Business Impact Analysis Flashcards

1
Q

What is a systematic activity that identifies organizational risks and determines their effect on ongoing, mission critical operations?

A

Business Impact Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How is business impact analysis governed for security?

A

It’s based on metrics regarding system availability (system uptime)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the metrics that BIA is measuring?

A

Maximum Tolerable Downtime
Recovery Time Objective
Work Recovery Time
Recovery Point Objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the longest period of time a business can be inoperable without causing irrevocable business failure?

A

The Maximum Tolerable Downtime (MTD)

Note: This will be different for each organization. It will be measured in minutes to hours or days depending on how critical the measured function is.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the length of time it takes after an event, to resume normal business operations?

A

Recovery Time Objective (RTO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the length of time in addition to the RTO, of individual systems to perform reintegration and testing of a restored or upgraded system, following an event?

A

Work Recovery Time (WRT)

Note: This is for anytime you are bringing something back fully operational after it went down or if you performed an upgrade etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the longest period of time that an organization can tolerate lost data being unrecoverable?

A

Recovery Point Objective (RPO)

Note: Think of it this way, if a ransomware attack hits you, how far back do you want your last recovery backup to be? Any data from the time of the attack, back to the backup would be lost. The RPO is how much data loss is acceptable. How long can you be without your data?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the average measurement of time for a system failure to resuming operations called?

A

Mean Time To Repair (MTTR)

Note: We have to think of this in terms of the Recovery Time Objective (RTO) and Recovery Point Objective (RPO). Those are the goal of what we are trying to achieve with the MTTR.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the average measurement of time between failures of a device?

A

Mean Time Between Failures (MTBF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

EXAM TIP

A

KNOW THIS SECTION

JENNY IS A NOOB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly