Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 7: Operations

Full screen (f)
exit full mode
Question
What is the difference between a computer-assisted crime and a computer-targeted crime?

A)In computer assisted crime, a computer is used as a tool
B)In computer assisted crime, a computer is a victim
C)Both A and B
D)Neither A nor B
Use Space or
up arrow
down arrow
to flip the card.
Question
Pete is transferring evidence in a particular manner from Holland to China for forensic testing. Who has determined how computer evidence is to be handled?

A)The International Computer Forensic Committee
B)The Community of Forensic Affairs and Investigation
C)International Organization on Computer Evidence
D)The International Computer Evidence Community
Question
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence provides the greatest amount of reliability?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Question
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence can prove a fact all by itself?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Question
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence can prove an intermediate effect that can then be used to deduce another fact?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Question
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence involves testifying only on the facts as a witness?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Question
When it comes to computer crimes, there are two main types of surveillance. Which type would include security guards?

A)Search
B)Seizure
C)Computer
D)Physical
Question
When it comes to computer crimes, there are two main types of surveillance. Which type would include auditing events?

A)Search
B)Seizure
C)Computer
D)Physical
Question
There are many different types of computer crimes that can be committed with different methods. What computer crime is committed when the criminal commits small crimes to prevent the overall crime from being noticed?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)IP Spoofing
Question
There are many different types of computer crimes that can be committed with different methods. What computer crime is committed when there is an alteration of data?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)IP Spoofing
Question
There are many different types of computer crimes that can be committed with different methods. What method would include tracking and exploiting network traffic?

A)Excessive Privileges
B)Data Diddling
C)Password Sniffing
D)IP Spoofing
Question
There are many different types of computer crimes that can be committed with different methods. What computer crime allows an attacker to eavesdrop?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)Emanations Capturing
Question
What type of evidence pertains to oral or written evidence presented in court that has no firsthand proof of accuracy or reliability?

A)Corroborative Evidence
B)Hearsay Evidence
C)Surveillance Evidence
D)Opinion Evidence
Question
Mitch must review audit trail information. What is the method for such a review?

A)Manually
B)Automated
C)Both A and B
D)Neither A nor B
Question
Theresa is suspicious of an employee's activity when they are logged-on to their computer. Theresa decides to monitor this employee for fraudulent activity, but plans to review the information later. What type of monitoring is Theresa using?

A)Manual Watching
B)Cameral Surveillance
C)Keystroke Monitoring
D)Access Control Snooping
Question
What type of access control is principled on the idea that individuals should be given access only to the information they absolutely require in order to perform their job duties?

A)Statistical anomaly-based IDS
B)Network Sniffers
C)Default to No Access
D)Need-to-know
Question
What is the proper term for a process to have no more privileges than necessary to be able to fulfill its functions?

A)Minimum Access
B)Least Privilege
C)Bare Privilege
D)Least Minimum Access
Question
What should companies be concerned with when determining the best products to purchase while determining what would be the most cost effective with concerns to hardware failures?

A)Mean Time of Compensation
B)Mean Time Before Failure
C)Mean Time to Repair
D)None of the Above
Question
In Tracy's company, there has been a security breach. The company triaged the situation to determine its depth. What would be the next stage of an incident response procedure?

A)Containment
B)Investigation
C)Tracking
D)Analysis
Question
When providing bad news during a crisis communication, which tactic should be employed when communicating the news?

A)Provide bad news all at once and don't sugarcoat it
B)Provide bad news and good news together to lessen the impact
C)Provide only good news; keep the bad news private
D)Try to put a good spin on bad news
Question
What is used to detect software faults?

A)Capability Table
B)Context-based Access
C)Watchdog Timers
D)Access Control Matrix
Question
The FFF Corporation manufactures nuclear products. Bob, the senior manager feels the company should put into place a system that is designed to seek security breaches. What type of system does Bob want?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-Based Detection
Question
What type of system uses sensors and is usually in promiscuous mode?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Question
What type of system can be installed on individual workstations or servers to watch for inappropriate or anomalous activity?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Question
What is a behavior-based system that learns to build a profile of an environment's "normal" activities?

A)Statistical anomaly-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Question
Sara thinks that someone keeps trying to hack into her company's system and wants to know who and why. She decides to use a computer to set up a sacrificial lamb on the network. What is Sara practicing?

A)Statistical anomaly-based IDS
B)Honeypot
C)Network-based Detection
D)Host-based Detection
Question
What is a term for programs or devices able to examine traffic on a LAN segment?

A)Statistical anomaly-based IDS
B)Network Sniffers
C)Network-based Detection
D)Host-based Detection
Question
Kim wants to know of any differences in the baseline environment of her system by learning of any changes in the amount of activity in the system. What would be her best option?

A)Traffic Anomaly-based IDS
B)Network Sniffers
C)Network-based Detection
D)Host-based Detection
Question
I am an evil hacker. I wish to infect your system with malicious code. What item below would I not do?

A)Viruses
B)Trojan Horses
C)Worms
D)Finger Jam
Question
I have uploaded a virus that my antivirus program cannot find due to a false image being presented to it. What is on my computer?

A)Multipart Virus
B)Stealth Virus
C)Meme Virus
D)Polymorphic Virus
Question
My computer has gotten sick, but there is no virus. Each time I think the illness is gone, it seems to reproduce itself. What has gotten into my computer?

A)Logic Bomb
B)Trojan Horse
C)Worms
D)Polymorphic Bomb
Question
There are many problems when it comes to applying security to systems. What item below is a problem for security implementation?

A)Unpatched Systems
B)Patched Systems
C)Everything works properly.
D)All of the above
Question
Jim's computer system went crazy and just won't function properly. This upsets Jim greatly because without the computer, there is no work for Jim to do and the company sends people home when their computer is down. What should Jim be concerned with as he packs the computer to send it to the manufacture for repair?

A)Mean Time of Compensation
B)Broken Parts Determination
C)Mean Time to Repair
D)None of the Above
Question
It is very important for businesses to back up their data if they want some level of business functionality after a disaster. What two backup methods backup files from the time of the last full backup?

A)Rolling and Redundant
B)Rolling and Incremental
C)Incremental and Differential
D)Differential and Redundant
Question
Manual electronic backup solutions can be time-consuming, costly, and error-prone. However, there are several technologies that can serve as an alternative. What alternative modifies files periodically and is popular with financial institutions?

A)Disk Shadowing
B)Remote Journaling
C)Electronic Vaulting
D)Tape Vaulting
Question
Manual electronic backup solutions can be time-consuming, costly, and error-prone. However, there are several technologies that can serve as an alternative. What alternative focuses on the transmission of deltas and not the transmission of actual files?

A)Disk Shadowing
B)Remote Journaling
C)Electronic Vaulting
D)Tape Vaulting
Question
When you turned your computer on this morning, it crashed. You are not concerned because yesterday, you created a _______.

A)Integrity Check
B)Commit
C)Rollback
D)Savepoint
Question
What poses a potential risk that can negatively affect a segment or an entire network?

A)Single Point of Failure
B)Dual Failure Point
C)Lost Access Point
D)Single Access Point
Question
What technology is used for redundancy and/or performance improvement?

A)Toolbox Engineering
B)Expert Systems
C)Redundant Array of Inexpensive Disks
D)Extreme Programming
Question
What consists of large amounts of storage devices linked together by a high-speed private network and storage-specific switches?

A)Redundant Array of Independent Tapes
B)Storage Area Networks
C)Redundant Array of Inexpensive Disks
D)Extreme Programming
Question
What is a group of servers that are viewed logically as one server to users and can be managed as a single logical system?

A)Redundant Array of Independent Tapes
B)Clustering
C)Grid Computing
D)Extreme Programming
Question
Backing up software and having backup hardware devices are two large parts of network availability. What provides continuous online backup functionality?

A)Redundant Networks
B)Storage Area Networks
C)Mainframes
D)Hierarchical Storage Management
Question
Indecisive has been given the task of ensuring that critical papers and records that are required to operate the business are available in the event of a crisis. What advice should you give him to help him determine how to complete this task?

A)Save electronic backup copies of all documents
B)Keep multiple copies of the documents in different areas of the building
C)Set up a fire-proof safe in the building to store the documents
D)Set up an off-site storage to store the documents
Question
Disasters happen every day all over the world. Often, companies fail to develop a disaster plan. When should a disaster recovery plan take place?

A)Before a disaster hits
B)Right after the disaster hits
C)While the disaster is happening
D)All of the above
Question
There is no specific business continuity steps rulebook. However, the National Institute of Standards and Technology is responsible for developing best practices and they have developed seven best practices. What item below is not one of the best practices?

A)Develop the continuity planning policy statement.
B)Conduct the business impact analysis.
C)Create a financial plan.
D)Identify preventive controls.
Question
Carrie's friend was just in an earthquake while at work. This got Carrie thinking that her company needed a business continuity plan. She decided to put someone in charge of developing, implementing, and testing the new plan. What is the proper name for the person put in charge?

A)Plan Coordinator
B)Disaster Planner
C)Business Continuity Coordinator
D)Information Technology Disaster Officer
Question
Carrie put Mary in charge of conducting a business impact analysis. What would not be an aspect of a business impact analysis?

A)Interviews
B)Developing the hierarchy of business function.
C)Business function activities
D)Accounting
Question
A business impact analysis identifies which critical systems are needed by a company and estimates the outage time that can be tolerated for survival. What is this outage time referred to as?

A)Minimum Tolerable Downtime
B)Maximum Tolerable Downtime
C)Critical Time Lapse
D)Critical Survival Downtime
Question
If a company fails to have a disaster plan implemented, who could be sued?

A)Employees
B)Managers
C)Stakeholders
D)Executives
Question
There is a main difference between preventative mechanisms and recovery strategies. What would be true of recovery strategies?

A)Recovery strategies are processes on how to rescue the company.
B)Recovery strategies are put into place to reduce disaster possibilities.
C)Recovery strategies only address physical damages to property.
D)All of the above
Question
As we know, disasters happen. Sometimes they are manmade and other times they are acts of nature. What is/are a facility disruption type(s)?

A)Non-disasters
B)Disasters
C)Catastrophes
D)All of the above
Question
If a company faces a facility disruption that is equal to a catastrophe, they may have to find offsite facilities or rebuild the original building. If a company has to find an offsite facility, what would not be an option?

A)Hot Site
B)Local Site
C)Cold Site
D)Warm Site
Question
Bob's building just burned down, but his friend Ken owns a building four miles down the road. Ken's building has an empty floor, so he told Bob to come and use the empty floor until his building is fixed. Bob accepted, knowing he would do the same with his spare floor. What is this process called?

A)Trade Agreement
B)Offsite Trading
C)Reciprocal Agreements
D)Location Switching
Question
Becky works at Paul's company, which just got hit by a tornado. The next day Becky went to work a town over and knew the building layout as if she had worked there for years. What type of place is Becky in?

A)Rolling Hot Site
B)Mirror Site
C)Redundant Site
D)Recovery Site
Question
Zebra Inc. owns two buildings within a 100 mile radius of each other. They also employ 3,500 of the 10,000 people within that same 100 mile radius. If this company were to decide to create a disaster plan for long-term solutions without long-term downtime, what would be the best option?

A)Rolling Hot Site
B)Mirror Site
C)Redundant Site
D)Recovery Site
Question
Zebra Inc. owns two buildings within a 100 mile radius. This was a purposeful decision so that if a disaster were to strike, there would be a redundant site. What should be the minimum distance between Zebra Inc.'s two buildings for regional disasters?

A)25 Miles
B)50 Miles
C)100 Miles
D)125 Miles
Question
Where shouldn't business continuity and disaster recovery plans be kept once completed?

A)In a bank volt
B)Fireproof safe
C)File Cabinet
D)At the BCP coordinator's home
Question
Which of these terms is the correct way to describe a plan that is created to minimize harm to both personnel and facilities during a disaster?

A)Emergency Response
B)Crisis Management
C)Disaster Recovery
D)Business Continuity
Question
It is important to develop a system for contacting each employee in the event of a crisis. True or False?
Question
Which of these should be included in the Damage and Impact Assessment immediately after a crisis? Select all that apply.

A)Physical damage to the facility
B)Financial cost of all damages
C)Potential long term reputation damages
D)A and B
Question
When planning and implementing recovery/resumption procedures, what is the most important aspect?

A)That work proceed as quickly as possible
B)That business proceed as normal regardless of the cost
C)That each Crisis Team member is contacted prior to work beginning
D)That all decisions are document with justification
Question
When is a crisis normally declared "over"?

A)When the business is no longer under continued threat from the crisis
B)When the business has a plan to implement to recover from the crisis
C)When the business is able to function with its core processes up and running
D)When the business is able to operate as it was pre-crisis
Question
Which of these tasks are appropriate tasks for declaring a crisis to be "over"? Select all that apply.

A)Holding a press conference
B)Sending communication to employees
C)Documenting the decision
D)All of the above
Question
Indecisive wants to return the organization back to its normal, pre-crisis state. However, he is unable to do this as a result of the impact of the crisis. What should he do instead?

A)Continue to try to achieve pre-crisis normal state regardless of the cost
B)Declare the organization failed and file for bankruptcy
C)Declare a "new normal" state for the organization to operate in
D)Continue to react in crisis mode indefinitely
Question
What is the best definition for "alternate worksite"?

A)A work location that is rarely used
B)A work location to supplement the primary work location when it is full or occupied
C)A work location which can be used when the primary work location is not available
D)A work location which is located in a different state or country than the primary work location
Question
Which term is used to describe the process of returning an organization to its normal state after a crisis?

A)Recovery
B)Resumption
C)Readiness
D)Evaluation
Question
An organization has identified that the recovery time objective (RTO) criteria as the most critical criteria for its risk management strategy. The company might consider investing in which of the following?

A)Insurance
B)Hot site
C)Cold site
D)Warranty
Question
Once a company has determined its continuity and recovery plans, the plans have to be tested for any problems. What would be the most thorough approach to this undertaking?

A)Parallel testing
B)Full-interruption testing
C)Simulation testing
D)Structured walk-through test
Question
Once a company has determined its continuity and recovery plans, the plans have to be tested for any problems. What type of testing provides a specific scenario?

A)Parallel testing
B)Full-interruption testing
C)Simulation testing
D)Structured walk-through test
Question
Newbie has recently joined the Crisis Management team as part of his work on the Business Continuity Plan. When should he schedule his training on the current version of the Business Continuity Plan?

A)As soon as possible
B)During the next regularly scheduled training session
C)Official training is not needed
D)None of the above
Question
Richard has gone to see a man about issues involving denial-of-service attacks, malware damages, hackers, electronic theft, and privacy-related lawsuits. What is Richard planning to discuss with the man?

A)Attack Insurance
B)Business Insurance
C)Cyberinsurance
D)Virus Insurance
Question
When creating a business continuity plan, which of these decisions should be made first?

A)Who does the business continuity plan need to be distributed to
B)Which portions of the business need to remain active during a disaster
C)What is the allowed spending budget for the business continuity plan
D)What types of disasters should the business continuity plan cover
Question
How often should a Business Continuity Plan be updated or reviewed?

A)Never. Once the BCP is written, it does not need to be reviewed.
B)Only if new information appears that would change the BCP
C)On a regularly scheduled frequency (with more reviews if data warrants it)
D)Since the BCP is never completely finished, it is always being reviewed and updated.
Question
Business continuity planning should only be done for medium or large sized companies. Smaller companies cannot use the principles of BCP.
Question
A Risk Assessment is one of the first tasks to be completed in the creation of a Business Continuity Plan. What is the purpose of the Risk Assessment?

A)To provide a list of risks to the organization, along with potential countermeasures
B)To assemble a list of past crises that the organization has endured
C)To identify and analyze potential risks that may impact the organization
D)To create a matrix of potential risks and who is responsible for the countermeasure for each risk.
Question
Newbie has recently been asked to join the Business Continuity Planning team. As his first assignment, he is tasked with creating a list of potential threats for the company and ranking them. What phase of the project is he working on?

A)Business Impact Analysis
B)Risk Assessment
C)Strategic Planning
D)Critical Process Planning
Question
Who should be able to discuss the crisis with the media and other external organizations?

A)Only the appointed official media spokesperson
B)Whomever the media contacts
C)Only members of the Business Continuity team
D)Only members of the Board of Directors
Question
What is the most important element of a good Business Continuity Plan?

A)Company structure
B)Human resource management
C)Financial predictions
D)Cash flow
Question
If a fatality or injury occurs during a crisis, what should the Business Continuity Plan recommend?

A)That the next of kin be notified by the first person to discover the injury or fatality.
B)That the next of kin be notified by the CEO over the phone.
C)That the next of kin be notified in person by trained senior management.
D)That the next of kin be notified within 24 hours.
Question
When should a crisis management center location be identified?

A)During the creation of the BCP
B)During the time period between the warning of a crisis and the full impact of that crisis
C)During the first few hours of a crisis
D)During the first few days of a crisis
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/85
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 7: Operations
1
What is the difference between a computer-assisted crime and a computer-targeted crime?

A)In computer assisted crime, a computer is used as a tool
B)In computer assisted crime, a computer is a victim
C)Both A and B
D)Neither A nor B
In computer assisted crime, a computer is used as a tool
2
Pete is transferring evidence in a particular manner from Holland to China for forensic testing. Who has determined how computer evidence is to be handled?

A)The International Computer Forensic Committee
B)The Community of Forensic Affairs and Investigation
C)International Organization on Computer Evidence
D)The International Computer Evidence Community
International Organization on Computer Evidence
3
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence provides the greatest amount of reliability?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Best Evidence
4
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence can prove a fact all by itself?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
5
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence can prove an intermediate effect that can then be used to deduce another fact?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
6
Evidence has its own life cycle and courts and laws find evidence categories to garner different weight and values. What type of evidence involves testifying only on the facts as a witness?

A)Direct Evidence
B)Circumstantial Evidence
C)Best Evidence
D)Opinion Evidence
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
7
When it comes to computer crimes, there are two main types of surveillance. Which type would include security guards?

A)Search
B)Seizure
C)Computer
D)Physical
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
8
When it comes to computer crimes, there are two main types of surveillance. Which type would include auditing events?

A)Search
B)Seizure
C)Computer
D)Physical
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
9
There are many different types of computer crimes that can be committed with different methods. What computer crime is committed when the criminal commits small crimes to prevent the overall crime from being noticed?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)IP Spoofing
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
10
There are many different types of computer crimes that can be committed with different methods. What computer crime is committed when there is an alteration of data?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)IP Spoofing
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
11
There are many different types of computer crimes that can be committed with different methods. What method would include tracking and exploiting network traffic?

A)Excessive Privileges
B)Data Diddling
C)Password Sniffing
D)IP Spoofing
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
12
There are many different types of computer crimes that can be committed with different methods. What computer crime allows an attacker to eavesdrop?

A)Excessive Privileges
B)Data Diddling
C)Salami
D)Emanations Capturing
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
13
What type of evidence pertains to oral or written evidence presented in court that has no firsthand proof of accuracy or reliability?

A)Corroborative Evidence
B)Hearsay Evidence
C)Surveillance Evidence
D)Opinion Evidence
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
14
Mitch must review audit trail information. What is the method for such a review?

A)Manually
B)Automated
C)Both A and B
D)Neither A nor B
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
15
Theresa is suspicious of an employee's activity when they are logged-on to their computer. Theresa decides to monitor this employee for fraudulent activity, but plans to review the information later. What type of monitoring is Theresa using?

A)Manual Watching
B)Cameral Surveillance
C)Keystroke Monitoring
D)Access Control Snooping
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
16
What type of access control is principled on the idea that individuals should be given access only to the information they absolutely require in order to perform their job duties?

A)Statistical anomaly-based IDS
B)Network Sniffers
C)Default to No Access
D)Need-to-know
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
17
What is the proper term for a process to have no more privileges than necessary to be able to fulfill its functions?

A)Minimum Access
B)Least Privilege
C)Bare Privilege
D)Least Minimum Access
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
18
What should companies be concerned with when determining the best products to purchase while determining what would be the most cost effective with concerns to hardware failures?

A)Mean Time of Compensation
B)Mean Time Before Failure
C)Mean Time to Repair
D)None of the Above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
19
In Tracy's company, there has been a security breach. The company triaged the situation to determine its depth. What would be the next stage of an incident response procedure?

A)Containment
B)Investigation
C)Tracking
D)Analysis
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
20
When providing bad news during a crisis communication, which tactic should be employed when communicating the news?

A)Provide bad news all at once and don't sugarcoat it
B)Provide bad news and good news together to lessen the impact
C)Provide only good news; keep the bad news private
D)Try to put a good spin on bad news
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
21
What is used to detect software faults?

A)Capability Table
B)Context-based Access
C)Watchdog Timers
D)Access Control Matrix
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
22
The FFF Corporation manufactures nuclear products. Bob, the senior manager feels the company should put into place a system that is designed to seek security breaches. What type of system does Bob want?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-Based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
23
What type of system uses sensors and is usually in promiscuous mode?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
24
What type of system can be installed on individual workstations or servers to watch for inappropriate or anomalous activity?

A)Network-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
25
What is a behavior-based system that learns to build a profile of an environment's "normal" activities?

A)Statistical anomaly-based IDS
B)Intrusion Detection
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
26
Sara thinks that someone keeps trying to hack into her company's system and wants to know who and why. She decides to use a computer to set up a sacrificial lamb on the network. What is Sara practicing?

A)Statistical anomaly-based IDS
B)Honeypot
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
27
What is a term for programs or devices able to examine traffic on a LAN segment?

A)Statistical anomaly-based IDS
B)Network Sniffers
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
28
Kim wants to know of any differences in the baseline environment of her system by learning of any changes in the amount of activity in the system. What would be her best option?

A)Traffic Anomaly-based IDS
B)Network Sniffers
C)Network-based Detection
D)Host-based Detection
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
29
I am an evil hacker. I wish to infect your system with malicious code. What item below would I not do?

A)Viruses
B)Trojan Horses
C)Worms
D)Finger Jam
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
30
I have uploaded a virus that my antivirus program cannot find due to a false image being presented to it. What is on my computer?

A)Multipart Virus
B)Stealth Virus
C)Meme Virus
D)Polymorphic Virus
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
31
My computer has gotten sick, but there is no virus. Each time I think the illness is gone, it seems to reproduce itself. What has gotten into my computer?

A)Logic Bomb
B)Trojan Horse
C)Worms
D)Polymorphic Bomb
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
32
There are many problems when it comes to applying security to systems. What item below is a problem for security implementation?

A)Unpatched Systems
B)Patched Systems
C)Everything works properly.
D)All of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
33
Jim's computer system went crazy and just won't function properly. This upsets Jim greatly because without the computer, there is no work for Jim to do and the company sends people home when their computer is down. What should Jim be concerned with as he packs the computer to send it to the manufacture for repair?

A)Mean Time of Compensation
B)Broken Parts Determination
C)Mean Time to Repair
D)None of the Above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
34
It is very important for businesses to back up their data if they want some level of business functionality after a disaster. What two backup methods backup files from the time of the last full backup?

A)Rolling and Redundant
B)Rolling and Incremental
C)Incremental and Differential
D)Differential and Redundant
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
35
Manual electronic backup solutions can be time-consuming, costly, and error-prone. However, there are several technologies that can serve as an alternative. What alternative modifies files periodically and is popular with financial institutions?

A)Disk Shadowing
B)Remote Journaling
C)Electronic Vaulting
D)Tape Vaulting
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
36
Manual electronic backup solutions can be time-consuming, costly, and error-prone. However, there are several technologies that can serve as an alternative. What alternative focuses on the transmission of deltas and not the transmission of actual files?

A)Disk Shadowing
B)Remote Journaling
C)Electronic Vaulting
D)Tape Vaulting
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
37
When you turned your computer on this morning, it crashed. You are not concerned because yesterday, you created a _______.

A)Integrity Check
B)Commit
C)Rollback
D)Savepoint
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
38
What poses a potential risk that can negatively affect a segment or an entire network?

A)Single Point of Failure
B)Dual Failure Point
C)Lost Access Point
D)Single Access Point
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
39
What technology is used for redundancy and/or performance improvement?

A)Toolbox Engineering
B)Expert Systems
C)Redundant Array of Inexpensive Disks
D)Extreme Programming
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
40
What consists of large amounts of storage devices linked together by a high-speed private network and storage-specific switches?

A)Redundant Array of Independent Tapes
B)Storage Area Networks
C)Redundant Array of Inexpensive Disks
D)Extreme Programming
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
41
What is a group of servers that are viewed logically as one server to users and can be managed as a single logical system?

A)Redundant Array of Independent Tapes
B)Clustering
C)Grid Computing
D)Extreme Programming
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
42
Backing up software and having backup hardware devices are two large parts of network availability. What provides continuous online backup functionality?

A)Redundant Networks
B)Storage Area Networks
C)Mainframes
D)Hierarchical Storage Management
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
43
Indecisive has been given the task of ensuring that critical papers and records that are required to operate the business are available in the event of a crisis. What advice should you give him to help him determine how to complete this task?

A)Save electronic backup copies of all documents
B)Keep multiple copies of the documents in different areas of the building
C)Set up a fire-proof safe in the building to store the documents
D)Set up an off-site storage to store the documents
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
44
Disasters happen every day all over the world. Often, companies fail to develop a disaster plan. When should a disaster recovery plan take place?

A)Before a disaster hits
B)Right after the disaster hits
C)While the disaster is happening
D)All of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
45
There is no specific business continuity steps rulebook. However, the National Institute of Standards and Technology is responsible for developing best practices and they have developed seven best practices. What item below is not one of the best practices?

A)Develop the continuity planning policy statement.
B)Conduct the business impact analysis.
C)Create a financial plan.
D)Identify preventive controls.
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
46
Carrie's friend was just in an earthquake while at work. This got Carrie thinking that her company needed a business continuity plan. She decided to put someone in charge of developing, implementing, and testing the new plan. What is the proper name for the person put in charge?

A)Plan Coordinator
B)Disaster Planner
C)Business Continuity Coordinator
D)Information Technology Disaster Officer
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
47
Carrie put Mary in charge of conducting a business impact analysis. What would not be an aspect of a business impact analysis?

A)Interviews
B)Developing the hierarchy of business function.
C)Business function activities
D)Accounting
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
48
A business impact analysis identifies which critical systems are needed by a company and estimates the outage time that can be tolerated for survival. What is this outage time referred to as?

A)Minimum Tolerable Downtime
B)Maximum Tolerable Downtime
C)Critical Time Lapse
D)Critical Survival Downtime
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
49
If a company fails to have a disaster plan implemented, who could be sued?

A)Employees
B)Managers
C)Stakeholders
D)Executives
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
50
There is a main difference between preventative mechanisms and recovery strategies. What would be true of recovery strategies?

A)Recovery strategies are processes on how to rescue the company.
B)Recovery strategies are put into place to reduce disaster possibilities.
C)Recovery strategies only address physical damages to property.
D)All of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
51
As we know, disasters happen. Sometimes they are manmade and other times they are acts of nature. What is/are a facility disruption type(s)?

A)Non-disasters
B)Disasters
C)Catastrophes
D)All of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
52
If a company faces a facility disruption that is equal to a catastrophe, they may have to find offsite facilities or rebuild the original building. If a company has to find an offsite facility, what would not be an option?

A)Hot Site
B)Local Site
C)Cold Site
D)Warm Site
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
53
Bob's building just burned down, but his friend Ken owns a building four miles down the road. Ken's building has an empty floor, so he told Bob to come and use the empty floor until his building is fixed. Bob accepted, knowing he would do the same with his spare floor. What is this process called?

A)Trade Agreement
B)Offsite Trading
C)Reciprocal Agreements
D)Location Switching
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
54
Becky works at Paul's company, which just got hit by a tornado. The next day Becky went to work a town over and knew the building layout as if she had worked there for years. What type of place is Becky in?

A)Rolling Hot Site
B)Mirror Site
C)Redundant Site
D)Recovery Site
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
55
Zebra Inc. owns two buildings within a 100 mile radius of each other. They also employ 3,500 of the 10,000 people within that same 100 mile radius. If this company were to decide to create a disaster plan for long-term solutions without long-term downtime, what would be the best option?

A)Rolling Hot Site
B)Mirror Site
C)Redundant Site
D)Recovery Site
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
56
Zebra Inc. owns two buildings within a 100 mile radius. This was a purposeful decision so that if a disaster were to strike, there would be a redundant site. What should be the minimum distance between Zebra Inc.'s two buildings for regional disasters?

A)25 Miles
B)50 Miles
C)100 Miles
D)125 Miles
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
57
Where shouldn't business continuity and disaster recovery plans be kept once completed?

A)In a bank volt
B)Fireproof safe
C)File Cabinet
D)At the BCP coordinator's home
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
58
Which of these terms is the correct way to describe a plan that is created to minimize harm to both personnel and facilities during a disaster?

A)Emergency Response
B)Crisis Management
C)Disaster Recovery
D)Business Continuity
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
59
It is important to develop a system for contacting each employee in the event of a crisis. True or False?
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
60
Which of these should be included in the Damage and Impact Assessment immediately after a crisis? Select all that apply.

A)Physical damage to the facility
B)Financial cost of all damages
C)Potential long term reputation damages
D)A and B
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
61
When planning and implementing recovery/resumption procedures, what is the most important aspect?

A)That work proceed as quickly as possible
B)That business proceed as normal regardless of the cost
C)That each Crisis Team member is contacted prior to work beginning
D)That all decisions are document with justification
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
62
When is a crisis normally declared "over"?

A)When the business is no longer under continued threat from the crisis
B)When the business has a plan to implement to recover from the crisis
C)When the business is able to function with its core processes up and running
D)When the business is able to operate as it was pre-crisis
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
63
Which of these tasks are appropriate tasks for declaring a crisis to be "over"? Select all that apply.

A)Holding a press conference
B)Sending communication to employees
C)Documenting the decision
D)All of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
64
Indecisive wants to return the organization back to its normal, pre-crisis state. However, he is unable to do this as a result of the impact of the crisis. What should he do instead?

A)Continue to try to achieve pre-crisis normal state regardless of the cost
B)Declare the organization failed and file for bankruptcy
C)Declare a "new normal" state for the organization to operate in
D)Continue to react in crisis mode indefinitely
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
65
What is the best definition for "alternate worksite"?

A)A work location that is rarely used
B)A work location to supplement the primary work location when it is full or occupied
C)A work location which can be used when the primary work location is not available
D)A work location which is located in a different state or country than the primary work location
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
66
Which term is used to describe the process of returning an organization to its normal state after a crisis?

A)Recovery
B)Resumption
C)Readiness
D)Evaluation
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
67
An organization has identified that the recovery time objective (RTO) criteria as the most critical criteria for its risk management strategy. The company might consider investing in which of the following?

A)Insurance
B)Hot site
C)Cold site
D)Warranty
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
68
Once a company has determined its continuity and recovery plans, the plans have to be tested for any problems. What would be the most thorough approach to this undertaking?

A)Parallel testing
B)Full-interruption testing
C)Simulation testing
D)Structured walk-through test
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
69
Once a company has determined its continuity and recovery plans, the plans have to be tested for any problems. What type of testing provides a specific scenario?

A)Parallel testing
B)Full-interruption testing
C)Simulation testing
D)Structured walk-through test
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
70
Newbie has recently joined the Crisis Management team as part of his work on the Business Continuity Plan. When should he schedule his training on the current version of the Business Continuity Plan?

A)As soon as possible
B)During the next regularly scheduled training session
C)Official training is not needed
D)None of the above
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
71
Richard has gone to see a man about issues involving denial-of-service attacks, malware damages, hackers, electronic theft, and privacy-related lawsuits. What is Richard planning to discuss with the man?

A)Attack Insurance
B)Business Insurance
C)Cyberinsurance
D)Virus Insurance
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
72
When creating a business continuity plan, which of these decisions should be made first?

A)Who does the business continuity plan need to be distributed to
B)Which portions of the business need to remain active during a disaster
C)What is the allowed spending budget for the business continuity plan
D)What types of disasters should the business continuity plan cover
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
73
How often should a Business Continuity Plan be updated or reviewed?

A)Never. Once the BCP is written, it does not need to be reviewed.
B)Only if new information appears that would change the BCP
C)On a regularly scheduled frequency (with more reviews if data warrants it)
D)Since the BCP is never completely finished, it is always being reviewed and updated.
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
74
Business continuity planning should only be done for medium or large sized companies. Smaller companies cannot use the principles of BCP.
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
75
A Risk Assessment is one of the first tasks to be completed in the creation of a Business Continuity Plan. What is the purpose of the Risk Assessment?

A)To provide a list of risks to the organization, along with potential countermeasures
B)To assemble a list of past crises that the organization has endured
C)To identify and analyze potential risks that may impact the organization
D)To create a matrix of potential risks and who is responsible for the countermeasure for each risk.
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
76
Newbie has recently been asked to join the Business Continuity Planning team. As his first assignment, he is tasked with creating a list of potential threats for the company and ranking them. What phase of the project is he working on?

A)Business Impact Analysis
B)Risk Assessment
C)Strategic Planning
D)Critical Process Planning
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
77
Who should be able to discuss the crisis with the media and other external organizations?

A)Only the appointed official media spokesperson
B)Whomever the media contacts
C)Only members of the Business Continuity team
D)Only members of the Board of Directors
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
78
What is the most important element of a good Business Continuity Plan?

A)Company structure
B)Human resource management
C)Financial predictions
D)Cash flow
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
79
If a fatality or injury occurs during a crisis, what should the Business Continuity Plan recommend?

A)That the next of kin be notified by the first person to discover the injury or fatality.
B)That the next of kin be notified by the CEO over the phone.
C)That the next of kin be notified in person by trained senior management.
D)That the next of kin be notified within 24 hours.
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
80
When should a crisis management center location be identified?

A)During the creation of the BCP
B)During the time period between the warning of a crisis and the full impact of that crisis
C)During the first few hours of a crisis
D)During the first few days of a crisis
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 85 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree