________ is an area where people should gather in the event of a specific type of emergency, to facilitate quick head count. a. disaster area b. gathering area c. assembly area d. alternative area 0.25 points QUESTION 15 1. The CSIRT incident response mission philosophy is to or . 0.25 points QUESTION 16 1. ISO’s primary standard for crisis management, __________________ is labeled as incident response, but is intended to help organizations respond to disasters, social disruptions, or other significant events. a. ISO 22301:2011 b. ISO/IEC 24762:2008 c. ISO 22320:2011 d. ISO/IEC 27031:2011 0.25 points QUESTION 17 1. During simulation training, actual disasters that have occurred are created to allow members to perform his or her required tasks and to execute necessary procedures without interfering or interrupting normal business operations. True False 0.25 points QUESTION 18 1. Management and staff are trained to perform his or her roles in the DR plan because it is used to test the validity and effectiveness of the procedures and the team’s execution practices. True False 0.25 points QUESTION 19 1. An overview of an organization’s philosophy on how it disassemble its disaster recovery teams, operations, and planning efforts when addressing catastrophic incidents are detailed in its established policies. True False 0.25 points QUESTION 20 1. Threats, attacks, or an event that abruptly occurs with little to no warning, yet has the potential to have significant implications to people’s welfare and business productivity are known as _________________. a. slow-onset disaster b. rapid-onset disaster c. catastrophe disaster d. steady-onset disaster 0.25 points QUESTION 21 1. A(n) ___________________ enables a business to ensure its workforce grasps requirements and contents contained in its policies. a. comprehension b. review c. dissemination d. compliance 0.25 points QUESTION 22 1. Communication channels used by attackers are impossible to monitor because he or she uses social media IRC channels to gain recognition for attacks he or she may have caused. True False 0.25 points QUESTION 23 1. Documenting, examining, and assessing an organization’s information technology security posture and the problems it faces is known as ______________________. a. risk management b. risk control c. risk identification d. risk determination 0.25 points QUESTION 24 1. When there is a point of time within a function, application, or system that must be recovered, a(n) _____________________ is used as a basis for developing recovery strategies and whether to enforce those strategies during a situation. a. recovery time objective b. maximum acceptable downtime c. maximum tolerable downtime d. recovery point objective 0.25 points QUESTION 25 1. EnCase Forensic Edition is a method that offers an inflexible digital forensic platform that makes it tougher when developing training for investigators to perform their expert and specialized tasks. True False 0.25 points QUESTION 26 1. A (n) __________________ consists of two or more independent zones that protects against the loss of data and access due to multiple disk failure. a. failure tolerant disk systems b. disaster tolerant disk systems c. failure resistant disk systems d. disaster resistant disk systems 0.25 points QUESTION 27 1. In contrast to emergency response that focuses on the immediate safety of those affected, ___________________ addresses the services needed to get the organization and its stakeholders back to original levels of productivity or satisfaction. a. cross-training b. crisis communications c. humanitarian assistance d. emergency response 0.25 points QUESTION 28 1. The ___________________ component of the disaster recovery plan is vital because is directly affects an organization’s reinstatement of information systems and other resources. a. response b. resumption c. restoration d. recovery 0.25 points QUESTION 29 1. A process that is initiated by individuals who are subjected to digital forensic techniques with an intent of hiding or obfuscating items with evidentiary value is known as a(n) ________________. a. eDiscovery b. digital forensics c. discovery d. anti-forensics 0.25 points QUESTION 30 1. HIDPS’ maintains and produces independent audits of system logs which are useful when an attacker attempts to cover his or her activities by modifying system logs. True False 0.25 points QUESTION 31 1. A formal or informal group of information technology and security personnel who are responsible for securing information assets by detecting and preventing attacks are known as a(n) ___________________. 0.25 points QUESTION 32 1. A(n) __________________ notification is a description of a disaster that can occur in an organization, the probability of its occurrence, the description of necessary preparation actions, and subsequent best and worst case scenarios. 0.25 points QUESTION 33 1. Courts recognizes the ________________ because of its numerous exclusions to warrant requirements because there is a constant struggle to balance reasonable expectation for employee privacy and law enforcement’s need to conduct searches. 0.25 points QUESTION 34 1. A(n) ____________________ team provides recovery effort assistance for all nontechnical components and is responsible for managing and ensuring its compliance with the business impact analysis to ensure critical business functions are restored. 0.25 points QUESTION 35 1. The CM ___________ is responsible for overseeing the actions of the crisis management team and coordinating all crisis management efforts in cooperation with disaster recovery and/or business continuity planning, on an as-needed basis. a. communications coordinator b. human resources coordinator c. team leader d. emergency services coordinator 0.25 points QUESTION 36 1. The __________________ represents the total time a system owner or administrator is willing to accept for disruption or outages for business critical processes. a. maximum acceptable downtime b. maximum tolerable downtime c. recovery point objective d. recovery time objective 0.25 points QUESTION 37 1. The ___________________ component of the disaster recovery plan that is crucial for rehearsal and planning when reacting to an event or incident. a. Response b. Preparation c. Resumption d. Recovery 0.25 points QUESTION 38 1. A(n) ______________ occurs when an legitimate incidents fail to receive attention and goes unreported. 0.25 points QUESTION 39 1. The AppIDPS evaluate unusual application events because it reviews files created by applications to identify anomalous occurrences, invalid file executions, exceeded user authorizations, and other activities that would signal normal interactions issues between the user, applications, or data. True False 0.25 points QUESTION 40 1. A(n) _______________ allows a business to validate its workforce operates in support of its policies and guidelines. a. dissemination b. compliance c. review d. comprehension 0.25 points QUESTION 41 1. The ___________________ component of the disaster recovery plan is critical as it suitably recognizes and informs entities for instantaneous reactions to an incident or event. a. resumption b. response c. preparation d. recovery 0.25 points QUESTION 42 1. Often known as the maximum acceptable data loss, a(n) __________________ is a point in time were lost data or systems are able to be recovered following an outage. a. maximum acceptable downtime b. recovery time objective c. maximum tolerable downtime d. recovery point objective 0.25 points QUESTION 43 1. A(n) __________________ is an initial determination for the scope of confidentiality, integrity, and availability of information breach. 0.25 points QUESTION 44 1. When infection machines or computers that were offline during the time of an attack are brought back online, there is a high probability that follow-on incidents will occur. True False 0.25 points QUESTION 45 1. A group of individuals who are tasked with planning and developing the contingency planning processes and oversight of subordinate teams and their plans are a(n) _________________________. 0.25 points QUESTION 46 1. The Host-based IDPS evaluates network data traffic as it is searching for trends in pre-configured and predetermined attack patterns and other matching signatures. True False 0.25 points QUESTION 47 1. Hot, warm, and cold sites are time-share options that are leased in conjunction with other business partners and allows an organization to establish disaster recovery and business continuity options at a reduced cost. True False 0.25 points QUESTION 48 1. A(n) __________________ team serves as the command-and-control group because it manages the direction for all effects and assigned task to and receive updates from other teams. 0.25 points QUESTION 49 1. Often known as avoidance, a(n) ________________ approach prevents vulnerability exploitation by adding safeguards to limit access to assets and removing vulnerabilities. a. defense b. transferal c. termination d. mitigation 0.25 points QUESTION 50 1. Inclusive of all four functional components in contingency planning, a(n) _____________ approach reduces the impact of vulnerability exploitation with preparation and planning. a. termination b. defense c. transferal d. mitigation 0.25 points QUESTION 51 1. A disaster recovery plan is a living document that necessitates constant changes, because of this an organization must have robust __________________ techniques to ensure that it is regularly updated. 0.25 points QUESTION 52 1. Business continuity planning will not fail if there are no formally established commitments from senior leaders, because the primary support required for its implementation and execution is gained from response team members and other employees. True False 0.25 points QUESTION 53 1. An Incident Response Commander’s primary responsibility includes determining if specific incident types, if any, has occurred and what strategical reactions are most appropriate to address the situation. True False 0.25 points QUESTION 54 1. The process of collecting, reviewing, and searching for electronically stored records or files that hold significance and value during legal proceedings is known as a(n) _______________________. a. discovery b. digital forensics c. eDiscovery d. anti-forensics 0.25 points QUESTION 55 1. RAID means Redundant Array of Incident Disks. True False 0.25 points QUESTION 56 1. A(n) ______________ approach shifts identified risks to other assets, processes, or organizations and is accomplished by rethinking how services, deployment models, outsourcing, or service contracts are offered or acquired. a. mitigation b. defense c. termination d. transferal 0.25 points QUESTION 57 1. The CSIRT directs its energies towards eradication, containment, and recovery efforts before attempting to identify the nature, source, or person responsible for the attack. True False 0.25 points QUESTION 58 1. A(n) ______________ team recovers information and operating system resources by reestablishing the functionality of these systems during recovery efforts. 0.25 points QUESTION 59 1. Because of server recovery advancements, a(n) ______________________ technology was designed to replace operating systems and services whenever they failed. 0.25 points QUESTION 60 1. A(n) _______________ is focused actions that deals primarily with the safety of the organizational members who may be directly involved with a disaster. 0.25 points QUESTION 61 1. A(n) ______________________ is undetectable by preconfigured signatures because overtime it changes its shape. 0.25 points QUESTION 62 1. A(n) _______________ are incident response procedures that exclude efforts taken to preate actions because they are not considered a part of required preventative controls. 0.25 points QUESTION 63 1. The hardest part of the recovery process is identifying what data was disclosed, while disclosed data may be unrecoverable damaged data has a better chance for recovery. True False 0.25 points QUESTION 64 1. Maintaining an organization’s information systems confidentiality, integrity, and availability through vulnerability identification is known as __________________. a. risk determination b. risk identification c. risk control d. risk management 0.25 points QUESTION 65 1. A(n) ____________________ are attempts made by an internal entity to escalate his or her privileges to either read or access information he or she may not have had previous permission. 0.25 points QUESTION 66 1. When an organization decides or need an information asset to remain unprotected, the decision is based on ________________ to remove the asset from the risk environment. a. transferal b. defense c. mitigation d. termination 0.25 points QUESTION 67 1. While it is resource intensive to erase all traces of an incident from an organization’s system, incident recovery reestablishes its post-incident system status. True False 0.25 points QUESTION 68 1. Placing uncommon central log servers in more highly protected areas of the network will not prevent unauthorized access, but it will assist with all pre-event analysis required in order to avoid an incident’s reoccurrence. True False 0.25 points QUESTION 69 1. ____________________ are those steps taken to inform stakeholders regarding the timeline of events, the actions taken, and sometimes the reasons for those actions. a. Cross-training b. Humanitarian assistance c. Emergency response d. Crisis communications 0.25 points QUESTION 70 1. The ___________________ component of the disaster recovery plan is vital because is directly affects an organization’s reinstatement of operations at its primary location. a. recovery b. response c. restoration d. resumption 0.25 points QUESTION 71 1. Observed network traffic that exceeds its measured baseline values is an indicator that incident candidates are presented, and during these circumstances, these occurrences are categorized with unexpected time probable indicators. True False 0.25 points QUESTION 72 1. A(n) ______________ enables a business to validate documents that are distributed in an intelligible form and with alternative languages. a. compliance b. dissemination c. comprehension d. review 0.25 points QUESTION 73 1. As an organization prepares to move back to its primary location, this is an indication that the beginning of the end for the disaster is nearing. True False 0.25 points QUESTION 74 1. Although polices differ from organization to organization, the first step to crafting any contingency plan is enable the development of business continuity plans. True False 0.25 points QUESTION 75 1. The statement, "We thought we had more important issues to handle" is an example of which type of organizational response? a. Deferral b. Denial c. Inattention to warn d. Ignorance 0.25 points QUESTION 76 1. Operating systems initiates a process that creates records of object behaviors when enabling journaling functionality for an object and documents for these recordings are stored as entries in the receiver. True False 0.25 points QUESTION 77 1. Established policies are living documents because it continually grows and requires constant updating and dissemination to organizational members so that everyone has accessibility to read, understand, and agree on its contents. True False 0.25 points QUESTION 78 1. A (n) ________________________ is a replaceable unit monitoring and failure indicator that protects against data loss due to replaceable unit failure. a. disaster resistant disk systems b. failure tolerant disk systems c. disaster tolerant disk systems d. Failure Resistant Disk Systems 0.25 points QUESTION 79 1. Distinctly different from inappropriate usage, authorized access incidents are categorized as direct violations of organizational policies rather an as an action to abuse existing systems. True False 0.25 points QUESTION 80 1. A(n) ______________ are prepacked field kits that contain portable equipment and tools that are needed by digital forensic teams to conduct an investigation. a. forensic bag b. evidence kit c. portal set d. jump bag 0.25 points QUESTION 81 1. ___________________________ are those actions taken in order to manage the immediate physical, health, and environmental impacts resulting from an incident. a. Crisis communications b. Humanitarian assistance c. Emergency response d. Cross-training 0.25 points QUESTION 82 1. An Enterprise Information Security Policy (EISP) is a blueprint that aligns development, implementation, and management of technology framework and structures to an organization’s vision, mission, and strategy. True False 0.25 points QUESTION 83 1. A(n) __________________ is a threat, attack, event, or incident that steadily occurs and weakens organizat ...
Purchase answer to see full attachment

Tutor Answer

CITYNAI
School: New York University

Attached.

1. When selecting an off-site facility to house data backups and other equipment, it is important to
note that the DR and IR planning extend partial care for minimizing risks at the location.
True
False
QUESTION 2
1. A valuable operation and training method that is conducted under adverse conditions is known as
a(n) __performance appraisal___________________.
QUESTION 3
1. Formal statements that direct all actions for an organization’s subordinate response team are the
continuity policy, as it is developed to guide the team's overall operations and functional
processes required for the contingency of its operations.
True
False
QUESTION 4
1. Adverse events are authentic threats to an organization’s operations because they are categorized
as incidents, whereas incident candidates are processes for evaluating circumstances that are
inclusive of those events.
True
False
QUESTION 5
1. When infection machines or computers that were offline during the time of an attack are brought
back online, there is a high probability that a(n) ___follow-on incidents_ will occur.
QUESTION 6
1. Online hot servers such as domain controllers, databases, web and e-mail servers, often or
frequently use cold servers to provide a reliable backup for its redundant functions by remaining
in standby or near online state.
True
False
QUESTION 7
1. A(n) _technical software team assesses hardware, wiring, intra- and internet connectivity, and
works to reestablish these operations by replacing its destroyed or damage components.
QUESTION 8
1. An advantage of law enforcement involvement after an incident is that an organization can lose
control over its information and evidence when seeking to prosecute an attacker.

True
False
QUESTION 9
1. During emergency preparedness, a critical documented function is the disaster recovery plan
because it ensures that business capabilities and core functions continue to operate at its
alternative location after the primary site was compromised.
True
False
0.25 points
QUESTION 10
1. The disaster recovery team has a team champion, who is also a member of the emergency
planning team which is comprised of a representative from every major organizational
department.
True
False
0.25 points
QUESTION 11
1. _________________ is the process of certifying that every employee is competent to accomplish
at least a portion of the work functions of another employee.
a. Cross-training
b. Cross-training
c. Task rotation
d. Job rotation
0.25 points
QUESTION 12
1. The preliminary phase when developing business continuity processes is to create a(n) __critical
business processes__ because it investigates and assesses the impact that potential attacks or
events would have on critical business operations.
0.25 points
QUESTION 13
1. An organization that has effectively industrialized its policies should establish
a(n) ___corporate social responsibilty___ program to thoroughly integrate those policies within
its organization and employees.
0.25 points
QUESTION 14
1. A(n) ____________ is an area where people should gather in the event of a specific type of
emergency, to facilitate quick head count.
a. disaster area
b. gathering area

c. assembly area
d. alternative area
0.25 points
QUESTION 15
1. The CSIRT incident response mission philosophy is to receiving or reviewing
0.25 points
QUESTION 16
1. ISO’s primary standard for crisis management, __________________ is labeled as incident
response, but is intended to help organizations respond to disasters, social disruptions, or other
significant events.
a. ISO 22301:2011
b. ISO/IEC 24762:2008
c. ISO 22320:2011
d. ISO/IEC 27031:2011
0.25 points
QUESTION 17
1. During simulation training, actual disasters that have occurred are created to allow members to
perform his or her required tasks and to execute necessary procedures without interfering or
interrupting normal business operations.
True
False
0.25 points
QUESTION 18
1. Management and staff are trained to perform his or her roles in the DR plan because it is used to
test the validity and effectiveness of the procedures and the team’s execution practices.
True
False
0.25 points
QUESTION 19
1. An overview of an organization’s philosophy on how it disassemble its disaster recovery teams,
operations, and planning efforts when addressing catastrophic incidents are detailed in its
established policies.
True
False
0.25 points
QUESTION 20
1. Threats, attacks, or an event that abruptly occurs with little to no warning, yet has the potential to
have significant implications to people’s welfare and business productivity are known as
_________________.

a. slow-onset disaster
b. rapid-onset disaster
c. catastrophe disaster
d. steady-onset disaster
0.25 points
QUESTION 21
1. A(n) ___________________ enables a business to ensure its workforce grasps...

flag Report DMCA
Review

Anonymous
Good stuff. Would use again.

Similar Questions
Hot Questions
Related Tags
Study Guides

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors