Incident Response, Business Continuity and Disaster Recovery Concepts Flashcards

1
Q

Incident response priority

A

To protect life, health and safety.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Incident response primary goal

A

be prepared with an incident response plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Components of incident response plan

A

-Preparation - Develop a policy approved by management.
Identify critical data and systems, single points of failure.
Train staff on incident response. Implement an incident response team. Practice Incident Identification. (First Response)
Identify Roles and Responsibilities. Plan the coordination of communication between stakeholders.
-Detection and Analysis - Monitor all possible attack vectors.
Analyze incident using known data and threat intelligence.
Prioritize incident response. Standardize incident documentation.
-Containment, eradication and recovery - Gather evidence.
Choose an appropriate containment strategy. Identify the attacker. Isolate the attack.
-Post-incident activity - document, identify evidence that needs to be retained

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Components of a disaster recovery plan

A

Executive summary providing a high-level overview of the plan
Department-specific plans
Technical guides for IT personnel responsible for implementing and maintaining critical backup systems
Full copies of the plan for critical disaster recovery team members
Checklists for certain individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly