Quiz: Module 04 Flashcards
The committees of the CPMT follow a set of general stages to develop their subordinate plans. In the case of incident planning, the first stage is to ____.
a. develop the IR planning policy
b. form the IR planning team
c. integrate the BIA
d. identify preventive controls
b. form the IR planning team
The ____ department of an organization needs to be briefed on what information should be disclosed to the public if an incident occurs.
a. human resources
b. information technology
c. legal
d. public relations
d. public relations
In contingency planning, an adverse event that threatens the security of an organization’s information is called a(n) ____.
a. warning
b. incident
c. notification
d. emergency
b. incident
Should an incident begin to escalate, the CSIRT team leader continues to add resources and skill sets as necessary to attempt to contain and terminate the incident. The resulting team is called the CSIRT ____ for this particular incident.
a. incident squad x
b. reaction force
c. forensic team
d. response unit x
The training delivery method with the lowest cost to the organization is ____.
a. one-on-one
b. user support group
c. self-study (noncomputerized)
d. on-the-job training
c. self-study (noncomputerized)
Organizing the incident response planning process begins with staffing the disaster recovery committee.
a. True
b. False
False
An attack scenario is a description of a typical attack, including its methodology, indicators, and broad consequences.
a. True
b. False
a. True
In contingency planning, an adverse event that actually threatens the security of the organization’s information assets is called an incident.
a. True
b. False
a. True
The CSIRT reaction force is the name given to the entire computer security incident response team.
a. True
b. False
b. False
A recommended practice for implementation of a hard-copy IR plan document is to attach copies of relevant documents such as service agreements for the ISP, telephone, water, and gas.
a. True
b. False
a. True
