Domain 2 Flashcards
Incident Response, Business Continuity, and Disaster Recovery
responds to unexpected changes in operating conditions to keep the business operating
The Incident Response plan
The Business Continuity plan
enables the business to continue operating throughout the crisis
activated to help the business return to normal operations as quickly as possible if both the Incident Response and Business Continuity plans fail
Disaster Recovery plan
What term is sometimes used interchangeably with “incident management”?
Crisis Management
What is the purpose of a red book in the context of business continuity?
To serve as a hard copy backup accessible outside the facility
the proactive development of procedures to restore business operations after a disaster or other significant disruption to the organization
Business Continuity planning
Why are notification systems and call trees important in a business continuity plan?
To alert personnel when the BCP is being enacted
What is a key outcome of a Business Impact Analysis (BIA)?
Identification of functions and dependencies
What is the first phase in the components of an incident response plan?
Preparation
What is the next step after detection and analysis in the incident response process?
Finding the appropriate containment strategy
Disaster recovery refers specifically to
restoring the information technology and
communications services and systems
needed by an organization, both during the
period of disruption caused by any event
and during restoration of normal services
What is the primary distinction between business continuity planning (BCP) and disaster recovery planning (DRP)?
DRP is about restoring IT, while BCP focuses on business operations
Which of the following is very likely to be used in a disaster recovery (DR) effort?
Data backups
What is the purpose of the Executive Summary in a Disaster Recovery Plan?
To offer a high-level overview of the plan
Breach
The loss of control, compromise, unauthorized disclosure, unauthorized acquisition or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose
Business Continuity (BC)
Actions, processes and tools for ensuring an organization can continue critical operations during a contingency.
Business Continuity Plan (BCP)
The documentation of a predetermined set of instructions or procedures that describe how an organization’s mission/business processes will be sustained during and after a significant disruption.
Business Impact Analysis (BIA)
Business Impact Analysis (BIA)
An analysis of an information system’s requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption
Disaster Recovery (DR)
In information systems terms, the activities necessary to restore IT and communications services to an organization during and after an outage, disruption or disturbance of any kind or scale.
Disaster Recovery Plan (DRP)
The processes, policies and procedures related to preparing for recovery or continuation of an organization’s critical business functions, technology infrastructure, systems and applications after the organization experiences a disaster. A disaster is when an organization’s critical business function(s) cannot be performed at an acceptable level within a predetermined period following a disruption.
Incident Handling or Incident Response (IR)
The process of detecting and analyzing incidents to limit the incident’s effect.
Incident Response Plan (IRP)
The documentation of a predetermined set of instructions or procedures to detect, respond to and limit consequences of a malicious cyberattack against an organization’s information systems(s).
Security Operations Center
A centralized organizational function fulfilled by an information security team that monitors, detects and analyzes events on the network or system to prevent and resolve issues before they result in business disruptions
Vulnerability
Weakness in an information system, system security procedures, internal controls or implementation that could be exploited or triggered by a threat source