Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIST 1601 Quiz Questions and Exam Review: Chapter 7, Exams of Information Security and Markup Languages

A collection of quiz questions and exam review material for cist 1601, focusing on chapter 7. It covers key concepts related to disaster recovery, incident response, and digital forensics. Multiple-choice questions with answers, offering a valuable resource for students preparing for exams or quizzes.

Typology: Exams

2024/2025

Available from 12/07/2024

Martin-Ray-1
Martin-Ray-1 🇺🇸

5

(8)

6.1K documents

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CIST 1601 5 quiz question, CIST 1601
Chapter 7 Exam with Latest Questions
and Answers.
A ____ is an agency that provides physical facilities in the event of a
disaster for a fee. - ✔✔service bureau.
A crime involving digital media, computer technology, or related
components may best be called an act of _____. - ✔✔digital
malfeasance
A fundamental difference between a BIA and risk management is that
risk management focuses on identifying threats, vulnerabilities, and
attacks to determine which controls can protect information, while the
BIA assumes _____. - ✔✔all of above
A potential disadvantage of a timeshare site-resumption strategy is: -
✔✔more than one organization might need the facility.
Data backup should be based on a(n) ____ policy that specifies how
long log data should be maintained . - ✔✔incident response.
Digital forensics involves the _____, identification, extraction,
documentation, and interpretation of digital media. - ✔✔preservation
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download CIST 1601 Quiz Questions and Exam Review: Chapter 7 and more Exams Information Security and Markup Languages in PDF only on Docsity!

CIST 1601 5 quiz question, CIST 1601

Chapter 7 Exam with Latest Questions

and Answers.

A ____ is an agency that provides physical facilities in the event of a disaster for a fee. - ✔✔service bureau. A crime involving digital media, computer technology, or related components may best be called an act of _____. - ✔✔digital malfeasance A fundamental difference between a BIA and risk management is that risk management focuses on identifying threats, vulnerabilities, and attacks to determine which controls can protect information, while the BIA assumes _____. - ✔✔all of above A potential disadvantage of a timeshare site-resumption strategy is: - ✔✔more than one organization might need the facility. Data backup should be based on a(n) ____ policy that specifies how long log data should be maintained. - ✔✔incident response. Digital forensics involves the _____, identification, extraction, documentation, and interpretation of digital media. - ✔✔preservation

Each of the following is a role for the crisis management response team EXCEPT: - ✔✔transient symptoms Ideally, the _____, systems administrators, the chief information security officer (CISO), and key IT and business managers should be actively involved during the creation and development of all CP components - ✔✔The CEO The detailed documentation of the collection, storage, transfer, and ownership of evidentiary material from the crime scene through its presentation in court and its eventual disposition. is called a(n) _____. - ✔✔chain of evidence The maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources is ____. - ✔✔recovery time object (RTO) The most common schedule for tape-based backup is a _____ backup, either incremental or differential, with a weekly off-site full backup. - ✔✔daily on-site The point in time before a disruption or system outage to which business process data can be recovered after an outage is ____. - ✔✔recovery point object

_____ is the rapid determination of the scope of the breach in the confidentiality, integrity, and availability of information and information assets during or just following an incident. - ✔✔damaged assessment The ability to detect a target computer's __________ is very valuable to an attacker. a. peripherals b. operating system c. manufacturer d. BIOS - ✔✔operating system A(n) NIDPS functions on the host system, where encrypted traffic will have been decrypted and is available for processing.


True False - ✔✔False __________ is the process of classifying IDPS alerts so that they can be more effectively managed. a. Alarm filtering

b. Alarm attenuation c. Alarm clustering d. Alarm compaction - ✔✔Alarm filtering Which of the following is NOT a described IDPS control strategy? a. centralized b. fully distributed c. partially distributed d. decentralized - ✔✔decentralized __________ are usually passive devices and can be deployed into existing networks with little or no disruption to normal network operations. a. HIDPSs b. NIDPSs c. AppIDPSs d. SIDPSs - ✔✔NIDPSs To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive.

d. stat IDPS - ✔✔LFM Which of the following ports is commonly used for the HTTP protocol? a. 20 b. 25 c. 53 d. 80 - ✔✔ 80 The integrity value, which is based upon fuzzy logic, helps an administrator determine how likely it is that an IDPS alert or alarm indicates an actual attack in progress. _________________________ True False - ✔✔False A(n) __________ IDPS is focused on protecting network information assets. a. application-based b. server-based c. network-based d. host-based - ✔✔network-based

Network behavior analysis system __________ sensors are typically intended for network perimeter use, so they are deployed in close proximity to the perimeter firewalls, often between the firewall and the Internet border router to limit incoming attacks that could overwhelm the firewall. a. passive b. inline c. bypass d. offline - ✔✔inline A padded cell is a hardened honeynet. _________________________ True False - ✔✔False To determine whether an attack has occurred or is underway, NIDPSs compare measured activity to known __________ in their knowledge base. a. signatures b. vulnerabilities c. footprints