Explaining Incident Response Activities Flashcards

1
Q

Incident Response Plans(IRP)

A

Specific procedures that must be performed if a certain type of event is detected or reported.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Playbooks

A

A checklist of actions to perform to detect and respond to a specific type of incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tabletop Exercise

A

A discussion of simulated emergency situations and security incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lessons Learned Report(LLR)

A

An analysis of events that can provide insight into how to improve response and support processes in the future

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Business Continuity(BC)

A

A collection of processes that enable an organization to maintain normal business operations in the face of some adverse event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Disaster Recovery(DR)

A

A documented and resourced plan showing actions and responsibilities to be used in response to critical incidents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Disaster Recovery Plan

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Incident Response Plan Process

A

Preparation
Detection & Analysis
Containment
Eradication & Recovery
Post-incident Activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Lessons Learned

A

These meetings must avoid pointing blame and instead focus on improving procedure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Digital Forensics

A

The process of gathering and submitting computer evidence for trial. Digital evidence is latent, meaning that it must be interpreted. This means that great care must be taken to prove that the evidence has not been tampered with or falsified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Chain of Custody

A

Record of evidence-handling from collection to presentation in court to disposal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Legal Hold

A

A process designed to preserve all relevant information when litigation is reasonably expected to occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

e-Discovery

A

Procedures and tools to collect, preserve, and analyze digital evidence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Digital Forensics Process

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Immediate Impact

A

This refers to direct costs incurred because of an incident, such as downtime, asset damage, fees, penalties, and other costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly