OPS205 Jeopardy 4

Disaster Recovery 1

Disaster Recovery 2

Controlling Risk

Security Policy

Threat Awareness

100

The procedures and processes for restoring an organization's IT operations following a disaster.

What is disaster recovery

100

The process of copying information to a different medium and storing it (preferably at an off-site location) so that it can be used in the event of a disaster.

What are data backups

100

A person or element that has the power to cary out a threat

What is a threat agent

100

A policy that defines the actions users may perform while accessing systems and networking equipment.

What is acceptable use policy (AUP)

100

A network that does not have servers, so each device simultaneously functions as both a client and a server to all other devices connected to the network.

What is a peer-to-peer (P2P) network

200

A remote site that provides office space; the customer must provide and install all the equipment needed to continue operations.

What is a cold site

200

The maximum length of time that an organization can tolerate between backups.

What is a recovery point objective (RPO)

200

A methodology for making modifications to a system and keeping track of those changes.

What is change management

200

A policy that outlines how the organization uses personal information it collects.

What is privacy policy

200

Grouping individuals and organizations into clusters or groups based on a like affiliation.

What is social networking

300

A remote site that contains computer equipment but does not have active Internet or telecommunication facilities, and does not have backups of data.

What is a warm site

300

The length of time it will take to recover the data that has been backed up.

What is the recovery time objective (RTO)

300

The "framework" and functions required to enable incident response and incident handling within an organization.

What is incident management

300

A written document that states how an organization plans to protect the company's information technology assets.

What is security policy

300

Web sites that facilitate linking individuals with common interests like hobbies, religion, politics, or school or work contacts.

What are social networking sites

400

A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.

What is a hot site

400

A technology in which a standby server exists only to take over for another server in the event of its failure.

What is an asymmetric server cluster

400

The process of assigning and revoking privileges to objects; the procedures for managing oject authorization.

What is privilege management

400

A three-phase cycle in the development and maintenance of a security policy.

What is a security policy cycle

400

A team, typically composed of representatives from all areas of IT, that must approve any proposed change to the technical infrastructure.

What is a change management team

500

A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.

What is mean time between failures (MTBF)

500

A storage system in which all the data in an enterprise is backed up whenever any change is made. In effect, CDP creates an electronic journal of complete storage snapshots, one storage snapshot for every instant in time that data modification occurs.

What is continuous data protection (CDP)

500

A periodic reviewing of a subject's privileges over an object.

What is privilege auditing

500

A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm.

What is a vulnerability assessment

500

An exploit that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.

What is a zero day exploit