Module 1
Module 2
Module 3
Module 4
Module 5
100

The entire program of planning for and managing risk to information assets in the organization is referred to as _____.

risk management 

100

In contingency planning operations, _____ requires the largest budget expenditure; maintaining service contracts to cover all the contingencies that the organization faces can be quite expensive.

business continuity 

100

The duplication of systems data to external media or a secondary location to provide recovery capability in the event of data loss is a _____.

data back up

100

The ____ department of an organization needs to review the procedures of the CSIRT and understand the steps the CSIRT will perform to ensure it is within legal and ethical guidelines for the municipal, state, and federal jurisdictions.

Legal

100

Organizations with limited funding, staffing, or IR needs may have only _____ IR team members.

part-time

200

____ ensures that only those with the rights and privileges to access information are able to do so.

Confidentiality

200

The final component to the CPMT planning process is to deal with ____.

the budgeting of contingency operations

200

Both data backups and archives should be based on a(n) ____ schedule that guides the frequency of replacement and the duration of storage.

retention

200

An entry-level InfoSec professional often responsible for the routine monitoring and operation of a particular InfoSec technology is called a _____.

watchstander

200

The CSIRT should be available for contact by anyone who discovers or suspects that an incident involving the organization has occurred. Some organizations prefer that employees contact the____, which then determines whether to contact the CSIRT.

help desk

300

Information assets have ____ when authorized users -- people or computer systems -- are able to access them in the specified format without interference or obstruction.

availability

300

To a large extent, incident response capabilities are part of a normal IT budget; however, the only area in which additional budgeting is absolutely required for incident response is the maintenance of  ____.

redundant equipment

300

A backup plan using WAN/VLAN replication and a recovery strategy using a warm site is most suitable for information systems that have ____ priority within an organization.

moderate

300

The ____ of an organization defines the roles and responsibilities for incident response by the CSIRT and others who will be mobilized in the activation of the plan.

IR Policy

300

The champion for the CSIRT may be the same person as the champion for the entire IR function—typically, the ____.

Chief Information Officer

400

_____ is the protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology.

Information security

400

Companies may want to consider budgeting for contributions to employee loss expenses (such as funerals) as well as for counseling services for employees and loved ones as part of ____.

crisis management budgeting

400

A(n) ____ is an extension of an organization’s intranet into cloud computing.

private cloud

400

The U.S. National Institute of Standards and Technology defines the incident response life cycle as having four main processes: 1) preparation; 2) detection and analysis; 3) containment, eradication, and recovery; and 4) ____.

post-incident activity

400

A CSIRT model that is effective for large organizations and for organizations with major computing resources at distant locations is the ____.

distributed CSIRT

500

____ is the presence of additional and disruptive signals in network communications or electrical power delivery.

noise

500

One modeling technique drawn from systems analysis and design that can provide an excellent way to illustrate how a business functions is a(n) ____.

collaboration diagram

500

RAID 0 creates one logical volume across several available hard disk drives and stores the data using ____, in which data segments are written in turn to each disk drive in the array.

disk stripping

500

____ is the process of systematically examining information assets for evidentiary material that can provide insight into how an incident transpired.

forensic analysis

500

A CSIRT model in which a single CSIRT handles incidents throughout the organization is called a(n) ____.

Central CSIRT

M
e
n
u