quiz ISOL 632 Business Continuity Planning and Disaster Recovery Planning

User Generated

cenouhx123

Computer Science

ISOL 632

University of the Cumberlands

Description

Description

The final exam covers materials in Chapter 7 – 12. You may notice some concepts that were covered in earlier chapters. The point of these questions is to reinforce key concepts. This exam is a total of 100 questions and consists of true/false statements, fill in the blank, and multiple-choice questions. In the fill in the blank portion of the quiz, you will type in your response to the question(s). There are incidences where you can receive credit for your response(s) if marked incorrect. I will go through the quiz after its due date, to make those adjustments. Please double check the spelling of your responses, as you will not receive credit for misspelled words.


Good luck everyone!

Instructions
Multiple AttemptsNot allowed. This test can only be taken once.
Force CompletionThis test can be saved and resumed later.

QUESTION 1

  1. An Enterprise Information Security Policy (EISP) supports an organizations vision and mission by serving as a strategic blueprint that guides development, implementation, and management of its technological framework and structure.

0.25000 points

QUESTION 2

  1. An organization’s established policies are living documents that must be cultivated because they are continually growing and changing; therefore, regular editions must be disseminated to organizational members to ensure that they are accessible for everyone to read, understand, and agree on its contents.

0.25000 points

QUESTION 3

  1. A(n) ________________ is a component of the disaster recovery plan as it is crucial for an organization’s rehearsal and planning when reacting to an incident.
    a.preparation
    b.response
    c.recovery
    d.resumption

0.25000 points

QUESTION 4

  1. The mission and philosophy of an organization’s CSIRT incident response is to or .

0.25000 points

QUESTION 5

  1. A disaster recovery plan is a living document that is continually changing, so an organization must have a robust ____________________ technique and procedure in place to ensure that it is regularly updated as changes occur.

0.25000 points

QUESTION 6

  1. Comparable to a majority of critical business processes, business continuity planning cannot fail even if there is not a clearly established or formal commitment from senior executives or organizational leaders; as long as employees and response team members are supportive of the plan its implement and execution will be successful.

0.25000 points

QUESTION 7

  1. A(n) _________________ is a component of the disaster recovery plan as it is crucial for an organization ability reinstate its operation at its primary location after an incident.
    a.response
    b.resumption
    c.restoration
    d.recovery

0.25000 points

QUESTION 8

  1. Follow-on incidents are highly probable when infected machines or other infected computers what may have been offline during the time of the attack are brought back online.

0.25000 points

QUESTION 9

  1. A(n) ______________ documents, examines, and assesses an organization’s information security posture and prospective problems it may contend with.
    a.risk determination
    b.risk management
    c.risk identification
    d.risk control

0.25000 points

QUESTION 10

  1. A(n) ____________________ protects against data access loss caused by cache, device channel, power supply, and controller module failures.
    a.disaster tolerant disk systems
    b.failure tolerant disk systems
    c.disaster resistant disk systems
    d.failure resistant disk systems

0.25000 points

QUESTION 11

  1. A(n) __________________ is an attempt made by an organizational insider to either escalate his or her privileges to review information or to access information for which they had no prior permission.

0.25000 points

QUESTION 12

  1. A(n) _____________ is a locale where people mobilize during specific emergency incidents to conduct a rapid head-count.
    a.alternative area
    b.gathering area
    c.disaster area
    d.assembly area

0.25000 points

QUESTION 13

  1. A(n) ______________ occurs when legitimate incidents fail to receive attention or goes unreported.

0.25000 points

QUESTION 14

  1. A formal team of individuals known as the Computer Security Incident Response Team (CSIRT) is not tasked with supporting an organization’s policies, procedures, technology, data, or other internal component that are necessary to prevent, detect, react, and recovery from incidents that will potentially damage the organization’s business information system.

0.25000 points

QUESTION 15

  1. Actions that primarily focuses on the safety of personnel who are affected directly or involved in a disaster is detailed in the organization’s ___________________ processes.

0.25000 points

QUESTION 16

  1. When an organization observes that its network traffic has exceeded its measured and established baseline values, this is an indicator that an incident candidate is present. Under these circumstances, these occurrences are categorized with an unexpected time probable indicator.

0.25000 points

QUESTION 17

  1. A(n) ____________________ is a legal record of evidence that denotes and accounts for all points within the evidence lifecycle where an individual may have had access.

0.25000 points

QUESTION 18

  1. A(n) _________________ enables an organization to validate that its workforce grasps requirements and content within its policies.
    a.compliance
    b.review
    c.comprehension
    d.dissemination

0.25000 points

QUESTION 19

  1. A(n) ___________________________ is a formal or informal group of information technology and information security personnel who are tasked with securing an organization’s information assets by detecting and preventing attacks to its assets.

0.25000 points

QUESTION 20

  1. A(n) ___________________ is a description of a disaster that could befall on an organization, in addition to information on the probability of an occurrence, a brief description of preparation actions and its subsequent best and worst case scenarios.

0.25000 points

QUESTION 21

  1. A(n) _______________ team evaluate and assess hardware, wiring, internet connectivity while also working to reestablish its functionality by either replacing or repairing destroyed or damaged components.

0.25000 points

QUESTION 22

  1. A(n) ___________________ represents the total time organizational leaders or administrators are agreeable to consent to disruptions or outages to its critical business processes.
    a.recovery point objective
    b.recovery time objective
    c.maximum acceptable downtime
    d.maximum tolerable downtime

0.25000 points

QUESTION 23

  1. A critical business function and documentation in emergency preparedness is a disaster recovery plan because it ensures that an organization is capable and able to continue its core operational functions at an alternative site after its primary site was compromised.

0.25000 points

QUESTION 24

  1. A(n) ____________________ threat category encompasses antiquated infrastructure that leads to untrustworthy and unreliable systems.

0.25000 points

QUESTION 25

  1. A(n) _____________________ policy is codified standards and procedures executed when configuring or maintaining an organization’s systems.

0.25000 points

QUESTION 26

  1. A(n) _______________________ is a period in time where data and systems are able to be recovered subsequent to an outage.
    a.maximum tolerable downtime
    b.maximum acceptable downtime
    c.recovery time objective
    d.recovery point objective

0.25000 points

QUESTION 27

  1. A(n) ____________________ process is initiated by individuals subjected to digital forensic techniques with an intent to hide or obfuscate items with evidentiary value.
    a.anti-forensics
    b.eForensics
    c.eDiscovery
    d.anti-discovery

0.25000 points

QUESTION 28

  1. A(n) _______________ is highly probable when infected machines or offline computers are brought back online following an attack.

0.25000 points

QUESTION 29

  1. A(n) CM’s ______________________ is responsible for overseeing the actions of the crisis management team efforts and management when cooperating disaster recovery and business continuity planning, on an as-needed basis.
    a.emergency services coordinator
    b.team leader
    c.communications coordinator
    d.human resources coordinator

0.25000 points

QUESTION 30

  1. When an organization decides or need an information asset to remain unprotected, the decision is based on ________________ to remove the asset from the risk environment.
    a.mitigation
    b.termination
    c.transferal
    d.defense

0.25000 points

QUESTION 31

  1. A continuity policy is a formal statement that directs endeavors for all subordinate response teams when they are developing their team specific response plans, overall operations, and functional processes for contingency operations within their respective organizations.

0.25000 points

QUESTION 32

  1. Organizational philosophies are overviewed within its policies and in how it elects to conduct disaster recovery operations along with functions and processes to construct recovery plans.

0.25000 points

QUESTION 33

  1. Centralized log servers that are placed in highly protected areas in the network will not deter unauthorized access, but it will assist with post-event analysis to prevent reoccurrences.

0.25000 points

QUESTION 34

  1. A(n) _______________________ approach shifts acknowledged threats to other assets, processes, or organizations and is accomplished by reconsidering how services, deployment models, outsourcing, or service contracts are offered or acquired.
    a.mitigation
    b.defense
    c.termination
    d.transferal

0.25000 points

QUESTION 35

  1. A(n) _______________ is a threat, attack, or event that abruptly occurs with little or no warning and has potential to impede on people’s welfare and an organization’s productivity.
    a.steady-onset disaster
    b.swift-onset disaster
    c.slow-onset disaster
    d.rapid-onset disaster

0.25000 points

QUESTION 36

  1. A(n) _________________ actions taken by an organization to inform its stakeholders about the timeline of events, actions made, and the rationality behind those actions.
    a.Crisis communications
    b.Emergency response
    c.Cross-training
    d.Humanitarian assistance

0.25000 points

QUESTION 37

  1. When an adverse event become an authentic threat to a business’ operation, they are categorized as an incident; therefore, an incident candidate is a process of evaluating circumstances that will involve those events.

0.25000 points

QUESTION 38

  1. Hot, warm, and cold sites are timeshare options that are secured by service agreements with business partners to enable an organization to have viable disaster recovery and business continuity options at a reduced cost.

0.25000 points

QUESTION 39

  1. A(n) _______________ comprises of two or more independent zones that safeguards an organization against the loss of data or multiple disk failure.
    a.failure tolerant disk systems
    b.disaster tolerant disk systems
    c.disaster resistant disk systems
    d.failure resistant disk systems

0.25000 points

QUESTION 40

  1. A(n) _____________________ is a component of the disaster recovery plan as it is crucial for an organization ability to suitably recognize and instantaneously react to an incident.
    a.resumption
    b.recovery
    c.preparation
    d.response

0.25000 points

QUESTION 41

  1. It is nearly impossible to monitor all communication channels that an attacker will use; therefore, more advanced attackers often use IRC channels on social media to gain recognition or credit they have inflicted on an organization.

0.25000 points

QUESTION 42

  1. NIST SP 800-34 guides an organization’s integration of disaster recovery and business continuity components in its contingency planning processes within its business resumption plan.

0.25000 points

QUESTION 43

  1. The statement, "We thought we had more important issues to handle" is an example of which type of organizational response?
    a.Inattention to warn
    b.Ignorance
    c.Deferral
    d.Denial

0.25000 points

QUESTION 44

  1. A(n) ______________________ is undetectable by preconfigured signatures because over time it changes its shape.

0.25000 points

QUESTION 45

  1. A disaster recovery team consists of a team champion who also hold membership to the CSIRT and a representing body from all major divisions within the organization.

0.25000 points

QUESTION 46

  1. A(n) ___________________ enables an organization to validate that its workforce is in accordance and act in support of its policies and guidelines.
    a.dissemination
    b.review
    c.compliance
    d.comprehension

0.25000 points

QUESTION 47

  1. A(n) ________________ enables an organization to validate that its distributed documents are in intelligible forms and alternative languages.
    a.dissemination
    b.compliance
    c.comprehension
    d.review

0.25000 points

QUESTION 48

  1. In a system analysis and design, a(n) ___________________ is used to chart flow processes, system operations, and its dependencies.

0.25000 points

QUESTION 49

  1. Simulation training purpose is to recreate actual disasters that have occurred and enables response teams to perform their required functions and procedures without interfering with its normal business operations.

0.25000 points

QUESTION 50

  1. A prepacked field kit that contains portal sets of equipment and tools needed by the digital forensic team to conduct an investigation is known as a(n) _______________________.
    a.portal set
    b.jump bag
    c.forensic bag
    d.evidence kit

0.25000 points

QUESTION 51

  1. Incident response procedures are _____________________ that excludes any efforts taken to preate for such actions because they are not considered part of preventive control.

0.25000 points

QUESTION 52

  1. Presentation and analysis necessitate specialized tools that a majority of IT professionals do not have, access; therefore the first-response expertise is shared among all IT professionals and is supplemented by procedures and documentation that preserve evidentiary evidence collection.

0.25000 points

QUESTION 53

  1. Inclusive of all four functional components within contingency planning, a(n) _____________ approach decreases the impact of vulnerability exploitation with appropriate preparation and planning.
    a.transferal
    b.termination
    c.defense
    d.mitigation

0.25000 points

QUESTION 54

  1. Server recovery progressions brought forth a(n) _____________________ technology that is designed to replace operating systems and services whenever they fail.

0.25000 points

QUESTION 55

  1. A(n) _________________ actions are taken to manage its immediate physical, health, and environmental impact resulting from an incident.
    a.Crisis communications
    b.Humanitarian assistance
    c.Emergency response
    d.Cross-training

0.25000 points

QUESTION 56

  1. A(n) _____________________ team provides recovery assistance for all of an organization’s nontechnological recovery components while managing and ensuring that all business-critical recovery functions and efforts are aligned and in compliance with the business impact analysis.

0.25000 points

QUESTION 57

  1. The Business Impact Analysis (BIA) contains weighted tables that are valuable to information technology personnel when there is a need to determine the categorical data frequency of an occurrence and the probability of its success, as the information contained in the weighted tables within the BIA is information compiled from countless maintained equipment and logs.

0.25000 points

QUESTION 58

  1. A(n) _______________________ is the command-and-control group who coordinates planning activities and manages the direction of those efforts by assigning work and receiving updates from other organizational response teams.

0.25000 points

QUESTION 59

  1. A(n) __________________ is a component of the disaster recovery plan as it is crucial for an organization ability directly reinstate its information systems and other resources when reacting to an incident.
    a.restoration
    b.recovery
    c.response
    d.resumption

0.25000 points

QUESTION 60

  1. A(n) _______________________ actions taken by an organization to address services needed to get the business and its stakeholders back to its original level of productivity and satisfaction.
    a.humanitarian assistance
    b.emergency response
    c.cross-training
    d.crisis communications

0.25000 points

QUESTION 61

  1. A(n) ____________________ is an enforceable recovery strategy that is implemented during an incident to reestablish an organization’s functions, application, and systems.
    a.recovery point objective
    b.maximum acceptable downtime
    c.maximum tolerable downtime
    d.recovery time objective

0.25000 points

QUESTION 62

  1. Incident response processes attempt to contain and resolve identifiable incidents aligned to the incident response plan; whereas, the overall incident process is inclusive of preparation, detection, analysis, containment, eradication, recovery, and all other post-incident activities.

0.25000 points

QUESTION 63

  1. The Incident Response Commander, also known as the CSIRT leaders, is principally responsible for making determinations as to whether a specific type of incident, if any, has occurred and what strategical reactions are most appropriate to address the situation.

0.25000 points

QUESTION 64

  1. Operating systems initiates processes that creates records of the behavior of an object once the journaling function is abled; these records are then recorded as entries and are stored in the journal’s receiver.

0.25000 points

QUESTION 65

  1. A(n) ________________ is an ISO crisis management standard that labels incident response that is intended to help an organization respond to disasters, social disruptions, and other significant events.
    a.ISO 22301:2011
    b.ISO 22320:2011
    c.ISO/IEC 27031:2011
    d.ISO/IEC 24762:2008

0.25000 points

QUESTION 66

  1. A(n) ____________________ team recovers information system resources and operating systems while also working to reestablish functionality to those systems during recovery efforts.

0.25000 points

QUESTION 67

  1. A universal planning approach is required for disaster recovery groups, as centralized response approaches can occur only after a business recovery policy is complete and its processes are executable.

0.25000 points

QUESTION 68

  1. An organization’s management and staff can only successfully perform his or her response functions outlined in the disaster recovery plan when invalidation tests complied from other response teams are prepared.

0.25000 points

QUESTION 69

  1. An AppIDPS evaluates application events by examining files generated by the applications with the intent of categorizing anomalous incidences, invalid file executions, exceeded user authorizations, or other activities that indicate problems in regular interactions between the user, the application, or data.

0.25000 points

QUESTION 70

  1. A(n) ____________________ is a threat, attack, or event that abruptly occurs with little or no warning and has the potential to significantly impede people’s welfare and an organization’s productivity.
    a.steady-onset disaster
    b.rapid-onset disaster
    c.swift-onset disaster
    d.slow-onset disaster

0.25000 points

QUESTION 71

  1. Policies differ across institutions; however, a consistent first phase in the business continuity process is to enable the development of such policies.

0.25000 points

QUESTION 72

  1. While many organizations do not currently use this method, a(n) ___________________ is a valuable training technique that is conducted by the organization during adverse conditions.

0.25000 points

QUESTION 73

  1. A(n) ___________________ is a group of individuals who are responsible for the planning and developing an organization’s contingency planning process which includes the oversight of its subordinate teams and plan.

0.25000 points

QUESTION 74

  1. RAID is an acronym for Redundant Array of Incident Disks.

0.25000 points

QUESTION 75

  1. A(n) ___________________________ is the preliminary phase in the business continuity planning development process, as it investigates and assesses the impact that attacks will have on a business.

0.25000 points

QUESTION 76

  1. A(n) ________________ is a component of the disaster recovery plan as it is crucial for an organization as it directly affects its ability to retrieve information systems and other resources.
    a.preparation
    b.response
    c.resumption
    d.recovery

0.25000 points

QUESTION 77

  1. A(n) ______________ technique is a process that assists an organization to certify that it has adequate employee competencies to accomplish portions of work functions performed by other staff.
    a.Cross-training
    b.Job-training
    c.Task rotation
    d.Job rotation

0.25000 points

QUESTION 78

  1. Online hot servers such as domain controllers, databases, web and e-mail servers, often or frequently use cold servers to provide a reliable backup for its redundant functions by remaining in standby or near online state.

0.25000 points

QUESTION 79

  1. The United States of America’s court has recognized numerous exclusions in regards to warrant requirements as detailed in the ________________, which finds the balance between maintaining employee privacy and law enforcement and an organization’s need to conduct searches.

0.25000 points

QUESTION 80

  1. SP 800-88 Guideline for Media Sanitization recommends anti-forensic practices intended to safeguard data from disclosure.

0.25000 points

QUESTION 81

  1. Inappropriate use and unauthorized access are indistinct incidents categorized as policy violations rather than system abuse.

0.25000 points

QUESTION 82

  1. As organization’s prepare to return to its original business location, this is an indicator that the beginning of the end for the disaster is nearing a conclusion.

0.25000 points

QUESTION 83

  1. A(n) _______________________ determines the initial scope of an organization’s prospective breach of confidentiality, integrity, and availability of its information and other assets.

0.25000 points

QUESTION 84

  1. A(n) _____________________ maintains the confidentiality, integrity, and available of an organization’s information system by identifying prospective vulnerabilities.
    a.risk identification
    b.risk control
    c.risk management
    d.risk determination

0.25000 points

QUESTION 85

  1. Host-based IDPS’ scrutinizes an organizations network data traffic by searching for matching patterns in known signatures, such as preconfiguration and predetermined attack schemas.

0.25000 points

QUESTION 86

  1. A(n) _____________________ is a replaceable unit monitoring and failure indicator that protects against data loss due or system failure.
    a.failure tolerant disk systems
    b.Failure Resistant Disk Systems
    c.disaster tolerant disk systems
    d.disaster resistant disk systems

0.25000 points

QUESTION 87

  1. Disclosed data potentially can become unrecoverable during an attack on information systems, while damage data have a higher chance of recovery; yet, the hardest part of the recovery process is identifying what data was disclosed.

0.25000 points

QUESTION 88

  1. A(n) _______________ enables an organization to validate its relevant policies are readily accessible in multiple formats for its entire workforce.
    a.dissemination
    b.comprehension
    c.review
    d.compliance

0.25000 points

QUESTION 89

  1. Organizations who aspire to develop effective policies must establish a(n) __________________ program, which would enable it to thoroughly integrate newly instituted policies into the organization and with its employees.

0.25000 points

QUESTION 90

  1. Digital forensics comprises of the collect of graphics, information, images, or other electronic and physical items that have value for legal proceedings.

0.25000 points

QUESTION 91

  1. HIDPS’ benefit is that it maintains its file logs that are useful when an attacker successfully attempts to mask its tracks by modifying its registry and produces its own independent audit of the attack.

0.25000 points

QUESTION 92

  1. Preventative control identification is performed as part of an organization’s ongoing information security posture that implements appropriate safeguards for data storage and facilitiation for its recovery.

0.25000 points

QUESTION 93

  1. Avoidance is a(n) _________________ approach that counteracts system vulnerability and exploitation by adding safeguards to limit access to assets and eliminate those weaknesses.
    a.mitigation
    b.termination
    c.transferal
    d.defense

0.25000 points

QUESTION 94

  1. A(n) ­­­­­­­­­­­­­­­­­____________________ is a process of collecting, reviewing, and searching for electronically stored records or files that have significant evidentiary value used during legal proceedings.
    a.eDiscovery
    b.digital discovery
    c.eForensics
    d.digital forensics

0.25000 points

QUESTION 95

  1. The CSIRT must focus on eradication, containment, and recovery effort first before it attempts to identify the nature, source, or the individuals responsible for initiating the attack.

0.25000 points

QUESTION 96

  1. EnCase Forensic Edition is an inflexible digital forensic platform that makes it tougher to develop training for investigators to perform their specialized tasks and functions efficiently.

0.25000 points

QUESTION 97

  1. Remediating traces of an attack and pre-incident incident resumption that are critical for maintaining an organization’s critical and vital systems requires a lot of time, and it is a resource-intensive endeavor.

0.25000 points

QUESTION 98

  1. An advantage of law enforcement involvement, immediately following an incident, is the loss of information control and evidence once seeking to prosecute an attacker.

0.25000 points

QUESTION 99

  1. An important factor to consider in the about disaster recovery and incident response planning, is during the selection of an off-site data storage facility, is that alternative locations are risk resistant with a high probability of securing data.

0.25000 points

QUESTION 100

  1. A(n) _______________ is an ISO standard that stipulates what an organization must accomplish once it initiates its business continuity management system.
    a.ISO 22301:2011
    b.ISO/IEC 24762:2008
    c.ISO 22320:2011
    d.ISO/IEC 27031:2011

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hi, here is ...


Anonymous
This is great! Exactly what I wanted.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags