3.1 Cyber Incident Response Flashcards
what does the acronym MTD denote?
maximum tolerable downtime
what is MTBF?
the estimated amount of time a device will operate before a failure occurs
what are the four types of personally identifiable information (PII)?
personal characteristics - such as full name, DoB, height, ethnicity, place of birth, mother’s maiden name, and biometric characteristics
a unique set of numbers assigned to an individual - such as government ID number, telephone number, driver’s license number, and PIN
descriptions of events or points in time - such as arrest records, employment records, and medical records
description of locations or places - such as GPS tracking information
what does the acronym RTO denote?
recovery time objective
what does the acronym MTBF denote?
mean time between failures
what does the acronym RPO denote?
recovery point objective
which two factors should contribute to incident severity and prioritization?
impact scope and the type of data affected
which attack is one discovered in live environments for which no current fix or patch exists?
zero-day attack
what is RTO?
the shortest time period after a disaster or disruptive event within which a resource or function must be restored to avoid unacceptable consequences
which impact scope factor refers to the amount of data corrupted or altered during the incident?
data integrity
what does the acronym PHI denote?
personal health information
what is meant by economic factor of an incident?
the cost of the incident to the organization
which impact scope factor refers to the amount of time taken to recover from the incident?
recovery time
which attack type targets a specific entity and is carried out over a long period of time?
advanced persistent threat (APT)
which impact scope factor refers to the amount of time access to resource were interrupted?
downtime
