Domain 2

Question 1

1. Q: What is the primary focus of Domain 2 in the CIA Triad?

Answer 1

A: Availability.

Question 2

What is the role of an Incident Response Plan (IRP)?

Answer 2

To address unexpected changes and maintain operations.

Question 3

What is the purpose of a Business Continuity Plan (BCP)?

Answer 3

To enable continued operations during crises.

Question 4

When is a Disaster Recovery Plan (DRP) activated?

Answer 4

When Incident Response and Business Continuity plans fail.

Question 5

Define a “breach.”

Answer 5

Unauthorized access or acquisition of information.

Question 6

What is a “zero day”?

Answer 6

An unknown vulnerability with no detection or prevention methods.

Question 7

What is the first priority of any incident response?

Answer 7

Protecting life, health, and safety.

Question 8

What is the main goal of incident response preparation?

Answer 8

To reduce incident impact and resume operations swiftly.

Question 9

Name a key component of a Business Continuity Plan.

Answer 9

Contact numbers for critical supply chain partners.

Question 10

What is the Red Book in the context of Business Continuity?

Answer 10

A hard copy of the BCP kept outside the facility for use during outages.

Question 11

Give an example of a Business Continuity scenario.

Answer 11

A billing department uses an alternate work area after a fire.

Question 12

What is the primary goal of disaster recovery?

Answer 12

Restoring IT and communication systems to full operations.

Question 13

What are the types of disaster recovery documentation?

Answer 13

Executive summaries, department-specific plans, and technical guides.

Question 14

Define a Computer Incident Response Team (CIRT).

Answer 14

A team investigating and responding to security incidents.

Question 15

What are the four main responsibilities of an incident response team?

Answer 15

Assess damage, identify compromised info, recover, and prevent recurrence.

Question 16

What is the first step in activating a BCP?

Answer 16

Notify the appropriate individuals and begin plan execution.

Question 17

How is communication maintained in critical infrastructures during disruptions?

Answer 17

Using military-grade networks assigned to authorized personnel.

Question 18

What does a Business Impact Analysis (BIA) identify?

Answer 18

The dependencies and critical functions of a business.

Question 19

Name a key activity during post-incident analysis.

Answer 19

Conducting a retrospective to identify lessons learned.

Question 20

What does incident containment involve?

Answer 20

Gathering evidence, isolating the attack, and identifying the attacker.

Question 21

How are disaster recovery backups maintained?

Answer 21

By ensuring multiple levels of backups and retention periods.

Question 22

What should be included in the checklists for disaster recovery?

Answer 22

Steps for IT personnel to activate alternate sites.

Question 23

What is an example of disaster recovery complexity?

Answer 23

Data flow between interdependent systems.

Question 24

Why is training important for incident response team members?

Answer 24

To differentiate typical issues from security incidents.

Question 25

Who are typical members of an incident response team?

Answer 25

Representatives from management, IT, legal, and public affairs.

Question 26

What is the role of checklists in disaster recovery?

Answer 26

To guide actions amid chaotic disaster scenarios.

Question 27

How does the BCP ensure continuity?

Answer 27

Through established procedures, communication plans, and prioritization.

Question 28

What should a disaster recovery plan address?

Answer 28

Restoring IT and communications while supporting business functions.