Recovery and Incident Response

Question 1

A physical site that can be used if the main site is inacessible (destroyed) but that lacks all of the resources necessary to enable an organization to use it immediately.

Answer 1

cold site.

Question 2

A type of backup that is fast, and backup only the data thats been changed since the last full backup or incremental backup.

Answer 2

Incremental.

Question 3

A type of backup that backs up only the data thats been changed since the last full backup.

Answer 3

Differential

Question 4

A type of backup that copies all data to the archive medium.

Answer 4

Full backup

Question 5

A site that provide some capabilities in the event of a disaster. The company will need to install, configure, and reestablish operations on systems that might already exist.

Answer 5

Warm site

Question 6

The copy of the data currently in use on a network. Are partial or full backups.

Answer 6

Working copy backup or shadow copy

Question 7

Type of pentest where the tester has absolutely no knowledge of the system and is functioning in the same manner as an outside attacker.

Answer 7

Black box

Question 8

Type of pentest where the tester has significant knowledge of the target system. This simulates an attack from an insider.

Answer 8

White box

Question 9

Type of pentest that is a midle term. Where the tester has some limited knwoledge of the target system

Answer 9

Gray box.

Question 10

Process of implementing policies, controls, and procedures to counteract the effect of losses, outages, or failures of critical business process.

Answer 10

Business Continuity Planning (BCP)

Question 11

Refer to those processes or systems that must be made operational imediately when an outage occurs.

Answer 11

Critical Business Functions (CBFs)

Question 12

Evaluating the process, and risk assessment is concerned with evaluating the risk or likelihood of a loss.

Answer 12

BIA - Business impact analysis

Question 13

A file system that includes a log file of all changes and transactions that have ocurred withing a set period of time (such as the last few hours).Allows unsaved data to be written after recovery and restored it to its pre-crash condition.

Answer 13

Journaling - JFS

Question 14

A plan where the primary emphasis is reestablishing services and minimizing losses.

Answer 14

disaster-recovery plan

Question 15

A plan that identifies which information is to be stored, how it will be stored, and for what duration it will be stored.

Answer 15

Backup plan

Question 16

Newer backup type, provides continuous online backup by using optical or tape jukeboxes

Answer 16

HSM - Hierarchical storage management

Question 17

Backup method based on a year backup, a monthly backup and a weekly backup.

Answer 17

Grandfather, Father, Son method

Question 18

Backup method where everything is created on a computer is stored forever.

Answer 18

Full Archival Method.

Question 19

Term used to perform a reversion from a change that had negative consequences

Answer 19

Backout

Question 20

A site location that can provide operations back withing hours of a failure. Has everything in place to reestablish services in a short time.

Answer 20

Hot site.

Question 21

Refers to the process of identifying what has ocurred on a system by examining the data trail. Involves an analysis of evidence found in computers and on digital storage media.

Answer 21

Forensics

Question 22

Process of identifying, investigating, repairing, documentating, and adjusting procedures to prevent another incident.

Answer 22

Incident response.