02 Jun CIS 359 Midterm Exam Set 2 NEW
1. One of the primary responsibilities of the IRP team is to ensure that the ____ is prepared to respond to each incident it may face.
2. A(n) ____ is a detailed examination of the events that occurred, from first detection of an incident to final recovery.
3. ____ is the process of systematically examining information assets for evidentiary material that can provide insight into how an incident transpired.
4. The Southeast Collegiate Cyber Defense Competition is unique in that it focuses on the operational aspect of managing and protecting an existing network infrastructure. Unlike “capture-the-flag ” exercises, this competition is exclusively a real-world ____ competition.
5. Should an incident begin to escalate, the CSIRT team leader continues to add resources and skill sets as necessary to attempt to contain and terminate the incident. The resulting team is called the ____ for this particular incident.
6. A(n) ____ is a CSIRT team member, other than the team leader, who is currently performing the responsibilities of the team leader in scanning the organization’s information infrastructure for signs of an incident.
7. The training delivery method with the lowest cost to the organization is ____.
8. The U.S. National Institute of Standards and Technology recommends a set of tools for the CSIRT including incident reporting mechanisms with which users can report suspected incidents. At least one of these mechanisms should permit people to report incidents ____.
9. A(n) ____ is an object, person, or other entity that is a potential risk of loss to an asset.
10. A(n) ____ is used to anticipate, react to, and recover from events that threaten the security of information and information assets in an organization; it is also used to restore the organization to normal modes of business operations;
11. A ____ is a document that describes how, in the event of a disaster, critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site.
12. ____ hack systems to conduct terrorist activities through network or Internet pathways.
13. ____ is the risk control approach that attempts to reduce the impact caused by the exploitation of vulnerability through planning and preparation.
14. ____ ensures that only those with the rights and privileges to access information are able to do so.
15. ____ is a risk control approach that attempts to shift the risk to other assets, other processes, or other organizations.
16. A ____ attack seeks to deny legitimate users access to services by either tying up a server’s available resources or causing it to shut down.
17. Information assets have ____ when authorized users – persons or computer systems – are able to access them in the specified format without interference or obstruction.
18. The purpose of the ____ is to define the scope of the CP operations and establish managerial intent with regard to timetables for response to incidents, recovery from disasters, and reestablishment of operations for continuity.
19. The ____ job functions and organizational roles focus on protecting the organization’s information systems and stored information from attacks.
20. The ____ is the point in time by which systems and data must be recovered after an outage as determined by the business unit.
21. Within an organization, a(n) ____ is a group of individuals who are united by shared interests or values and who have a common goal of making the organization function to meet its objectives.
22. The ____ is used to collect information directly from the end users and business managers.
23. The final component to the CPMT planning process is to deal with ____.
24. The last stage of a business impact analysis is prioritizing the resources associated with the ____, which brings a better understanding of what must be recovered first.
25. The ____ is an investigation and assessment of the impact that various events or incidents can have on the organization.
26. The ____ job functions and organizational roles focus on costs of system creation and operation, ease of use for system users, timeliness of system creation, and transaction response time.
27. A(n) ____ is an extension of an organization’s intranet into cloud computing.
28. A ____ is a contractual document guaranteeing certain minimal levels of service provided by a vendor.
29. A ____ is an agency that provides physical facilities in the event of a disaster for a fee.
30. A(n) ____ is often included in legal documents to ensure that a vendor is not liable for actions taken by a client.
31. An organization aggregates all local backups to a central repository and then backs up that repository to an online vendor, with a ____ backup strategy.
32. A ____ is commonly a single device or server that attaches to a network and uses TCP/IP-based protocols and communications methods to provide an online storage environment.
33. A potential disadvantage of a ____ site-resumption strategy is that more than one organization might need the facility simultaneously.
34. Some recovery strategies seek to improve the ____ of a server or system in addition to, or instead of, performing backups of data.
35. RAID 0 creates one logical volume across several available hard disk drives and stores the data using ____, in which data segments are written in turn to each disk drive in the array.
36. The determination of what systems fall under the CSIRT ’s responsibility is called its ____.
37. Those services performed in response to a request or a defined event such as a help desk alert are called ____.
38. In the absence of the assigned team manager, the ____ should assume authority for overseeing and evaluating a provided service.
39. When an organization completely outsources its IR work, typically to an on-site contractor, it is called a(n) ____ model.
40. The champion for the CSIRT may be the same person as the champion for the entire IR function—typically, the ____.
41. A CSIRT model that is effective for large organizations and for organizations with major computing resources at distant locations is the ____.
42. The announcement of an operational CSIRT should minimally include ____.
43. A key step in the ____ approach to incident response is to discover the identify of the intruder while documenting his or her activity.
44. Using a process known as ____, network-based IDPSs look for attack patterns by comparing measured activity to known signatures in their knowledge base to determine whether or not an attack has occurred or may be under way.
45. The ____ is a federal law that creates a general prohibition on the realtime monitoring of traffic data relating to communications.
46. The ____ approach for detecting intrusions is based on the frequency with which certain network activities take place.
47. A(n) ____ , a type of IDPS that is similar to the NIDPS, reviews the log files generated by servers, network devices, and even other IDPSs.
48. ____ are closely monitored network decoys serving that can distract adversaries from more valuable machines on a network; can provide early warning about new attack and exploitation trends; and can allow in-depth examination of adversaries during and after exploitation.
49. In an attack known as ____, valid protocol packets exploit poorly configured DNS servers to inject false information to corrupt the servers’ answers to routine DNS queries from other systems on that network.
A(n) ____ is the set of rules and configuration guidelines governing the implementation and operation of IDPSs within the or
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.