Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Practice > (9) Impact Scope > Flashcards

(9) Impact Scope Flashcards

1
Q

Describe the scope of impact and why it is important in the area of cyber security

A

Scope of impact is very important because it helps determine the amount and breadth of impact to the company and the effort needed to recover from the incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is functional impact?

A

Functional impact is the degree of impairment that the organization suffers. This is dependent on how critical the data is to the company, and the processes that the incident hurts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the NIST functional impact categories?

A

The NIST function impact categories are:

None (no effect on the orgs ability to operate)

Low (Very small effect if any; the org can still operate just fine for the most part)

Medium (The org has critical functionality to a small set of users)

High (The org can’t provide some critical resources/services to any users)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the Economic Impact categories?

A

The economic impact categories are None (no financial impact), Low (Financial loss of 10,000 dollars or less), Medium (Financial impact of 10,000 but less than 500,000) and High (Loss of 500,000 dollars or more)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the Regular and Supplemented recoverability effort categories according to NIST

A

Regular means that time to recovery is predictable with existing resources

Supplemented is predictable with additional resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the Extended and Not Recoverable categories according to NIST

A

The Extended time to recovery is unpredictable, outside help and additional resources are needed

Not Recoverable means that recovery is not possible (ex. sensitive data taken outside network and posted publicly.), launch investigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the None and Privacy Breach impact categories according to NIST

A

None means that no information was taken, changed, deleted, or otherwise compromised

Privacy Breach Sensitive PII of taxpayers, employees, beneficiaries, etc. was accessed or taken

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the Proprietary Breach and Integrity Loss NIST Information Impact categories

A

Proprietary breach unclassified proprietary information, such as protected critical infrastructure information PCII was accessed or taken

Integrity Loss Sensitive or proprietary information was changed or deleted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Practice (89 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions