02- Disaster Recovery and Risk Management

Question 1

Acceptance

Answer 1

the level of tolerance specified by an organization. When all security measures are taken to mitigate a risk, the remainder of impact will be accepted and tolerated as there is not a way to remove it 100 percent

Question 2

Attack

Answer 2

occurs when a system is compromised based on a vulnerability by an unknown exploit

Question 3

Avoidance

Answer 3

the risk is reduced to 0 or eliminated completely. It is almost impossible to achieve this level by taking security measures. The only way to do it is to remove the cause of the risk, i.e. if allowing access to social media is a threat, the only way to avoid it is by blocking access to social media for all the organization.

Question 4

Business continuity plan (BCP)

Answer 4

decides which services are sensitive for the regular operations to continue

Question 5

Cold site

Answer 5

a location owned by the organization but contains nothing. In case of disaster the organization will start to equip the cold site to perform the business operations. This process might take weeks or months to be done

Question 6

DRP (Disaster Recovery Plan)

Answer 6

a policy that defines how an organization will recover from a disaster, whether it’s a natural or man-made disaster. The DRP should protect both people and assets of a given organization. It includes a list of responsible people who will perform the steps for recovery, inventory for the hardware and software, and steps to recover from a disaster.

Question 7

Electronic vaulting

Answer 7

an alternate location to preserve backed up data. When the backup is complete, it is copied over to a different location. When a disaster occurs the electronic vault is used and the backup is ready to be restored.

Question 8

hot site

Answer 8

an identical site of the primary one, equipped with systems and services just like the primary. Data is duplicated here

Question 9

Human threats

Answer 9

insiders who have authorization to access systems, and hackers who use exploits to attack

Question 10

Internal Users

Answer 10

employees or visitors who could introduce a threat by exploiting a vulnerable or weak point

Question 11

Journaling

Answer 11

a less expensive solution to preserve the data as journaling captures only transactions. In case of a disaster the full backup tape is used and the journaling is used to write the transactions again that were not included in the full backup

Question 12

Long term

Answer 12

some services can affect the daily routine of employees but not the production, for example a smoking area or cafeteria, this is to be considered as low damage or long-term recovery

Question 13

Mid term

Answer 13

if part of the business is affected, the business should still be able to receive customer’s needs and requests through online services

Question 14

Mitigation

Answer 14

using security controls to protect against a risk until the risk impact is reduced to a level that is tolerated by the organization

Question 15

Natural threats

Answer 15

can be a flood causing areas to be waterlogged, or a hurricane or a tornado causing a lot of damage.; often impact the availability of systems

Question 16

Qualitative analysis

Answer 16

uses words or ranks to measure the impact of identified risk rather than numbers. Low, medium, and high are usually used to rank the risks.

Question 17

Quantitative analysis

Answer 17

numeric numbers and values and is usually based on statistics, historic records, best practices, testing, and experiments. This method can identify which risk has higher loss impact and which risk requires higher budget to mitigate.

Question 18

Risk Analysis

Answer 18

based on qualitative and quantitative analysis; in some cases we see semi-quantitative analysis

Question 19

Risk exposure

Answer 19

the impact caused by the risk on the enterprise

Question 20

Short term

Answer 20

when a line of service is fully affected, this is high priority and requires immediate action to recover.

Question 21

Stakeholders

Answer 21

the owners, management team, clients, employees, investors, suppliers, and board management

Question 22

SWOT analysis

Answer 22

Strength, weakness, opportunity, and threats; Those four points are the main studies in order to manage a given risk

Question 23

Technology threats

Answer 23

caused by malware, zero-day attacks, exploits, or web attacks

Question 24

threat

Answer 24

In terms of computer security, a threat is any real or perceived threat to one of three key areas: physical and personnel security, environmental security or information security. Mitigating threats is the key job of any disaster recovery or risk management plan

Question 25

Transference

Answer 25

when you transfer the risk to another entity, such as insurance or service provider, where they are accountable 100 percent for the impact in case an attack occurs

Question 26

Vulnerability

Answer 26

a weak link in the software, settings, etc., through which, if not fixed early, someone can get access to the computer, application, and/or network and can cause damage

Question 27

Warm site

Answer 27

a location that performs non-critical functions for the organization, but can be converted to primary location within days. Warm sites can include key systems and database, but not all the systems