IS4550 CHAPTER 11 Flashcards
The process of granting permission to some people to access systems, applications, and data is called ___.
AUTHORIZATION
Automatically removing a classification after a certain period of time, such as 25 years is called ___.
AUTOMATIC DECLASSIFICATION
A plan on how to continue business after a disaster. It includes a disaster recovery plan as a component is called ___.
BUSINESS CONTINUITY PLAN (BCP)
A formal analysis to determine the impact on an organization in the event that key processes and technology are not available is called ___.
BUSINESS IMPACT ANALYSIS (BIA)
The process of labeling information so that only authorized personnel may access it is called ___.
CLASSIFICATION
A level of government classification that refers to data in which unauthorized disclosure would reasonably be expected to cause some damage to the national security is called ___.
CONFIDENTIAL
A plan that provides the detail procedures and processes needed to coordinate operations during a disaster is called ___.
CONTINUITY OF OPERATION PLAN (COOP)
The process of changing the status of classified data to unclassified data is called ___.
DECLASSIFICATION
A plan to recover an organizations IT assets during a disaster, including software, data, and hardware is called ___.
DISASTER RECOVERY PLAN (DRP)
A classification level used to protect highly regulated data or strategic information is called ___.
HIGHLY SENSITIVE CLASSIFICATION
A classification level for data that would cause disruption to daily operations and some financial loss to the business if leaked is called ___.
INTERNAL CLASSIFICATION
A process of reviewing specific records when requested and declassifying them if warranted is called ___.
MANDATORY DECLASSIFICATION
A classification level for data that has no negative impact on the business if released to the public is called ___.
PUBLIC CLASSIFICATION
A measure of how quickly a business process should be recovered after a disaster. It identifies the maximum allowed downtime for a given business process is called ___.
RECOVERY TIME OBJECTIVE (RTO)
The maximum acceptable level of data loss after a disaster is called ___.
RECOVERY POINT OBJECTIVES (RPO)