Question 1

A ____ deals with the preparation for and recovery from a disaster,whether natural or man-made.

Accepted Answer

A) mitigation plan 
B) disaster recovery plan 
C) risk management 
D) risk assessment 
A) mitigation plan 
B) disaster recovery plan 
C) risk management 
D) risk assessment

Question 2

What is the difference between transference and mitigation?

Accepted Answer

Transference is the control approach tha

Question 3

____ ensures that only those with the rights and privileges to access information are able to do so.

Accepted Answer

A) Confidentiality 
B) Availability 
C) Integrity 
D) Risk assessment 
A) Confidentiality 
B) Availability 
C) Integrity 
D) Risk assessment

Question 4

A ____ is a document that expresses how an organization ensures that critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site if a catastrophic incident or disaster occurs.

Accepted Answer

A) risk assessment plan 
B) business continuity plan 
C) Trojan horse 
D) worm 
A) risk assessment plan 
B) business continuity plan 
C) Trojan horse 
D) worm

Question 5

What is the difference between avoidance of risk and acceptance of risk?

Accepted Answer

Avoidance is the risk control strategy t

Question 6

What is a polymorphic threat?

Accepted Answer

A polymorphic threat is one that changes

Question 7

____________________ is defined by the Committee on National Security Systems (CNSS)as the protection of information and its critical elements,including the systems and hardware that use,store,and transmit that information.

Accepted Answer

Informatio

Question 8

____ is the process of examining and documenting the security posture of an organization's information technology and the risks it faces.

Accepted Answer

A) Risk identification 
B) Data classification 
C) Security clearance 
D) DR 
A) Risk identification 
B) Data classification 
C) Security clearance 
D) DR

Question 9

The vision of an organization is a written statement of an organization's purpose.

Accepted Answer

A) True 
 B)False

Question 10

____ is the process of moving the organization toward its vision.

Accepted Answer

A) Transference 
B) Avoidance 
C) Strategic planning 
D) Mitigation 
A) Transference 
B) Avoidance 
C) Strategic planning 
D) Mitigation

A ____ deals with the preparation for and recovery from a disaster,whether natural or man-made.

What is the difference between transference and mitigation?

____ ensures that only those with the rights and privileges to access information are able to do so.

A ____ is a document that expresses how an organization ensures that critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site if a catastrophic incident or disaster occurs.

What is the difference between avoidance of risk and acceptance of risk?

What is a polymorphic threat?

____________________ is defined by the Committee on National Security Systems (CNSS)as the protection of information and its critical elements,including the systems and hardware that use,store,and transmit that information.

____ is the process of examining and documenting the security posture of an organization's information technology and the risks it faces.

The vision of an organization is a written statement of an organization's purpose.

____ is the process of moving the organization toward its vision.

Planning for Organizational Readiness

Incidence Response: Preparation, Organization, and Prevention

Incident Response: Detection and Decision Making

Incidence Response: Reaction, Recovery, and Maintenance

Contingency Strategies for Business Resumption Planning

Disaster Recovery: Preparation and Implementation

Disaster Recovery: Operation and Maintenance

Business Continuity Preparation and Implementation

Business Continuity Operations and Maintenance

Crisis Management and Human Factors

Filters

Exam 1: Contingency Planning Within Information Security

A ____ deals with the preparation for and recovery from a disaster,whether natural or man-made.

What is the difference between transference and mitigation?

____ ensures that only those with the rights and privileges to access information are able to do so.

A ____ is a document that expresses how an organization ensures that critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site if a catastrophic incident or disaster occurs.

What is the difference between avoidance of risk and acceptance of risk?

What is a polymorphic threat?

____________________ is defined by the Committee on National Security Systems (CNSS)as the protection of information and its critical elements,including the systems and hardware that use,store,and transmit that information.

____ is the process of examining and documenting the security posture of an organization's information technology and the risks it faces.

The vision of an organization is a written statement of an organization's purpose.

____ is the process of moving the organization toward its vision.

Planning for Organizational Readiness

Incidence Response: Preparation, Organization, and Prevention

Incident Response: Detection and Decision Making

Incidence Response: Reaction, Recovery, and Maintenance

Contingency Strategies for Business Resumption Planning

Disaster Recovery: Preparation and Implementation

Disaster Recovery: Operation and Maintenance

Business Continuity Preparation and Implementation

Business Continuity Operations and Maintenance

Crisis Management and Human Factors

Filters