Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
8 Cards in this Set
- Front
- Back
|
4. List the seven-step CP process as defined by the NIST. Why is it the recommended standard approach to the process?
|
• Develop CP policy statement • Conduct BIA • Identify preventative controls • Develop recovery strategies • Develop IT contingency plan • Plan testing, training, and exercises • Plan maintenance It’s a tested methodology. |
|
|
6. Define the term incident as used in the context of IRP. How is it related to the concept of incident response?
|
An incident, either natural or manmade, is an attack on the information through an attack or an accident. In reference to the incident response, it is when there is a minor problem or incident that triggers the IRP.
|
|
|
7. List and describe the three criteria used to determine whether an actual incident is occurring.
|
Information assets are targets of attack, and there is a good chance of the attack successfully compromising the confidentiality, integrity, or availability of information resources.
|
|
|
8. List and describe the sets of procedures used to detect, contain, and resolve an incident.
|
• Before the Incident: Planners will draft the following procedures – Details of the data backup schedules, Disaster Recovery Preparations, Training Schedules, Testing the plans, Copying the Service Agreements, and the Business Continuity Plans. These are procedures that must be performed before and incident occurs. • During the Incident: Planners will develop and document the procedures that must be performed during the Incident occurrence. These procedures should be grouped and assigned to various roles. The planning committee will the n draft a set of function-specific procedures. • After the Incident: When the procedures for handling an incident are drafted, the planners then develop and document the procedures that must be performed immediately after the Incident has stopped. Separate functional areas may also develop different procedures. |
|
|
9. List and describe IR planning steps.
|
• Incident Detection: • Incident Response: • Incident Containment: • Incident Recovery: |
|
|
15. What is a disaster recovery plan, and why is it important to the organization?
|
Disaster recovery planning (DRP) is the preparation for and recovery from a disaster, whether natural or manmade. The key role of a DRP is defining how to reestablish operations at the location where the organization is usually located
|
|
|
17. What is a business continuity plan, and why is it important?
|
BCP ensures critical business functions can continue in a disaster. It is managed by the CEO of organization. BCP is activated and executed concurrently with the DRP when needed. While BCP reestablishes critical functions at alternate site, DRP focuses on reestablishment at the primary site. BCP relies on identification of critical business functions and the resources to support them |
|
|
18. What is a business impact analysis and what is it used for?
|
BIA provides information about systems and threats and provides detailed scenarios for each potential attack. BIA is not risk management, which focuses on identifying threats, vulnerabilities, and attacks to determine controls.
|
