Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 2: Planning for Organizational Readiness

Full screen (f)
exit full mode
Question
A weighted analysis table can be useful in resolving the issue of what business function is the most critical.
Use Space or
up arrow
down arrow
to flip the card.
Question
____ should include scenarios depicting a typical attack,including its methodology,indicators of an attack,and broad consequences.

A)Cross-training
B)Attack triggers
C)Attack scenarios
D)Incident profiles
Question
The ____ is the point in time by which systems and data must be recovered after an outage as determined by the business unit.

A)recovery point objective
B)dependency objective
C)recovery time objective
D)training objective
Question
The reason for the ____ is to define the scope of the CP operations and establish managerial intent with regard to timetables for response to incidents,recovery from disasters,and reestablishment of operations for continuity.

A)incident response policy
B)contingency planning policy
C)disaster recovery policy
D)cross-training policy
Question
Attacks with a remote chance of occurrence receive more attention than those that occur frequently.
Question
____ is a common approach used in the discipline of systems analysis and design.

A)Database diagramming
B)Network diagramming
C)Application diagramming
D)Systems diagramming
Question
A(n)____ should be a high-level manager with influence and resources that can be used to support the project team,promote the objectives of the CP project,and endorse the results that come from the combined effort.

A)incident manager
B)champion
C)crisis manager
D)project manager
Question
The ____ job functions focus more on costs of system creation and operation,ease of use for system users,and timeliness of system creation,as well as transaction response time.

A)information technology management and professionals
B)organizational management and professionals
C)information security management and professionals
D)human resource management and professional
Question
The ____ is an investigation and assessment of the impact that various attacks can have on the organization.

A)business impact analysis
B)threat of attack analysis
C)forensic analysis
D)cross-training analysis
Question
The ____ job functions and organizational roles focus on protecting the organization's information systems and stored information from attacks.

A)information technology management and professionals
B)organizational management and professionals
C)information security management and professionals
D)human resource management and professional
Question
A(n)____ provides the strategic vision and the linkage to the power structure of the organization,but someone has to manage the project.

A)incident manager
B)champion
C)crisis manager
D)project manager
Question
The elements required to begin the ____ process are a planning methodology;a policy environment to enable the planning process;an understanding of the cause and effects of core precursor activities,known as the business impact analysis;and access to financial and other resources,as articulated and outlined by the planning budget.

A)human resource planning
B)information security planning
C)relocation planning
D)contingency planning
Question
Effective contingency planning begins with effective policy.
Question
The organization's level of preparedness directly influences the probability of a successful attack.
Question
Team leaders from the subordinate teams,including the IR,DR,and BC teams,should not be included in the CPMT.
Question
The ____ can be used to collect information directly from the end users and business managers.

A)facilitated data gathering session
B)data management session
C)system log session
D)forensic analysis
Question
A(n)____ must lead the project and make sure a sound project planning process is used,a complete and useful project plan is developed,and project resources are prudently managed to reach the goals of the project.

A)incident manager
B)champion
C)crisis manager
D)project manager
Question
A(n)____ is generally thought of as a group of individuals united by shared interests or values within an organization and who share a common goal of making the organization function to meet its objectives.

A)database community
B)network community
C)community of interest
D)incident response community
Question
The ____ is the period of time within which systems,applications,or functions must be recovered after an outage.

A)recovery point objective
B)dependency objective
C)recovery time objective
D)training objective
Question
The ____ details the estimate the cost of the best,worst,and most likely outcomes.

A)attack profile
B)attack scenario end case
C)trigger profile
D)incident profile
Question
The focus of the _________________________ in developing the BIA should also include non-information security threats such as work stoppages,serious illnesses (pandemics),and other critical threats.
Question
The violation of fair use of copyrighted material is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Question
The illegal "taking" of organizational assets is an example of a deliberate act of ____________________.
Question
Match each statement with an item below.

-Can provide a much more accurate description of the attack environment the organization faces.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
Match each statement with an item below.

-Helps to identify and prioritize critical IT systems and components.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
Match each statement with an item below.

-Specifically designed to understand the interactions between entities and business functions.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
The _________________________ adds insight into what the organization must do to respond to an attack,minimize the damage from the attack,recover from the effects,and return to normal operations.
Question
The unauthorized logical access to organizational information or systems is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Question
_________________________ are often used as the basis for the development of recovery strategies and as a determinant as to whether or not to implement the recovery strategies during a disaster situation.
Question
Match each statement with an item below.

-Installation of unauthorized software.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
Match each statement with an item below.

-Maximum allowable downtime.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
Match each statement with an item below.

-Also called attack profiles.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
The blackmail of an organization for information assets is an example of a(n)____.

A)deliberate act of sabotage
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Question
Match each statement with an item below.

-The number-one budgetary expense for disaster recovery.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
Match each statement with an item below.

-Unauthorized installation of software in violation of its licensing.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
The physical damage or destruction of organizational assets is an example of a(n)____.

A)deliberate act of sabotage
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Question
____ collect and provide reports on failed login attempts,probes,scans,denial-of-service attacks,and viruses detected,to name a few.

A)Departmental reports
B)Financial reports
C)Scheduled reports
D)System logs
Question
Match each statement with an item below.

-Facilitates data collection and analysis.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Question
The use of antiquated or outdated technologies is an example of ____________________ obsolescence.
Question
The accidental deletion of user desktop data or files by a member of the organization is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Question
List five elements that contribute to a successful business impact analysis.
Question
What are the stages used by the CPMT when conducting a business impact analysis?
Question
What is business impact analysis and why is it important?
Question
List five deliberate software attacks.
Question
To effectively perform the BIA,a large quantity of information specific to various business areas and functions is needed.What are the methods used to collect this information?
Question
What are the functions of the contingency planning management team?
Question
What is the difference between a champion and a project manager?
Question
What is the 7-step contingency process that an organization may apply to develop and maintain a viable contingency planning program for their IT systems?
Question
What is the difference between the recovery point objective and the recovery time objective?
Question
There are three identified communities of interest that have roles and responsibilities in information security.What are the roles fulfilled by each community of interest?
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 2: Planning for Organizational Readiness
1
A weighted analysis table can be useful in resolving the issue of what business function is the most critical.
True
2
____ should include scenarios depicting a typical attack,including its methodology,indicators of an attack,and broad consequences.

A)Cross-training
B)Attack triggers
C)Attack scenarios
D)Incident profiles
C
3
The ____ is the point in time by which systems and data must be recovered after an outage as determined by the business unit.

A)recovery point objective
B)dependency objective
C)recovery time objective
D)training objective
A
4
The reason for the ____ is to define the scope of the CP operations and establish managerial intent with regard to timetables for response to incidents,recovery from disasters,and reestablishment of operations for continuity.

A)incident response policy
B)contingency planning policy
C)disaster recovery policy
D)cross-training policy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
Attacks with a remote chance of occurrence receive more attention than those that occur frequently.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
____ is a common approach used in the discipline of systems analysis and design.

A)Database diagramming
B)Network diagramming
C)Application diagramming
D)Systems diagramming
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
A(n)____ should be a high-level manager with influence and resources that can be used to support the project team,promote the objectives of the CP project,and endorse the results that come from the combined effort.

A)incident manager
B)champion
C)crisis manager
D)project manager
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
The ____ job functions focus more on costs of system creation and operation,ease of use for system users,and timeliness of system creation,as well as transaction response time.

A)information technology management and professionals
B)organizational management and professionals
C)information security management and professionals
D)human resource management and professional
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
The ____ is an investigation and assessment of the impact that various attacks can have on the organization.

A)business impact analysis
B)threat of attack analysis
C)forensic analysis
D)cross-training analysis
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
The ____ job functions and organizational roles focus on protecting the organization's information systems and stored information from attacks.

A)information technology management and professionals
B)organizational management and professionals
C)information security management and professionals
D)human resource management and professional
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
A(n)____ provides the strategic vision and the linkage to the power structure of the organization,but someone has to manage the project.

A)incident manager
B)champion
C)crisis manager
D)project manager
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
The elements required to begin the ____ process are a planning methodology;a policy environment to enable the planning process;an understanding of the cause and effects of core precursor activities,known as the business impact analysis;and access to financial and other resources,as articulated and outlined by the planning budget.

A)human resource planning
B)information security planning
C)relocation planning
D)contingency planning
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Effective contingency planning begins with effective policy.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
The organization's level of preparedness directly influences the probability of a successful attack.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Team leaders from the subordinate teams,including the IR,DR,and BC teams,should not be included in the CPMT.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
The ____ can be used to collect information directly from the end users and business managers.

A)facilitated data gathering session
B)data management session
C)system log session
D)forensic analysis
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
A(n)____ must lead the project and make sure a sound project planning process is used,a complete and useful project plan is developed,and project resources are prudently managed to reach the goals of the project.

A)incident manager
B)champion
C)crisis manager
D)project manager
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
A(n)____ is generally thought of as a group of individuals united by shared interests or values within an organization and who share a common goal of making the organization function to meet its objectives.

A)database community
B)network community
C)community of interest
D)incident response community
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
The ____ is the period of time within which systems,applications,or functions must be recovered after an outage.

A)recovery point objective
B)dependency objective
C)recovery time objective
D)training objective
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
The ____ details the estimate the cost of the best,worst,and most likely outcomes.

A)attack profile
B)attack scenario end case
C)trigger profile
D)incident profile
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
The focus of the _________________________ in developing the BIA should also include non-information security threats such as work stoppages,serious illnesses (pandemics),and other critical threats.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
The violation of fair use of copyrighted material is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
The illegal "taking" of organizational assets is an example of a deliberate act of ____________________.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each statement with an item below.

-Can provide a much more accurate description of the attack environment the organization faces.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
Match each statement with an item below.

-Helps to identify and prioritize critical IT systems and components.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Match each statement with an item below.

-Specifically designed to understand the interactions between entities and business functions.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
The _________________________ adds insight into what the organization must do to respond to an attack,minimize the damage from the attack,recover from the effects,and return to normal operations.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
The unauthorized logical access to organizational information or systems is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
_________________________ are often used as the basis for the development of recovery strategies and as a determinant as to whether or not to implement the recovery strategies during a disaster situation.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Match each statement with an item below.

-Installation of unauthorized software.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Match each statement with an item below.

-Maximum allowable downtime.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
Match each statement with an item below.

-Also called attack profiles.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
The blackmail of an organization for information assets is an example of a(n)____.

A)deliberate act of sabotage
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Match each statement with an item below.

-The number-one budgetary expense for disaster recovery.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Match each statement with an item below.

-Unauthorized installation of software in violation of its licensing.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
The physical damage or destruction of organizational assets is an example of a(n)____.

A)deliberate act of sabotage
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
____ collect and provide reports on failed login attempts,probes,scans,denial-of-service attacks,and viruses detected,to name a few.

A)Departmental reports
B)Financial reports
C)Scheduled reports
D)System logs
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Match each statement with an item below.

-Facilitates data collection and analysis.

A)BIA
B)Attack scenarios
C)Online questionnaire
D)Recovery time objective
E)Use case diagram
F)System log
G)Insurance
H)Act of human error
I)Compromises to intellectual property
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
The use of antiquated or outdated technologies is an example of ____________________ obsolescence.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
The accidental deletion of user desktop data or files by a member of the organization is an example of a(n)____.

A)compromise to intellectual property
B)act of human error
C)deliberate act of trespass
D)deliberate act of information distortion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
List five elements that contribute to a successful business impact analysis.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
What are the stages used by the CPMT when conducting a business impact analysis?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
What is business impact analysis and why is it important?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
List five deliberate software attacks.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
To effectively perform the BIA,a large quantity of information specific to various business areas and functions is needed.What are the methods used to collect this information?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
What are the functions of the contingency planning management team?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
What is the difference between a champion and a project manager?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
What is the 7-step contingency process that an organization may apply to develop and maintain a viable contingency planning program for their IT systems?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What is the difference between the recovery point objective and the recovery time objective?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
There are three identified communities of interest that have roles and responsibilities in information security.What are the roles fulfilled by each community of interest?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree