Question 1

2 out of 2 points

A Disaster Recovery Plan (DR plan) deals with identifying, classifying,

responding to, and recovering from an incident.
Selected Answer:

False

Question 2
2 out of 2 points

A ____ attack seeks to deny legitimate users access to services by either

tying up a servers available resources or causing it to shut down.
Selected Answer:

b.

DoS

Question 3
2 out of 2 points

A ____ deals with the preparation for and recovery from a disaster,
whether natural or man-made.
Selected Answer:

a.

disaster recovery plan

Question 4
2 out of 2 points

A ____ is a document that describes how, in the event of a disaster, critical

business functions continue at an alternate location while the organization
recovers its ability to function at the primary site.
Selected Answer:

c.

business continuity plan

Question 5
2 out of 2 points

A(n) ____ is a plan or course of action used by an organization to convey

instructions from its senior management to those who make decisions,
take actions, and perform other duties on behalf of the organization.
Selected Answer:

c.

policy

Question 6
2 out of 2 points

A(n) ____ is an investigation and assessment of the impact that various

attacks can have on the organization.
Selected Answer:

b.

business impact analysis (BIA)

Question 7
2 out of 2 points

A(n) ____ is an object, person, or other entity that is a potential risk of loss
to an asset.
Selected Answer:

c.

threat

Question 8
2 out of 2 points

A(n) ____ is any clearly identified attack on the organizations information

assets that would threaten the assets confidentiality, integrity, or
availability.
Selected Answer:

a.

incident

Question 9
2 out of 2 points

A(n) ____ is used to anticipate, react to, and recover from events that
threaten the security of information and information assets in an
organization; it is also used to restore the organization to normal modes of
business operations;
Selected Answer:

c.

contingency plan

Question 10
2 out of 2 points

A(n) ____________________ is defined as a flaw or weakness in system

security procedures, design, implementation, or internal controls that
could be exercised (accidentally triggered or intentionally exploited) and
result in a security breach or violation of the systems security policy.
Selected Answer:

Vulnerability

Question 11
Needs Grading

During an information asset valuation, what questions should be asked as

each asset is assigned to a category?
Selected
Answer:

The questions to be asked during information asset valuation are:

Which information assets are most critical for organization's
success?
Which information assets generate most profits/revenue?
Which information assets would be most expensive to replace

or protect?
Which information assets would cause more liability?
Depending on answers to the above questions, the weighted factor is
assigned and are arranged in order of importance.

Question 12
2 out of 2 points

For the purpose of making relative risk assessments, we can say that
____________________ equals the likelihood of a vulnerability occurring times
the value (or impact) of that asset to the organization minus
the percentage of risk that is already being controlled plus an element of
uncertainty.
Selected Answer:

risk

Question 13
Needs Grading

How is a business continuity (BC) plan different than a disaster recovery

(DR) plan?
Selecte
The business continuity plan is different than a disaster recovery plan.
d
The difference between these two is: The disaster recovery plan is a subset of
Answer: overall business continuity plan. It is the process of saving data with the only

purpose of being able to recover in case of any disaster. The data is stored in a
secondary site and the plans are made to access and recover that data in case
of any disaster.
Whereas, the business continuity plan is the planning and oversight of
management that must make sure that the IT functions are operated without
any interruption if any system or emterprise fails. The business continuity is
business centric and not data centric.

Question 14
2 out of 2 points

Intellectual property (IP) includes trade secrets, copyrights, trademarks,

and patents.
Selected Answer:

True

Question 15
Needs Grading

Once the project team for information security development has created a
ranked vulnerability worksheet, it must choose one of five approaches for
controlling the risks that result from the vulnerabilities. List the five
approaches.
Selected
Answer:

The five approaches that should be followed to control the risks that results
from vulnerabilities are as follows:
Defense
Transferal
Mitigation

Acceptance
Termination

Question 16
Needs Grading

Provide brief descriptions for access control lists (ACLs) and configuration
rules.
Selected ACLs are basically a set of commands, grouped together by a number or name
Answer: that is used to filter traffic entering or leaving an interface.

Inbound ACLs:Incoming packets are processed before they are routed to an

outbound interface. An inbound ACL is efficient because it saves the overhead
of routing lookups if the packet will be discarded after it is denied by the
filtering tests. If the packet is permitted by the tests, it is processed for routing.
Outbound ACLs:Incoming packets are routed to the outbound interface and then
processed through the outbound ACL.
Types of Access Controls
1. Mandatory access controls (MAC): give users and data owners limited control
over access to information
2. Nondiscretionary controls: managed by a central authority in organization;
can be based on individuals role or a specified set of assigned tasks
3. Discretionary access controls (DAC): implemented at discretion or option of
data user
4. Lattice-based access control: variation of MAC; users assigned matrix of
authorizations for areas of access
Configuration rules:
1. ACL statements are processed top-down until a match is found, and then no
more statements in the list are processed.
2. If no match is found in the ACL, the packet is dropped (implicit deny).
3. Each ACL needs either a unique number or a unique name.
4. The router cannot filter traffic that it, itself, originates.
5. You can have only one IP ACL applied to an interface in each direction
(inbound and outbound) you can't have two or more inbound or outbound ACLs
applied to the
same interface.
6. Applying an empty ACL to an interface permits all traffic by default: in order
for an ACL to have an implicit deny statement, you need at least one actual
permit or
deny statement.
7. Remember the numbers you can use for IP ACLs.Standard ACLs can use
numbers ranging 199 and 13001999, and extended ACLs can use 100199
and 2000
2699.
8. Wildcard mask is not a subnet mask. Like an IP address or a subnet mask, a
wildcard mask is composed of 32 bits when doing the conversion; subtract each
byte in
the subnet mask from 255.

Question 17
2 out of 2 points

A CPMT should include _____ who can oversee the security planning of the
project and provide information on threats, vulnerabilities, and recovery
requirements needed in the planning process.

Selected Answer:

c.

information security managers

Question 18
2 out of 2 points

A business impact analysis (BIA) identifies threats, vulnerabilities, and

potential attacks to determine what controls can protect the information.
Selected Answer:

False

Question 19
2 out of 2 points

A weighted analysis table can be useful in resolving the issue of which

business function is the most critical to the organization.
Selected Answer:

True

Question 20
2 out of 2 points

A(n) ____________________ is the collection of individuals responsible for the

overall planning and development of the contingency planning process.
Selected Answer:

CPMT

Question 21
Needs Grading

Briefly describe three key downtime metrics.

Selected
Maximum Tolerable Downtime: It represents the total amount of
Answer: time the system owner is willing to accept for a business process outage and

includes all impact considerations.

Recovery Time Objective: The period of time witin which
systems, applications or functions should be recovered after an outage. The
recovery time objectives are used as the basis for development of recovery
strategies.
Recovery Point Objective: The point in time to which lost
systems and data can be recovered after an outage as determined by the
business. It is also referred to the maximum acceptable data loss.

Question 22
2 out of 2 points

Companies may want to consider budgeting for contributions to employee

loss expenses (such as funerals) as well as for counseling services for
employees and loved ones as part of ____.
Selected Answer:

a.

crisis management budgeting

Question 23
2 out of 2 points

Effective contingency planning begins with effective policy.

Selected Answer:

True

Question 24
Needs Grading

How does the length of the recovery time objective (RTO) of a contingency
plan affect the possible solutions that can be enacted to meet the RTO?
Give an example.
Selecte The lower the time required, the higher the cost of business recovery strategies. The lower
d
the RTO, the lower the disaster tolerance. For example, if the RTO for a given
Answer: application is one hour, redundant data backup on external hard drives may be

the best solution. If the RTO is five days, then tape, recordable compact disk or
offsite storage on a remote Web server may be more practical.

Question 25
2 out of 2 points

In a CPMT, a(n) ____ leads the project to make sure a sound project
planning process is used, a complete and useful project plan is developed,
and project resources are prudently managed.
Selected Answer:

d.

project manager

Question 26
Needs Grading

In one or two sentences, define business impact analysis (BIA).

Selected The business impact analysis is the systematic process to determine and
Answer: evaluate the potential effects of an interruption to critical business operations

as a result of disaster. It is an essential component of organization's business

continuity plan.

Question 27
0 out of 2 points

Team leaders from the subordinate teams, including the IR, DR, and BC
teams, should not be included in the CPMT.
Selected Answer:

True

Question 28
2 out of 2 points

The ____ is an investigation and assessment of the impact that various

events or incidents can have on the organization.
Selected Answer:

Question 29

b.

business impact analysis

2 out of 2 points

The ____ is the period of time within which systems, applications, or

functions must be recovered after an outage.
Selected Answer:

d.

recovery time objective

Question 30
2 out of 2 points

The ____ is the point in time by which systems and data must be
recovered after an outage as determined by the business unit.
Selected Answer:

c.

recovery point objective

Question 31
2 out of 2 points

The ____ is used to collect information directly from the end users and
business managers.
Selected Answer:

d.

facilitated data-gathering session

Question 32
2 out of 2 points

The ____ job functions and organizational roles focus on costs of system
creation and operation, ease of use for system users, timeliness of system
creation, and transaction response time.
Selected Answer:

b.

information technology management and professionals

Question 33
2 out of 2 points

The ____ job functions and organizational roles focus on protecting the
organizations information systems and stored information from attacks.
Selected Answer:

b.

information security management and professionals

Question 34
2 out of 2 points

The _________________________ adds insight into what the organization must

do to respond to adverse events, minimize the damage from such events,
recover from the effects, and return to normal operations.
Selected Answer:

Business Impact Analysis

Question 35
2 out of 2 points

The downtime metric, ____________________, is also referred to as maximum

acceptable data loss.
Selected Answer:

Recovery Point Objective

Question 36
2 out of 2 points

A ____ is a contractual document guaranteeing certain minimal levels of

service provided by a vendor.
Selected Answer:

c.

service agreement

Question 37
2 out of 2 points

A ____ is a synonym for a virtualization application.

Selected Answer:

d.

hypervisor

Question 38
2 out of 2 points

A ____ is an agency that provides physical facilities in the event of a

disaster for a fee.
Selected Answer:

b.

service bureau

Question 39
2 out of 2 points

A ____ is commonly a single device or server that attaches to a network

and uses TCP/IP-based protocols and communications methods to provide
an online storage environment.
Selected Answer:

a.

network-attached storage

Question 40
2 out of 2 points

A backup plan using WAN/VLAN replication and a recovery strategy using

a warm site is most suitable for information systems that have ____
priority within an organization.
Selected Answer:

b.

moderate

Question 41
2 out of 2 points

A potential disadvantage of a ____ site-resumption strategy is that more

than one organization might need the facility simultaneously.
Selected Answer:

a.

time-share

Question 42
2 out of 2 points

A resumption location known as a ____ is a fully configured computer

facility capable of establishing operations at a moments notice.
Selected Answer:

b.

hot site

Question 43
0 out of 2 points

A(n) ____ backup only archives the files that have been modified since the
last backup.
Selected Answer:

c.

differential

Question 44
2 out of 2 points

A(n) ____ covers the confidentiality of information from everyone unless

disclosure is mandated by the courts.
Selected Answer:

d.

nondisclosure agreement

Question 45
2 out of 2 points

A(n) ____ is an agreement in which the client agrees not to use the
vendors services to compete directly with the vendor, and for the client
not to use vendor information to gain a better deal with another vendor.
Selected Answer:

d.

covenant not to compete

Question 46
2 out of 2 points

A(n) ____ is an extension of an organizations intranet into cloud

computing.
Selected Answer:

a.

private cloud

Question 47
2 out of 2 points

A(n) ____ is often included in legal documents to ensure that a vendor is

not liable for actions taken by a client.
Selected Answer:

d.

statement of indemnification

Question 48
2 out of 2 points

A(n) ____________________ is a duplicate facility that needs only the latest

data backups and the personnel to function.
Selected Answer:

Hot site

Question 49
2 out of 2 points

Advances in cloud computing have opened a new field in application

redundancy and backup. Because organizations that lease ____ are in
effect using a preconfigured set of applications on someone elses
systems, it is reasonable to ask that the service agreement include
contingencies for recovery.
Selected Answer:

d.

SaaS

Question 50
2 out of 2 points

If an intruder can ____ a device, then no electronic protection can deter

the loss of information.
Selected Answer:

d.

physically access