Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 3: Planning for Contingencies

Full screen (f)
exit full mode
Question
An unusual system crash is a possible indicator of an actual incident.
Use Space or
up arrow
down arrow
to flip the card.
Question
In a warm site,all communications services must be installed after the site is occupied.
Question
The presence of hacker tools in a system definitely signals that an incident is in progress or has occurred.
Question
Attack success scenarios include alternative outcomes of an attack.
Question
In most organizations,the COO is responsible for creating the IRP.
Question
A sequential system of activating an alert roster is more accurate than a hierarchical system.
Question
An organization should start documenting an incident after the incident has been contained.
Question
When an incident takes place,the disaster recovery plan (DRP)is invoked before the incident response plan (IRP).
Question
To perform parallel testing,the operations of the business must be halted.
Question
Incident recovery should begin after the incident has been contained.
Question
Continuous process improvement (CPI)suggests that each time the organization rehearses its plans,it should learn from the process,improve the process,and then rehearse again.
Question
The BCP is activated and executed concurrently with the DRP when the disaster is major or long term.
Question
A structured walk-through is the simplest kind of validation for reviewing the perceived feasibility and effectiveness of the contingency plan.
Question
Computer hardware and peripherals are provided in a cold site.
Question
The BCP is most properly managed by the CISO of an organization.
Question
A sequential system of activating an alert roster is quicker than a hierarchical system.
Question
The business continuity team detects,evaluates,and responds to disasters,and also reestablishes operations at the primary business site.
Question
Notification from IDS is a probable indicator of an actual incident.
Question
Verifying personnel status is a responsibility of the IR team.
Question
Classifying an incident is the responsibility of the IR team.
Question
A(n)  champion \text {\underline{ champion} }

is an executive who supports,promotes,and endorses the findings of the CP project._________________________
Question
Parallel  \text {\underline{Parallel } }
testing is the most rigorous strategy for testing contingency plans._________________________
Question
A(n)attack scenario  \text {\underline{scenario } }

consists of a detailed description of the activities that usually occur during an attack._________________________
Question
A(n) structured walk-through  \text {\underline{structured walk-through } }

is a method of testing contingency plans in which each involved person works individually to simulate the performance of each task that he or she is responsible for._________________________
Question
A(n) hierarchical  \text {\underline{hierarchical } }
roster requires that a contact person call each and every person on the roster._________________________
Question
The BIA planning team estimates the cost of the best,worst,and most likely outcomes of an attack by preparing a(n)  attack scenario end case  \text {\underline{ attack scenario end case } }

_________________________
Question
The  disaster recovery \text {\underline{ disaster recovery} }

team is responsible for detecting,evaluating,and responding to disasters,and reestablishing operations at the primary business site._________________________
Question
A(n)  alert message \text {\underline{ alert message} }

is a scripted set of initial instructions used to respond to an incident._________________________
Question
The  IR Plan  \text {\underline{ IR Plan } }

is the component of contingency planning that focuses on restoring operations at the primary site._________________________
Question
The concept that iteration results in improvement is implemented in the methodology of  continuous process improvement (CPI) \text {\underline{ continuous process improvement (CPI)} }

._________________________
Question
The CP  \text {\underline{CP } }

team manages and executes the incident response plan by detecting,evaluating,and responding to incidents._________________________
Question
In contingency planning,an unexpected,negative occurrence is called a(n) event.  \text {\underline{event. } }

._________________________
Question
Changes to logs are probable  \text {\underline{probable } }

indicators of an actual incident._________________________
Question
The  business impact analysis \text {\underline{ business impact analysis} }

provides the CP team with information about systems and the threats they face._________________________
Question
Rapid-onset  \text {\underline{Rapid-onset } }

disasters occur suddenly,and may take the lives of people and destroy the means of production._________________________
Question
Activities at unexpected times are  probable \text {\underline{ probable} }

indicators of an actual incident._________________________
Question
Electronic vaulting  \text {\underline{Electronic vaulting } }

involves the transfer of live transactions to an off-site facility._________________________
Question
The process of examining a possible incident and determining whether it constitutes an actual incident is called incident  verification \text {\underline{ verification} }
._________________________
Question
Crisis  \text {\underline{Crisis } }

management entails a set of focused steps that deal primarily with the people involved in a disaster._________________________
Question
The presence of unfamiliar files is a(n)  definite \text {\underline{ definite} }

indicator of an actual incident._________________________
Question
A scripted set of instructions about an incident is known as a(n)____.

A) incident report
B) incident summary
C) alert roster
D) alert message
Question
The three categories of incident indicators identified by D.L.Pipkin are possible,probable,and ____.

A) likely
B) improbable
C) definite
D) unlikely
Question
Operations at the primary business site are reestablished by the ____ team.

A) business continuity
B) CP
C) incident response
D) disaster recovery
Question
The ____ plan enables the business to continue to function at an alternate site.

A) FR
B) BC
C) IR
D) DR
Question
The IR Plan is usually activated ____.

A) before an incident takes place
B) when an incident is detected
C) once the DRP is activated
D) once the BCP is activated
Question
Which of the following is a possible indicator of an actual incident?

A) Unusual consumption of computing resources
B) Activities at unexpected times
C) Presence of hacker tools
D) Reported attacks
Question
A document that contains contact information on the individuals to be notified in the event of an actual incident is called a(n)____.

A) notification table
B) alert roster
C) notification list
D) response list
Question
Determining whether a possible incident is an actual incident is the responsibility of the ____ team.

A) CP
B) BC
C) DR
D) IR
Question
In a ____ activation,a single person calls all the people on the roster.

A) sequential
B) linear
C) random
D) hierarchical
Question
____ is the process of examining a possible incident and determining whether it constitutes an actual incident.

A) Incident classification
B) Incident identification
C) Incident registration
D) Incident verification
Question
In CP,an unexpected event is called a(n)____.

A) disaster
B) occurrence
C) episode
D) incident
Question
The ____ plan focuses on restoring operations at the primary site.

A) DR
B) IR
C) FR
D) BC
Question
In the event of an incident or disaster,the ____ team sets up and starts off-site operations.

A) CP
B) business continuity
C) disaster recovery
D) incident response
Question
The ____ plan focuses on the immediate response to an incident.

A) DR
B) IR
C) BC
D) FR
Question
Which of the following is a probable indicator of an actual incident?

A) Presence of unfamiliar files
B) Unusual system crashes
C) Presence of new accounts
D) Presence or execution of unknown programs
Question
Which of the following is a definite indicator of an actual incident?

A) Unusual system crashes
B) Reported attack
C) Presence of new accounts
D) Use of dormant accounts
Question
A ____ activation requires that the first person call designated people on the roster,who in turn call other designated people,and so on.

A) hierarchical
B) sequential
C) serial
D) random
Question
The two ways to activate an alert roster are sequentially and ____.

A) exponentially
B) dynamically
C) randomly
D) hierarchically
Question
The responsibility for creating an organization's IR Plan usually falls to the ____.

A) CIO
B) network administrators
C) security managers
D) CISO
Question
The ____ team collects information about information systems and the threats they face,and creates the contingency plans for incident response,disaster recovery,and business continuity.

A) incident response
B) CP
C) disaster recovery
D) business continuity
Question
The BC Plan is most properly managed by the ____.

A) CEO
B) CIO
C) CISO
D) IT community of interest
Question
____ ensures that critical business functions can continue if a disaster occurs.

A) Business continuity planning
B) Incident response planning
C) Disaster recovery planning
D) Crisis management planning
Question
A(n)____ determines the extent of the breach of confidentiality,integrity,and availability of information and information assets.

A) incident report
B) incident damage assessment
C) information loss assessment
D) damage report
Question
The DRP is usually managed by the ____.

A) CEO
B) COO
C) CISO
D) IT community of interest
Question
Which of the following is an example of a rapid-onset disaster?

A) Flood
B) Pest infestation
C) Famine
D) Environmental degradation
Question
Organizations located in coastal areas are more likely to experience ____ than organizations in other cities.

A) fires
B) earthquakes
C) tsunamis
D) cyberterrorism
Question
Dust contamination can ____.

A) damage the building that houses the information systems
B) shorten the lives of information systems
C) cause fires or other disasters
D) disrupt access to the building that houses the information systems
Question
Crisis management is designed to deal primarily with ____.

A) computer systems
B) network devices
C) network data
D) people
Question
Which of the following is an example of a slow-onset disaster?

A) Earthquake
B) Tornado
C) Mud flow
D) Pest infestation
Question
A ____ is a fully configured computer facility that needs only the latest data backups and the personnel to function.

A) hot site
B) warm site
C) cold site
D) service bureau
Question
A warm site ____.

A) includes software applications
B) includes computer equipment
C) can be fully functional within minutes
D) costs more than a hot site
Question
When a disaster threatens the viability of an organization at the primary site,the ____ is started.

A) crisis management process
B) business continuity process
C) incident response process
D) disaster recovery process
Question
Which of the following is a responsibility of the crisis management team?

A) Restoring the data from backups
B) Evaluating monitoring capabilities
C) Activating the alert roster
D) Restoring the services and processes in use
Question
A(n)____ entails a detailed examination of the events that occurred from first detection to final recovery.

A) alert message
B) alert roster
C) after-action review
D) incident damage assessment
Question
When dealing with an incident,the last action the IR team takes is to ____.

A) create the incident damage assessment
B) conduct an after-action review
C) restore data from backups
D) restore services and processes in use
Question
Which of the following is true about a hot site?

A) It is an empty room with standard heating, air conditioning, and electrical service.
B) It includes computing equipment and peripherals with servers but not client workstations.
C) It duplicates computing resources, peripherals, phone systems, applications, and workstations.
D) All communications services must be installed after the site is occupied.
Question
As part of DR plan readiness,each employee should have two types of ____ information cards in his or her possession at all times.

A) emergency
B) medical
C) insurance
D) lottery
Question
Which of the following can be fully functional within minutes?

A) A warm site
B) A hot site
C) A cold site
D) All of these
Question
No computer hardware or peripherals are provided in a ____.

A) cold site
B) warm site
C) timeshare
D) hot site
Question
Which of the following is a part of the incident recovery process?

A) Identifying the vulnerabilities that allowed the incident to occur and spread
B) Determining the event's impact on normal business operations and, if necessary, making a disaster declaration
C) Supporting personnel and their loved ones during the crisis
D) Keeping the public informed about the event and the actions being taken to ensure the recovery of personnel and the enterprise
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/114
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 3: Planning for Contingencies
1
An unusual system crash is a possible indicator of an actual incident.
True
2
In a warm site,all communications services must be installed after the site is occupied.
False
3
The presence of hacker tools in a system definitely signals that an incident is in progress or has occurred.
True
4
Attack success scenarios include alternative outcomes of an attack.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
5
In most organizations,the COO is responsible for creating the IRP.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
6
A sequential system of activating an alert roster is more accurate than a hierarchical system.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
7
An organization should start documenting an incident after the incident has been contained.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
8
When an incident takes place,the disaster recovery plan (DRP)is invoked before the incident response plan (IRP).
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
9
To perform parallel testing,the operations of the business must be halted.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
10
Incident recovery should begin after the incident has been contained.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
11
Continuous process improvement (CPI)suggests that each time the organization rehearses its plans,it should learn from the process,improve the process,and then rehearse again.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
12
The BCP is activated and executed concurrently with the DRP when the disaster is major or long term.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
13
A structured walk-through is the simplest kind of validation for reviewing the perceived feasibility and effectiveness of the contingency plan.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
14
Computer hardware and peripherals are provided in a cold site.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
15
The BCP is most properly managed by the CISO of an organization.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
16
A sequential system of activating an alert roster is quicker than a hierarchical system.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
17
The business continuity team detects,evaluates,and responds to disasters,and also reestablishes operations at the primary business site.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
18
Notification from IDS is a probable indicator of an actual incident.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
19
Verifying personnel status is a responsibility of the IR team.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
20
Classifying an incident is the responsibility of the IR team.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
21
A(n)  champion \text {\underline{ champion} }

is an executive who supports,promotes,and endorses the findings of the CP project._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
22
Parallel  \text {\underline{Parallel } }
testing is the most rigorous strategy for testing contingency plans._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
23
A(n)attack scenario  \text {\underline{scenario } }

consists of a detailed description of the activities that usually occur during an attack._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
24
A(n) structured walk-through  \text {\underline{structured walk-through } }

is a method of testing contingency plans in which each involved person works individually to simulate the performance of each task that he or she is responsible for._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
25
A(n) hierarchical  \text {\underline{hierarchical } }
roster requires that a contact person call each and every person on the roster._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
26
The BIA planning team estimates the cost of the best,worst,and most likely outcomes of an attack by preparing a(n)  attack scenario end case  \text {\underline{ attack scenario end case } }

_________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
27
The  disaster recovery \text {\underline{ disaster recovery} }

team is responsible for detecting,evaluating,and responding to disasters,and reestablishing operations at the primary business site._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
28
A(n)  alert message \text {\underline{ alert message} }

is a scripted set of initial instructions used to respond to an incident._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
29
The  IR Plan  \text {\underline{ IR Plan } }

is the component of contingency planning that focuses on restoring operations at the primary site._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
30
The concept that iteration results in improvement is implemented in the methodology of  continuous process improvement (CPI) \text {\underline{ continuous process improvement (CPI)} }

._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
31
The CP  \text {\underline{CP } }

team manages and executes the incident response plan by detecting,evaluating,and responding to incidents._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
32
In contingency planning,an unexpected,negative occurrence is called a(n) event.  \text {\underline{event. } }

._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
33
Changes to logs are probable  \text {\underline{probable } }

indicators of an actual incident._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
34
The  business impact analysis \text {\underline{ business impact analysis} }

provides the CP team with information about systems and the threats they face._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
35
Rapid-onset  \text {\underline{Rapid-onset } }

disasters occur suddenly,and may take the lives of people and destroy the means of production._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
36
Activities at unexpected times are  probable \text {\underline{ probable} }

indicators of an actual incident._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
37
Electronic vaulting  \text {\underline{Electronic vaulting } }

involves the transfer of live transactions to an off-site facility._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
38
The process of examining a possible incident and determining whether it constitutes an actual incident is called incident  verification \text {\underline{ verification} }
._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
39
Crisis  \text {\underline{Crisis } }

management entails a set of focused steps that deal primarily with the people involved in a disaster._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
40
The presence of unfamiliar files is a(n)  definite \text {\underline{ definite} }

indicator of an actual incident._________________________
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
41
A scripted set of instructions about an incident is known as a(n)____.

A) incident report
B) incident summary
C) alert roster
D) alert message
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
42
The three categories of incident indicators identified by D.L.Pipkin are possible,probable,and ____.

A) likely
B) improbable
C) definite
D) unlikely
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
43
Operations at the primary business site are reestablished by the ____ team.

A) business continuity
B) CP
C) incident response
D) disaster recovery
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
44
The ____ plan enables the business to continue to function at an alternate site.

A) FR
B) BC
C) IR
D) DR
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
45
The IR Plan is usually activated ____.

A) before an incident takes place
B) when an incident is detected
C) once the DRP is activated
D) once the BCP is activated
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
46
Which of the following is a possible indicator of an actual incident?

A) Unusual consumption of computing resources
B) Activities at unexpected times
C) Presence of hacker tools
D) Reported attacks
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
47
A document that contains contact information on the individuals to be notified in the event of an actual incident is called a(n)____.

A) notification table
B) alert roster
C) notification list
D) response list
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
48
Determining whether a possible incident is an actual incident is the responsibility of the ____ team.

A) CP
B) BC
C) DR
D) IR
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
49
In a ____ activation,a single person calls all the people on the roster.

A) sequential
B) linear
C) random
D) hierarchical
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
50
____ is the process of examining a possible incident and determining whether it constitutes an actual incident.

A) Incident classification
B) Incident identification
C) Incident registration
D) Incident verification
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
51
In CP,an unexpected event is called a(n)____.

A) disaster
B) occurrence
C) episode
D) incident
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
52
The ____ plan focuses on restoring operations at the primary site.

A) DR
B) IR
C) FR
D) BC
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
53
In the event of an incident or disaster,the ____ team sets up and starts off-site operations.

A) CP
B) business continuity
C) disaster recovery
D) incident response
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
54
The ____ plan focuses on the immediate response to an incident.

A) DR
B) IR
C) BC
D) FR
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
55
Which of the following is a probable indicator of an actual incident?

A) Presence of unfamiliar files
B) Unusual system crashes
C) Presence of new accounts
D) Presence or execution of unknown programs
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
56
Which of the following is a definite indicator of an actual incident?

A) Unusual system crashes
B) Reported attack
C) Presence of new accounts
D) Use of dormant accounts
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
57
A ____ activation requires that the first person call designated people on the roster,who in turn call other designated people,and so on.

A) hierarchical
B) sequential
C) serial
D) random
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
58
The two ways to activate an alert roster are sequentially and ____.

A) exponentially
B) dynamically
C) randomly
D) hierarchically
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
59
The responsibility for creating an organization's IR Plan usually falls to the ____.

A) CIO
B) network administrators
C) security managers
D) CISO
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
60
The ____ team collects information about information systems and the threats they face,and creates the contingency plans for incident response,disaster recovery,and business continuity.

A) incident response
B) CP
C) disaster recovery
D) business continuity
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
61
The BC Plan is most properly managed by the ____.

A) CEO
B) CIO
C) CISO
D) IT community of interest
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
62
____ ensures that critical business functions can continue if a disaster occurs.

A) Business continuity planning
B) Incident response planning
C) Disaster recovery planning
D) Crisis management planning
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
63
A(n)____ determines the extent of the breach of confidentiality,integrity,and availability of information and information assets.

A) incident report
B) incident damage assessment
C) information loss assessment
D) damage report
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
64
The DRP is usually managed by the ____.

A) CEO
B) COO
C) CISO
D) IT community of interest
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
65
Which of the following is an example of a rapid-onset disaster?

A) Flood
B) Pest infestation
C) Famine
D) Environmental degradation
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
66
Organizations located in coastal areas are more likely to experience ____ than organizations in other cities.

A) fires
B) earthquakes
C) tsunamis
D) cyberterrorism
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
67
Dust contamination can ____.

A) damage the building that houses the information systems
B) shorten the lives of information systems
C) cause fires or other disasters
D) disrupt access to the building that houses the information systems
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
68
Crisis management is designed to deal primarily with ____.

A) computer systems
B) network devices
C) network data
D) people
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
69
Which of the following is an example of a slow-onset disaster?

A) Earthquake
B) Tornado
C) Mud flow
D) Pest infestation
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
70
A ____ is a fully configured computer facility that needs only the latest data backups and the personnel to function.

A) hot site
B) warm site
C) cold site
D) service bureau
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
71
A warm site ____.

A) includes software applications
B) includes computer equipment
C) can be fully functional within minutes
D) costs more than a hot site
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
72
When a disaster threatens the viability of an organization at the primary site,the ____ is started.

A) crisis management process
B) business continuity process
C) incident response process
D) disaster recovery process
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
73
Which of the following is a responsibility of the crisis management team?

A) Restoring the data from backups
B) Evaluating monitoring capabilities
C) Activating the alert roster
D) Restoring the services and processes in use
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
74
A(n)____ entails a detailed examination of the events that occurred from first detection to final recovery.

A) alert message
B) alert roster
C) after-action review
D) incident damage assessment
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
75
When dealing with an incident,the last action the IR team takes is to ____.

A) create the incident damage assessment
B) conduct an after-action review
C) restore data from backups
D) restore services and processes in use
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
76
Which of the following is true about a hot site?

A) It is an empty room with standard heating, air conditioning, and electrical service.
B) It includes computing equipment and peripherals with servers but not client workstations.
C) It duplicates computing resources, peripherals, phone systems, applications, and workstations.
D) All communications services must be installed after the site is occupied.
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
77
As part of DR plan readiness,each employee should have two types of ____ information cards in his or her possession at all times.

A) emergency
B) medical
C) insurance
D) lottery
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
78
Which of the following can be fully functional within minutes?

A) A warm site
B) A hot site
C) A cold site
D) All of these
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
79
No computer hardware or peripherals are provided in a ____.

A) cold site
B) warm site
C) timeshare
D) hot site
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
80
Which of the following is a part of the incident recovery process?

A) Identifying the vulnerabilities that allowed the incident to occur and spread
B) Determining the event's impact on normal business operations and, if necessary, making a disaster declaration
C) Supporting personnel and their loved ones during the crisis
D) Keeping the public informed about the event and the actions being taken to ensure the recovery of personnel and the enterprise
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 114 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree