Risk management includes Assessment, Avoidance, Reduction, and ___________
Mitagation
100
DRP is part of a _______
BCP
100
It is affected by _________ of the organization
size
100
designed to help an organization continue to _______ during and after a disruption
operate
200
A valuable tool to help ensure you are satisfying your organization's security policy is a __________ analysis
gap
200
Risks are quantified? based on importance ?or ________ severity
impact
200
___________ is an event that affects multiple business processes for an extended period.
Disaster
200
Recovery _________ is the maximum allowable to recover the function.
time objective
200
Covers all ______ of a ?business: IT systems,?facilities, and personnel
functions
300
When you mitigate negative risk, you __________ the probability
reduce
300
Risk assessment should determine the usefulness of a ________ or control
safeguard
300
A threat analysis involves identifying and documenting threats to __________
critical resources
300
A BIA is a formal analysis of an organizations functions and activities that classifies them as ________________
critical or non critical.
300
Generally includes only? ________ systems
mission-critical
400
When you __________ a positive risk, you take advantage of an opportunity that arises.
exploit
400
Qualitative involves no dollar values; determines risk level based on ___________ and impact of a risk
probability
400
A broader strategy is to recover from the loss of multiple resources ____________.
simultaneously
400
In most cases, technical recovery requirements dictate which IT ____________ components must be in place.
infrastructur
400
Phases include:
notification or activation phase
________ phase
reconstitution phases
recovery
500
Risk = __________ X Vulnerabilities
Threats
500
SLE X _______ = ALE
ARO
500
DRP includes personnel necessary for the recovery effort, along with their ________________ and their roles in the recovery process.
contact information
500
In the BIA, the section for each critical function receives additional information, including a description of recovery goals and ______________ for each function.
requirements
500
A plan for how to handle _______ to IT systems, applications, and data in order to maintain business operations