cis359 midterm .docx - CIS 359 DISASTER RECOVERY MANAGEMENT MIDTERM EXAM Question 1 1 out of 1 points A(n is a CSIRT team member other than the team

cis359 midterm .docx - CIS 359 DISASTER RECOVERY MANAGEMENT...

This preview shows page 1 - 4 out of 14 pages.

CIS 359- DISASTER RECOVERY MANAGEMENT MIDTERM EXAM Question 1 1 out of 1 points A(n) ____ is a CSIRT team member, other than the team leader, who is currently performing the responsibilities of the team leader in scanning the organization’s information infrastructure for signs of an incident. Selected Answer: IR duty officer Correct Answer: IR duty officer Question 2 1 out of 1 points The Southeast Collegiate Cyber Defense Competition is unique in that it focuses on the operational aspect of managing and protecting an existing network infrastructure. Unlike “capture-the-flag ” exercises, this competition is exclusively a real-world ____ competition. Selected Answer: defensi ve Correct Answer: defensi ve Question 3 1 out of 1 points The U.S. National Institute of Standards and Technology recommends a set of tools for the CSIRT including incident reporting mechanisms with which users can report suspected incidents. At least one of these mechanisms should permit people to report incidents ____. Selected Answer: anonymou sly Correct Answer: anonymou sly Question 4 1 out of 1 points The training delivery method with the lowest cost to the organization is ____.
Image of page 1
CIS 359- DISASTER RECOVERY MANAGEMENT MIDTERM EXAM Selected Answer: self-study (noncomputerized) Correct Answer: self-study (noncomputerized) Question 5 1 out of 1 points Should an incident begin to escalate, the CSIRT team leader continues to add resources and skill sets as necessary to attempt to contain and terminate the incident. The resulting team is called the ____ for this particular incident. Selected Answer: reaction force Correct Answer: reaction force Question 6 1 out of 1 points The responsibility for creating an organization’s IR plan often falls to the ____. Selected Answer: chief information security officer Correct Answer: chief information security officer Question 7 1 out of 1 points A(n) ____ is a detailed examination of the events that occurred, from first detection of an incident to final recovery. Selected Answer: after-action review Correct Answer: after-action review
Image of page 2
CIS 359- DISASTER RECOVERY MANAGEMENT MIDTERM EXAM Question 8 1 out of 1 points Incident analysis resources include network diagrams and lists of ____, such as database servers. Selected Answer: critical assets Correct Answer: critical assets Question 9 1 out of 1 points A ____ is a document that describes how, in the event of a disaster, critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site. Selected Answer: business continuity plan Correct Answer: business continuity plan Question 10 1 out of 1 points ____ ensures that only those with the rights and privileges to access information are able to do so.
Image of page 3
Image of page 4

You've reached the end of your free preview.

Want to read all 14 pages?

  • Spring '14
  • CSIRT, Management midterm exam, Disaster Recovery Management, RECOVERY MANAGEMENT MIDTERM , Cost Management Midterm

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture