Chapter 14 Flashcards
What are the steps in damage control?
steps:
1) report the incident
2) confront any suspects
3) neutralize the suspected prepetrator from harming others
4) secure physical security features
5) quarantine electronic equipment
6) contact the cyber incident response team
A business continuity plan will help determine the mission essential function or the activity that serves as the core purpose of the enterprise.
(T/F)
False
What RAID type is based on striping, uses multiple drives, and is not fault tolerant if one of the drives fails?
a) RAID 0
b) RAID 1
c) RAID 5
d) RAID 2
a) RAID 0
What is a hot site?
A hot site is a duplicate of the production site that has all the equipment needed for an organization to continue running.
A business impact analysis may include succession planning or determining in advance who will be authorized to take over in the event of the incapacitation or death of key employees?
(T/F)
False
A legal stop order is a notification sent from the legal team to employees instructing them not to delete electronically store information or paper documents that may be relevant to the incident.
(T/F)
False
Which of the following is a system of hard drives based on redundancy and used for increased reliability and performance?
a) MTBF
b) ESD
c) RPO
d) RAID
d) RAID
A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a:
a) Newton cage
b) Faraday cage
c) mantrap
d) bollard cage
b) Faraday cage
When does a company need to identify mission critical business functions and quantify the impact a loss of such functions may have on the organization in terms of its operational and financial position, what should be performed?
a) business alert assessment
b) business productivity analysis
c) business impact analysis
d) business risk analysis
c) business impact analysis
What term is used to describe a documentation of control over evidence, which is used to ensure that no unauthorized person was given the opportunity to corrupt the evidence?
a) chain of use
b) chain of custody
c) chain of property
d) chain of value
b) chain of custody
What will be the available drive space in a RAID 5 configured system with 3 250GB hard drives?
a) 1 TB
b) 500 GB
c) 750 GB
d) 250 GB
b) 500 GB
Which RAID types would use a minium of four hard drives?
a) 6
b) 51
c) 1
d) 5
e) 0
f) 10
a) 6
b) 51
c) 10
What are some common symptoms of RAID array failures?
a) overheating
b) OS not found
c) failure to boot
d) drive not recognized
b) OS not found
c) failure to boot
d) drive not recognized
Raul has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?
a. Disaster recovery planning
b. IT contingency planning
c. Business impact analysis planning
d. Risk IT planning
b. IT contingency planning
Dilma has been asked with creating a list of potential employees serve in an upcoming tabletop exercise. Which employees will be on her list?
a. All employees
b. Individuals on a decision-making level
c. Full-time employees
d. Only IT managers
b. Individuals on a decision-making level
What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure?
a. MTTR
b. MTBR
c. MTBF
d. MTTI
a. MTTR
Which of the following is NOT a category of fire suppression systems?
a. Water sprinkler system
b. Wet chemical system
c. Clean agent system
d. Dry chemical system
b. Wet chemical system
Which of these is NOT required for a fire to occur?
a. A chemical reaction that is the fire itself
b. A type of fuel or combustible material
c. A spark to start the process
d. Sufficient oxygen to sustain the combustion
c. A spark to start the process
An electrical fire like that would be found in a computer data center is known as what type of fire?
a. Class A
b. Class B
c. Class C
d. Class D
c. Class C
Which level of RAID uses disk mirroring and is considered fault-tolerant?
a. Level 1
b. Level 2
c. Level 3
d. Level 4
a. Level 1
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?
a. Time Offset
b. Civil time
c. Daylight savings time
d. Greenwich Mean Time (GMT)
a. Time Offset
What does the abbreviation RAID represent?
a. Redundant Array of IDE Drives
b. Resilient Architecture for Interdependent Discs
c. Redundant Array of Independent Drives
d. Resistant Architecture of Inter-Related Data Storage
c. Redundant Array of Independent Drives
Which of these is an example of a nested RAID?
a. Level 1-0
b. Level 0-1
c. Level 0+1
d. Level 0/1
c. Level 0+1
A(n) ________ is always running off its battery while the main power runs the battery charger.
a. Secure UPS
b. Backup UPS
c. Off-line UPS
d. On-line UPS
d. On-line UPS
