The ability of an agency to continue to function even after a disastrous event, accomplished through the deployment of redundant hardware and software, the use of fault tolerant systems, as well as a solid backup and recovery strategy is known as:
A. Business Continuity Plan
B. Business Continuity
C. Disaster Planning
D. Contingency Planning
Answer:
B
Discussions
0/ 1000
Question 2
Business Continuity provides a planning methodology that allows continuity in business operations:
A. Before and after a disaster
B. Before a disaster
C. Before, during and after a disaster
D. During and after a disaster
Answer:
C
Discussions
0/ 1000
Question 3
Which test is conducted to determine the incident recovery procedures effectiveness?
A. Live walk-throughs of procedures
B. Scenario testing
C. Department-level test
D. Facility-level test
Answer:
A
Discussions
0/ 1000
Question 4
Business Continuity planning includes other plans such as:
A. Incident/disaster recovery plan
B. Business recovery and resumption plans
C. Contingency plan
D. All the above
Answer:
D
Discussions
0/ 1000
Question 5
The process of rebuilding and restoring the computer systems affected by an incident to normal operational stage including all the processes, policies and tools is known as:
A. Incident Management
B. Incident Response
C. Incident Recovery
D. Incident Handling
Answer:
C
Discussions
0/ 1000
Question 6
To whom should an information security incident be reported?
A. It should not be reported at all and it is better to resolve it internally
B. Human resources and Legal Department
C. It should be reported according to the incident reporting & handling policy
D. Chief Information Security Officer
Answer:
C
Discussions
0/ 1000
Question 7
Incident may be reported using/ by:
A. Phone call
B. Facsimile (Fax)
C. Email or on-line Web form
D. All the above
Answer:
D
Discussions
0/ 1000
Question 8
Agencies do NOT report an information security incident is because of:
A. Afraid of negative publicity
B. Have full knowledge about how to handle the attack internally
C. Do not want to pay the additional cost of reporting an incident
D. All the above
Answer:
A
Discussions
0/ 1000
Question 9
According to US-CERT; if an agency is unable to successfully mitigate a DOS attack it must be reported within:
A. One (1) hour of discovery/detection if the successful attack is still ongoing
B. Two (2) hours of discovery/detection if the successful attack is still ongoing
C. Three (3) hours of discovery/detection if the successful attack is still ongoing
D. Four (4) hours of discovery/detection if the successful attack is still ongoing
Answer:
B
Discussions
0/ 1000
Question 10
Incidents are reported in order to:
A. Provide stronger protection for systems and data
B. Deal properly with legal issues
C. Be prepared for handling future incidents
D. All the above
Answer:
D
Discussions
0/ 1000
Question 11
A methodical series of techniques and procedures for gathering evidence, from computing equipment and various storage devices and digital media, that can be presented in a court of law in a coherent and meaningful format is called:
A. Forensic Analysis
B. Computer Forensics
C. Forensic Readiness
D. Steganalysis
Answer:
B
Discussions
0/ 1000
Question 12
Electronic evidence may reside in the following:
A. Data Files
B. Backup tapes
C. Other media sources
D. All the above
Answer:
D
Discussions
0/ 1000
Question 13
The person who offers his formal opinion as a testimony about a computer crime incident in the court of law is known as:
A. Expert Witness
B. Incident Analyzer
C. Incident Responder
D. Evidence Documenter
Answer:
A
Discussions
0/ 1000
Question 14
The correct order or sequence of the Computer Forensic processes is:
A. Preparation, analysis, examination, collection, and reporting
B. Preparation, collection, examination, analysis, and reporting
C. Preparation, examination, collection, analysis, and reporting
D. Preparation, analysis, collection, examination, and reporting
Answer:
B
Discussions
0/ 1000
Question 15
Which of the following is NOT one of the Computer Forensic types: