Question 1

NAS works well with real-time applications because of the latency of the communication methods.

Accepted Answer

NAS (Network Attached Storage) is not ideal for real-time applications primarily due to the latency introduced by network communication, which can affect the performance of applications requiring immediate data access.

Question 2

____ planning ensures that critical business functions can continue if a disaster occurs.&#10;A) Business response&#10;C) Incident response&#10;B) Business continuity planning&#10;D) Disaster recovery

Accepted Answer

Business continuity planning is specifically designed to ensure that a company can continue to operate critical functions during and after a disaster has occurred. This involves planning for various scenarios to minimize downtime and maintain operations.

Question 3

A(n) ____ backup is the storage of all files that have changed or have been added since the last full backup.&#10;A) full&#10;C) incremental&#10;B) half&#10;D) differential

Accepted Answer

D

Question 4

The actions an organization should take while an incident is in progress are defined in a document referred to as the ____ plan.&#10;A) business response (BR)&#10;C) incident response (IR)&#10;B) business impact analysis (BIA)&#10;D) disaster recovery (DR)

Accepted Answer

The Incident Response (IR) plan outlines the actions an organization should take while an incident is in progress, focusing on identifying, managing, and recovering from security incidents.

Question 5

____ are the representative collection of individuals with a stake in the successful and uninterrupted operation of the organization's information infrastructure.&#10;A) Product developers&#10;C) Incident responders&#10;B) Stakeholders&#10;D) Vendors

Accepted Answer

Stakeholders are individuals or groups with an interest or concern in something, especially a business. In the context of an organization's information infrastructure, stakeholders include anyone who has a stake in the successful and uninterrupted operation of that infrastructure, such as employees, customers, partners, and investors.

Question 6

Incident response focuses on immediate response to small-scale events.

Accepted Answer

The answer of Incident response focuses on immediate response to...

Question 7

Which backup method allows for easy full-system restorations (no shuffling through tapes with partial backups on them)?&#10;A) RAID&#10;C) Grandfather-Father-Son (GFS)&#10;B) The Towers of Hanoi&#10;D) Six-tape rotation

Accepted Answer

The answer of Which backup method allows for easy full-system...

Question 8

The key role of a(n) ____ is defining how to reestablish operations at the location where the organization usually operates.&#10;A) business response (BR)&#10;C) incident response (IR)&#10;B) business impact analysis (BIA)&#10;D) disaster recovery (DR)

Accepted Answer

The answer of The key role of a(n) ____ is...

Question 9

RAID is a replacement for backup and recovery processes.

Accepted Answer

RAID (Redundant Array of Independent Disks) is designed to provide increased data reliability or performance, but it does not replace the need for regular backups as it does not protect against data loss due to accidental deletion, file corruption, or catastrophic events.

Question 10

The bulk transfer of data in batches to an off-site facility is called ____.&#10;A) electronic vaulting&#10;C) bare metal recovery&#10;B) server clustering&#10;D) remote journaling

Accepted Answer

Electronic vaulting involves the bulk transfer of data to an off-site facility, typically for backup and disaster recovery purposes.

Question 11

A(n) ____ is any clearly identified attack on the organization's information assets that would threaten the assets' confidentiality, integrity, or availability.&#10;A) event&#10;C) trigger&#10;B) incident&#10;D) RAID occurrence

Accepted Answer

The answer of A(n) ____ is any clearly identified attack...

Question 12

The business impact analysis (BIA) is the first major component of the CP process.

Accepted Answer

The answer of The business impact analysis (BIA) is the...

Question 13

____ techniques are generally used by organizations needing immediate data recovery after an incident or disaster.&#10;A) Shadowing&#10;C) Bare metal recovery&#10;B) Clustering&#10;D) Journaling

Accepted Answer

The answer of ____ techniques are generally used by organizations...

Question 14

In some organizations, which two plans are considered to be one plan, known as the Business Resumption Plan?&#10;A) BIA plan and BC plan&#10;C) DR plan and IR plan&#10;B) IR plan and BC plan&#10;D) DR plan and BC plan

Accepted Answer

The answer of In some organizations, which two plans are...

Question 15

____ clustering is a more complex model in which all members of a cluster simultaneously provide application services.&#10;A) Passive/active&#10;C) Active/passive&#10;B) Passive/passive&#10;D) Active/active

Accepted Answer

The answer of ____ clustering is a more complex model...

Question 16

The final phase of the IR planning function is plan maintenance.

Accepted Answer

The answer of The final phase of the IR planning...

Question 17

____ is the transfer of live transactions to an off-site facility.&#10;A) Electronic vaulting&#10;C) Bare metal recovery&#10;B) Server clustering&#10;D) Remote journaling

Accepted Answer

The answer of ____ is the transfer of live transactions...

Question 18

What is a drawback of tape backups?&#10;A) Time required to store and retrieve information&#10;B) Cost of the media&#10;C) Limited selection of the media&#10;D) Small size of the tape media capacity

Accepted Answer

The answer of What is a drawback of tape backups?&#10;A)...

Question 19

Which team is responsible for conducting the BIA?&#10;A) CP Management Team (CPMT)&#10;C) Incident response (IR) team&#10;B) Business continuity (BC) team&#10;D) Disaster recovery (DR) team

Accepted Answer

The answer of Which team is responsible for conducting the...

Question 20

Which cloud type acts as a collaboration between a few entities for the sole benefit of those entities?&#10;A) Common clouds&#10;C) Public clouds&#10;B) Community clouds&#10;D) Private clouds

Accepted Answer

The answer of Which cloud type acts as a collaboration...

Question 21

A(n) ____________________ backup only archives the data that have been modified since the last backup (regardless of type), and thus requires less space and time than a differential backup.

Accepted Answer

The answer of A(n) ____________________ backup only archives the data...

Question 22

Incident ____ is the process of evaluating organizational events, determining which events are possible incidents, also called incident candidates, and then determining whether or not the incident candidate is an actual incident or a nonevent, also called a false positive incident candidate.

A) identification
C) vulnerability
B) journal
D) classification

Accepted Answer

The answer of Incident ____ is the process of evaluating...

Question 23

The ____, which is also known as the Security Incident Response Team (SIRT), is the group of individuals who would be expected to respond to a detected incident.&#10;A) CP Management Team (CPMT)&#10;B) disaster recovery (DR) team&#10;C) Computer Security Incident Response Team (CSIRT)&#10;D) business continuity (BC) team

Accepted Answer

The answer of The ____, which is also known as...

Question 24

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Is most commonly used in organizations that balance safety and redundancy against the costs of acquiring and operating the systems.

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 25

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;A specialized form of disk striping with parity; is not widely used

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 26

According to D. L. Pipkin, ____ is a definite indicator of an actual incident.&#10;A) notification from intrusion detection system (IDS)&#10;B) activities at unexpected times&#10;C) use of dormant accounts&#10;D) presence of new accounts

Accepted Answer

The answer of According to D. L. Pipkin, ____ is...

Question 27

The identification of an incident begins with the ____________________ - that is, the circumstances that cause the IR team to be activated and the IR plan to be initiated.

Accepted Answer

The answer of The identification of an incident begins with...

Question 28

The ____ review entails a detailed examination of the events that occurred from first detection to final recovery.&#10;A) after-action&#10;C) desk check&#10;B) incident classification&#10;D) structured walk-through

Accepted Answer

The answer of The ____ review entails a detailed examination...

Question 29

____________________ are the contractual documents guaranteeing certain minimum levels of service provided by vendors.

Accepted Answer

The answer of ____________________ are the contractual documents guaranteeing certain...

Question 30

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Commonly called disk mirroring

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 31

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Uses block-level striping of data

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 32

Which strategy to test contingency plans involves team members acting as defenders, using their own equipment or a duplicate environment, against realistic attacks executed by external information security professionals?

A) Parallel testing
C) Simulation
B) War gaming
D) Structured walk-through

Accepted Answer

The answer of Which strategy to test contingency plans involves...

Question 33

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Often called disk striping without parity

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 34

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Uses byte-level striping of data

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 35

____________________ is the process by which the information technology and information security teams position their organizations to prepare for, detect, react to, and recover from man-made or natural events that threaten the security of information resources and assets.

Accepted Answer

The answer of ____________________ is the process by which the...

Question 36

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Is very similar to RAID 5; however, this level adds another layer of parity data striped across the drives

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 37

Database ____________________ is the propagation of transactions to a remote copy of the database.

Accepted Answer

The answer of Database ____________________ is the propagation of transactions...

Question 38

A(n) ____ is a detailed description of the activities that occur during an attack, including the preliminary indications of the attack as well as the actions taken and the outcome.&#10;A) trigger&#10;C) event&#10;B) database journal&#10;D) attack profile

Accepted Answer

The answer of A(n) ____ is a detailed description of...

Question 39

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;A proprietary variation on RAID 5 in which the array works as a single virtual drive

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 40

Match each item with a statement below.&#10;a.RAID Level 0&#10;f.RAID Level 5&#10;b.RAID Level 1&#10;g.RAID Level 6&#10;c.RAID Level 2&#10;h.RAID Level 7&#10;d.RAID Level 3&#10;i.RAID Level 10&#10;e.RAID Level 4&#10;Referred to as RAID 1+0, which combines the benefits of RAID 0 and RAID 1

Accepted Answer

The answer of Match each item with a statement below.&#10;a.RAID...

Question 41

List five good information security practices that prevent attacks on the desktop.

Accepted Answer

The answer of List five good information security practices that...

Question 42

Describe the two criteria that may cause a disaster occurrence.

Accepted Answer

The answer of Describe the two criteria that may cause...

Question 43

Describe the Grandfather-Father-Son (GFS) backup method.

Accepted Answer

The answer of Describe the Grandfather-Father-Son (GFS) backup method....

Question 44

List the four integrated contingency planning (CP) components.

Accepted Answer

The answer of List the four integrated contingency planning (CP)...

Question 45

According to NIST Special Publication 800-34 Rev.1, what are the three distinct phases an organization goes through when reacting to an event that is determined to pose a threat to the organization?

Accepted Answer

The answer of According to NIST Special Publication 800-34 Rev.1,...

Question 46

Compare the protect and forget strategy with the apprehend and prosecute strategy.

Accepted Answer

The answer of Compare the protect and forget strategy with...

Question 47

What are the two key facets of incident detection?

Accepted Answer

The answer of What are the two key facets of...

Question 48

Describe a strategy for implementing server recovery and redundancy through mirroring servers.

Accepted Answer

The answer of Describe a strategy for implementing server recovery...

Question 49

Compare a sequential roster to a hierarchical roster.

Accepted Answer

The answer of Compare a sequential roster to a hierarchical...

Question 50

Describe the three forms of cloud computing.

Accepted Answer

The answer of Describe the three forms of cloud computing....

Deck 11: Contingency Planning and Networking Incident Response