IS4560 CH 14 Incident Response Flashcards
1
Q
- ________ used to define mechanisms to keep the business running consistently.
A
Fault tolerance
2
Q
- List at least three potential reporting points in an organization. These are people to whom a security incident should be reported.
A
2. Chief information security officer (CISO), Information security officer (ISO), Chief security officer (CSO), Chief executive officer (CEO), Chief information officer (CIO), Chief operating officer (COO)
3
Q
3. \_\_\_\_\_\_\_\_ is a plan that defines the procedures for responding to a security incident. A. IRP B. DCP C. DRP D. None of the above
A
IRP
4
Q
- BCP is used to define the process and procedures used to clean up a disaster.
A. True B. False
A
FALSE
5
Q
- ________ must be gathered by trained professionals.
A
Evidence
6
Q
6. What type of evidence gives the most solid proof of a crime? A. Corroborative B. Circumstantial C. Best D. Opinion
A
Best
7
Q
- ________ ________ is used when best evidence cannot be acquired.
A
Secondary evidence
8
Q
- Another location from which to conduct business in the event of a disaster is called a(n) ________
A
Alternate site