Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

07. CISM - Chapter 7 - Incident Management Readiness > Chapter 7 Review > Flashcards

Chapter 7 Review Flashcards

1
Q

Chapter 7 Review

These 3 processes all support a central objective: resilience and rapid recovery when disruptive events occur

A
  1. SECURITY INCIDENT MANAGEMENT
  2. DISASTER RECOVERY PLANNING
  3. BUSINESS CONTINUITY PLANNING
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Chapter 7 Review

A security incident occurs when the these 3 things of information or information systems has been or is in danger of being compromised.

A
  1. CONFIDENTIALITY
  2. INTEGRITY
  3. AVAILABILITY
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Chapter 7 Review

The proliferation of connected devices makes this an additional consideration in many organizations with the highest priority.

A

LIFE SAFETY

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Chapter 7 Review

An organization that is developing security incident response plans needs to determine these things so that response plans will meet these objectives.

A

HIGH-LEVEL OBJECTIVES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Chapter 7 Review

With the proliferation of outsourcing to these services, many security incidents now take place in third-party organizations, which requires additional planning and coordination so that any incident response involving a third party is effective.

A

CLOUD-BASED SERVICE PROVIDERS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Chapter 7 Review

These 2 things work together to ensure the survival of an organization during and after a cyberattack, natural disaster, or human-made disaster.

A

BUSINESS CONTINUITY PLAN
&
DISASTER CONTINUITY PLAN
(aka DRP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Chapter 7 Review

This process identifies the impact of various disaster scenarios and determines the most critical processes and systems in an organization.

A

BUSINESS IMPACT ANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Chapter 7 Review

The Business Impact Analysis helps an organization focus its BCP and DRP on these things.

A

MOST CRITICAL BUSINESS FUNCTIONS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Chapter 7 Review

These help management better understand the results of disruptive events in business terms.

A

STATEMENTS OF IMPACT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Chapter 7 Review

In this process, each system and process is studied to consider the impact on the organization if it is incapacitated, the likelihood of incapacitation, and the estimated cost of mitigating the risk or impact of incapacitation.

A

CRITICALITY ANALYSIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Chapter 7 Review

These 2 things inform the development of recovery targets, including recovery time objective, recovery point objective, and recovery capacity objective, to help an organization understand how quickly various business processes should be recovered after a disaster.

A

MAXIMUM TOLERABLE DOWNTIME
&
MAXIMUM TOLERABLE OUTAGE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Chapter 7 Review

This thing is an important factor as the cost of recovery varies widely.

A

RECOVERY SPEED

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Chapter 7 Review

Having this in place will define the methods the organization will use to continue critical business operations after a disaster has occurred.

A

BUSINESS CONTINUITY PLANS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Chapter 7 Review

Having these in place define the steps that will be undertaken to salvage and recover systems damaged by a disaster.

A

DISASTER RECOVERY PLANS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Chapter 7 Review

Both BCP and DRP activities work toward achieving this in their original (or replacement) facilities.

A

RESTORATION OF CAPABILITIES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Chapter 7 Review

This is the most important consideration in any disaster recovery plan.

A

SAFETY OF PERSONNEL

17
Q

Chapter 7 Review

This process is concerned with system resilience matters, including data backup and replication, the establishment of alternate processing sites (hot, warm, cold, cloud, mobile, or reciprocal), and the recovery of applications and data.

A

DISASTER RECOVERY PLAN

18
Q

Chapter 7 Review

The complexity of a disaster recovery plan necessitates the need for these to ensure that the plan is effective and will be successful during an actual disaster.

A

REVIEWS AND TESTING

19
Q

Chapter 7 Review

These established during the Business Impact Analysis directly influence disaster recovery plans through the development of suitable infrastructure and response plans.

A

RECOVERY TARGETS

20
Q

Chapter 7 Review

These 3 things all need to be evaluated and tested to ensure their suitability.

A
  1. SECURITY INCIDENT RESPONSE PLAN
  2. BUSINESS CONTINUTIY PLANS
  3. DISASTER RECOVERY PLANS
21
Q

Chapter 7 Review

Organizations need to do these 2 things to ensure that those involved will understand how to respond to incidents properly and effectively

A

IDENTIFY AND TRAIN INCIDENT RESPONDERS

07. CISM - Chapter 7 - Incident Management Readiness (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions