ch 14

Question 1

An organization’s ability to maintain operations after a disruptive event

Answer 1

• Business Continuity

Question 2

• (B C P)

Answer 2

Business Continuity Planning

Question 3

Identifying exposure to threats
Creating preventative and recovery procedures
Testing them to determine if they are sufficient

Answer 3

• (B C P) Business Continuity Planning

Question 4

• (B I A)

Answer 4

Business Impact Analysis

Question 5

Identifies business functions and quantifies the impact a loss of these functions may have on business operations

Answer 5

• (B I A) Business Impact Analysis

Question 6

A (B I A) will help determine

Answer 6

the mission-essential function

Question 7

Activity that serves as the core purpose of the enterprise

Answer 7

mission-essential function

Question 8

That support the mission-essential function

Answer 8

The identification of critical system

Question 9

Which is a component or entity in a system which will disable the entire system, should it no longer function

Answer 9

Single-point-of-failure (SPOF)

Question 10

(SPOF)

Answer 10

Single-point-of-failure

Question 11

• Used to identify and mitigate privacy risks

Answer 11

Privacy impact assessment

Question 12

Can determine if a system contains personally identifiable information (P I I)

Answer 12

Privacy threshold assessment

Question 13

• (D R P)

Answer 13

Disaster Recovery Plan

Question 14

Focuses on protecting and restoring information technology functions

Answer 14

• (D R P) Disaster Recovery Plan

Question 15

Intended to be a detailed document that is updated regularly

Answer 15

Comprehensive in scope

Question 16

what is the typical outline of a DRP

Answer 16

Unit 1: Purpose and Scope
Unit 2: Recovery Team
Unit 3: Preparing for a Disaster
Unit 4: Emergency Procedures
Unit 5: Restoration Procedures

Question 17

Sequence in restoring systems

Answer 17

(order of restoration)

Question 18

the process of resynchronizing data back to the primary location

Answer 18

Failback

Question 19

Disaster exercise objectives

Answer 19

Test efficiency of interdepartmental planning and coordination in managing a disaster
Test current D R P procedures
Determine response strengths and weaknesses

Question 20

Simulate an emergency situation but in an informal and stress-free environment

Answer 20

Tabletop exercises

Question 21

To analyze the exercise results to identify strengths to be maintained and weaknesses to improve upon

Answer 21

An after-action report

Question 22

Refers to a system’s ability to deal with malfunctions

Answer 22

Fault tolerance

Question 23

Which is the use of duplicated equipment to improve the availability of a system
A goal is to reduce a variable known as the mean time to recovery (M T T R)

Answer 23

Redundancy

Question 24

(M T T R)

Answer 24

Mean time to recovery

Question 25

The average amount of time that it will take a device to recover from a failure that is not a terminal failure

Answer 25

Mean time to recovery (M T T R)

Question 26

Play a key role in network infrastructure | Failure can have significant business impact

Answer 26

• Servers

Question 27

Combining two or more devices to appear as a single unit

Answer 27

Clustering

Question 28

Multiple servers that appear as a single server | Connected through public and private cluster connections

Answer 28

Server cluster

Question 29

one server is doing all the work, the other server is on stand-by)

Answer 29

Asymmetric

Question 30

(both servers are working the same amount of work)

Answer 30

Symmetric

Question 31

(M T B F)

Answer 31

Mean time between failures

Question 32

Measures average time until a component fails and must be replaced Can be used to determine number of spare hard drives an organization should keep

Answer 32

Mean time between failures (M T B F)

Question 33

(R A I D)

Answer 33

Redundant Array of Independent Devices

Question 34

Uses multiple hard disk drives to increase reliability and performance Can be implemented through software or hardware

Answer 34

Redundant Array of Independent Devices (R A I D)

Question 35

Striping partitions hard drive into smaller sections Data written to the stripes is alternated across the drives If one drive fails, all data on that drive is lost

Answer 35

R A I D Level 0 (striped disk array without fault tolerance)

Question 36

Disk mirroring used to connect multiple drives to the same disk controller card Action on primary drive is duplicated on other drive Primary drive can fail and data will not be lost

Answer 36

RAID Level 1 (mirroring)

Question 37

Variation of RAID Level 1 Separate cards used for each disk Protects against controller card failures

Answer 37

Disk duplexing

Question 38

``` Distributes parity (error checking) across all drives Data stored on one drive and its parity information stored on another drive ```

Answer 38

RAID Level 5 (independent disks with distributed parity)

Question 39

Nested-level R A I D Mirrored array whose segments are RAID 0 arrays Can achieve high data transfer rates

Answer 39

RAID 0+1 (high data transfer)

Question 40

May be necessary due to critical nature of connectivity today Wait in the background during normal operations Use a replication scheme to keep live network information current Launch automatically in the event of a disaster Hardware components are duplicated

Answer 40

Redundant networks

Question 41

(S D N s)

Answer 41

Software defined networks

Question 42

what controller can increase network reliability and may lessen the need for redundant equipment

Answer 42

Software defined networks (S D N s)

Question 43

(U P S)

Answer 43

Uninterruptible power supply

Question 44

Maintains power to equipment in the event of an interruption in primary electrical power source

Answer 44

Uninterruptible power supply (U P S)

Question 45

Least expensive, simplest solution Charged by main power supply Begins supplying power quickly when primary power is interrupted Switches back to standby mode when primary power is restored

Answer 45

Off-line U P S

Question 46

Always running off its battery while main power runs battery charger Not affected by dips or sags in voltage Can serve as a surge protector

Answer 46

On-line U P S

Question 47

Powered by diesel, natural gas, or propane

Answer 47

Backup generator

Question 48

Backup sites may be necessary if flood, hurricane, or other major disaster damages buildings

Answer 48

• Recovery Sites

Question 49

Generally run by a commercial disaster recovery service Duplicate of the production site Has all needed equipment Data backups can be moved quickly to the hot site

Answer 49

Hot site

Question 50

``` Provides office space Customer must provide and install all equipment needed to continue operations No backups immediately available Less expensive than a hot site Takes longer to resume full operation ```

Answer 50

Cold site

Question 51

All equipment is installed No active Internet or telecommunications facilities No current data backups Less expensive than a hot site Time to turn on connections and install backups can be half a day or more

Answer 51

Warm site

Question 52

copying information to a different medium and storing it at an off-site location So that it can be used in the event of a disaster

Answer 52

Data backup

Question 53

(R P O)

Answer 53

Recovery point objective

Question 54

(R T O)

Answer 54

Recovery time objective

Question 55

startup point for all backups

Answer 55

full backup

Question 56

back ups any data that has changed since last full backup

Answer 56

differential backup

Question 57

backs up any data that has changed since last full backup or last incremental backup

Answer 57

incremental backup

Question 58

(C D P)

Answer 58

continuous data protection

Question 59

Performs continuous backups that can be restored immediately Maintains a historical record of all changes made to data Creates a snapshot of the data (like a reference marker)

Answer 59

continuous data protection (C D P)

Question 60

Methods to prevent disruption through environmental controls

Answer 60

Fire suppression Electromagnetic disruption protection Proper configuration of H V A C systems FM200 system

Question 61

the attempts to reduce the impact of a fire

Answer 61

• Fire Suppression

Question 62

(E M I)

Answer 62

Electromagnetic interference

Question 63

(E M P)

Answer 63

electromagnetic pulse

Question 64

Caused by a short-duration burst of energy by the source called

Answer 64

electromagnetic pulse (E M P)

Question 65

(E M C)

Answer 65

Electromagnetic compatibility

Question 66

Reducing or eliminating the unintentional generation, spread, and reception of electromagnetic energy

Answer 66

Electromagnetic compatibility (E M C)

Question 67

Metal enclosure that prevents entry or escape of electromagnetic fields Often used for testing in electronic labs

Answer 67

Faraday cage

Question 68

(H V A C)

Answer 68

Heating, ventilating, and air conditioning

Question 69

Maintain temperature and relative humidity at required levels

Answer 69

Heating, ventilating, and air conditioning (H V A C) systems

Question 70

Used to reduce heat by managing air flow Servers lined up in alternating rows with cold air intakes facing one direction and hot air exhausts facing other direction

Answer 70

Hot aisle/cold aisle layout

Question 71

Involves using forensics and following proper incident response procedures

Answer 71

Incident response

Question 72

Applying science to legal questions | Analyzing evidence and can be applied to technology

Answer 72

• Forensic Science

Question 73

Uses technology to search for computer evidence of a crime

Answer 73

Computer forensics

Question 74

(I R P)

Answer 74

Incident response plan

Question 75

A set of written instructions for reacting to a security incident

Answer 75

Incident response plan (I R P)

Question 76

Incident response process

Answer 76

``` Preparation Identification Containment Eradication Recovery Lessons learned ```

Question 77

what is the first order of volatility

Answer 77

register, cache, peripheral memory

Question 78

what is the second order of volatility

Answer 78

random access memory (RAM)

Question 79

what is the third order of volatility

Answer 79

network state

Question 80

what is the fourth order of volatility

Answer 80

running processes

Question 81

to guarantee accuracy of a backup what would you do to backup programs rely upon hashing algorithms as part of the validation process

Answer 81

Mirror image backup

Question 82

Documents that the evidence was maintained under strict control at all times No unauthorized person was given opportunity to corrupt the evidence

Answer 82

Chain of custody

Question 83

The collection, processing, analysis, and dissemination of intelligence for forming policy changes

Answer 83

Strategic intelligence

Question 84

Involves gaining information about the attacker’s intelligence collection capabilities

Answer 84

Strategic counterintelligence

Question 85

Maintaining active logs regarding the reconnaissance activities conducted by the attacker

Answer 85

Active logging