IS4550 CHAPTER 12 Flashcards
An individual who understands the organization’s capability to restore the system, application, network, or data. Also has access to call lists to contact anyone in the organization during off hours is called ___.
BUSINESS CONTINUITY REPRESENTATIVE
A legal term referring to how evidence is documented and protected. Evidence must be documented and protected from the time it’s obtained to the time it’s presented in court is called ___.
CHAIN OF CUSTODY
A legal term that refers to effort made to avoid harm to another party. It essentially refers to the care that a person would reasonably be expected to see under particular circumstances is called ___.
DUE CARE
An individual who is an expert on HR policies and disciplinary proceedings or employee counseling is called ___.
HUMAN RESOURCES REPRESENTATIVE
An event that violate an organizations security policies is called ___.
INCIDENT
A specialized group of people whose purpose is to respond to major incidents is called ___.
INCIDENT RESPONSE TEAM (IRT)
In the context of an IRT team, this position provides risk management and analytical skills. They may also have specialized forensic skills for collecting and analyzing evidence and is called ___.
INFORMATION SECURITY REPRESENTATIVE
An individual who has intimate knowledge of the systems and configurations of an organization. This individual is typically a developer, system administrator or network administrator. They have the needed technical skills to make critical recommendations on how to top an attack and is called ___.
INFORMATION TECHNOLOGY SUBJECT MATTER EXPERTS
The person who keeps track of all the activity of the IRT during an incident. They act ad the official scribe of the team.. All activity flows through this person and they record who is doing what. This person is called ___.
IRT COORDINATOR
This person is the IRT leader. This individual makes all the final calls on how to respond to and incident. They are the interface with management and is called ___.
IRT MANAGER
An individual who has an understanding of laws and regulatory compliance is called ___.
LEGAL REPRESENTATIVE
An attack using viruses, worms,Trojan horses, and scripts and is called ___.
MALICIOUS CODE ATTACK
A software tools that runs a series of network commands to determine security weakness is called ___.
NETWORK RECONNAISSANCE PROBE
In the context of the IRT team, this individual can advise on how to communicate to the public and customers that mights be impacted by the incident. This person is valuable in ensuring that accurate information gets out and damaging misconceptions are prevented and is called ___.
PUBLIC RELATIONS REPRESENTATIVE
- All incidents regardless of how small should be handled by an incident response team.
TRUE OR FALSE
FALSE