ISC2 - Study Notes 22 Flashcards
??? losses refer to the immediate losses resulting from an incident, such as the loss of revenue. ??? losses refer to other factors such as the loss of customer goodwill. Accountants refer to direct costs as any cost that can be traced to a specific cost object.
Direct / Indirect
Administrators can create warning banners that appear each time a user logs on. Warning banners can define who is considered an authorized user and warn unauthorized users against accessing the system.
Info
Security policies should be reviewed regularly, such as once a year. These reviews will identify where a policy should be updated. An organization will often reexamine a security policy after a security incident.
business continuity planning requires the support of senior management.
Info
identifies critical functions within the organization and provides an important starting point. The organization uses the results of the ??? to develop recovery strategies, such as the use of alternative sites and different backup strategies. Once personnel identify recovery strategies, they develop and test plans to support the strategies. These plans include detailed steps used in response to disasters or emergencies. Last, personnel responsible for implementing the plans get appropriate training and begin implementing the plans. Personnel periodically review the plans and update them as necessary.
BIA
??? helps identify which resources are required to support these critical business functions. ??? evaluates both direct costs and indirect costs. As mentioned previously, direct costs are associated with the immediate loss, such as an immediate loss to sales, while indirect costs are expenses related to recovering from the loss. When evaluating multiple business functions, the ??? also attempts to prioritize them.
BIA
??? which is the maximum amount of time that personnel can take to restore a system or service after an outage. Administrative and security personnel also use the ??? to identify fault tolerance and redundancy methods.
??? identifies the maximum amount of data that an organization is willing to lose.
RTO / RPO
Disaster recovery and fault tolerance are not the same thing. Disaster recovery helps an organization recover after a disaster. Fault tolerance helps ensure that a system or component continues to function after a failure.
Info
??? provides the information to keep critical functions running during a disaster (such as which critical functions to move to an alternative location). A ??? has a narrower focus and identifies how to recover one or more individual systems after a failure.
BCP / DRP
Restoration Planning : Identify Critical Business Functions, Identify Restore targets, create plans to restore systems.
Functional exercise Personnel actually perform the steps outlined in the plan as a method of validating the plan.
Tabletop exercises These are discussion-based exercises where personnel meet in a conference room or classroom setting. A facilitator presents a scenario such as a hurricane or tornado and asks the exercise participants questions related to their roles. Talking through the scenario gives participants a better chance to identify potential flaws in the written plans.
Info
An extreme version of a hot site is a ??? site. A ??? site is identical to the primary location and provides 100 percent availability. As data changes at the primary location, real-time data transfers send the updates to the ??? site. This ensures that the ??? site is always up and operational. In contrast, a hot site might take as long as an hour or so to become operational.
mirrored
