FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 10: Planning for Contingencies

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 21

Short Answer

Review LaterAdd Note

Review Later

When dealing with an incident,the incident response team must conduct a(n)____________________,which entails a detailed examination of the events that occurred from first detection to final recovery.

Correct Answer

verified

after acti...

View Answer

Show Answer

Question 22

Multiple Choice

Review LaterAdd Note

Review Later

Which of the following is usually conducted via leased lines or secure Internet connections whereby the receiving server archives the data as it is received?.

A) Database shadowing
B) Timesharing
C) Traditional backups
D) Electronic vaulting

Correct Answer

verified

Show Answer

Question 23

Short Answer

Review LaterAdd Note

If operations at the primary site cannot be quickly restored,the ____________________ occurs concurrently with the DR plan,enabling the business to continue at an alternate site.

Which document must be changed when evidence changes hands or is stored?

Compare and contrast a hot site,a warm site,and a cold site.

What is the final stage of the business impact analysis when using the NIST SP 800-34 approach?

Disaster classification is the process of examining an adverse event or incident and determiningwhether it constitutes an actual disaster.____________

A(n)____________________ is an agency that provides,in the case of DR/BC planning,physical facilities for a fee.

What are the major components of contingency planning?

Explain the difference between a business impact analysis and the risk management process.

A(n)____________________ occurs when an attack affects information resources and/or assets,causing actual damage or other disruptions.

An item does not become evidence until it is formally admitted to evidence by a judge or other ruling official.

Which of the following is the best example of a rapid-onset disaster?

What teams are involved in contingency planning and contingency operations?

List four of the eight key components of a typical IR policy.

After an incident,but before returning to its normal duties,the CSIRT must do which of the following?

At what point in the incident lifecycle is the IR plan initiated?

List the seven steps of the incident recovery process according to Donald Pipkin.

A(n)____________________ is a document containing contact information of the individuals to notify in the event of an actual incident.

The first component of the analysis phase of a digital forensic investigation is ___________,which allows the investigator to quickly and easily search for a specific type of file.