Preview

Quiz Week 5

Satisfactory Essays
Open Document
Open Document
381 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Quiz Week 5
Quiz Week 5
Victor Sabani
ITT Technical Institute

Quiz Week 5
Quiz Questions
1. What is the purpose of a CIRT plan? Describe what this plan does and what other plan it ties into.
The purpose of the CIRT plan is to identify which group is responsible for what. It also provides information for the DRP.
2. Describe what the three models are for a CIRT plan based on the NIST SP 800-61 template.
Critical incident response team, Distributed incident response teams, and the Coordinating team
3. Define three of the responsibilities that an Incident Response Team would have. List them and describe the responsibilities.
Develop Responsibilities generic procedures to respondto an incedent, determine cuase of incident determine best response to an incident, and protect collected evidence, to ensure that there is noo tampering of evidence.
4. As much as 80% of all incidents are a result of internal attacks. List four inappropriate usages from users.
File sharing P2P, access web sites that are prohibited, purposely do things not supposed to according to the AUP, and spam coworkers.
5. List and explain three basic protection steps you can take to ensure all servers are hardened, thus reducing incidents.
You can enable firewalls to block ports, have up to date AV software, reduce the attack surface disabling services not used/.
6. Define a DRP and explain when it is invoked.
A DRP according to the book is a plan of what to do when something happens. It is invoked after a incident.
7. Describe two CSFs for a DRP.
Two CSFs for a DRP are management support, a disaster recovery budget.
8. Explain what Recovery Time Objective (RTO) is and why the DRP needs to be written to meet it.
A RTO is the time needed to recover a system, so the MAO can be accurate.
9. Describe the advantages and disadvantages for each of the DRP location possibilities.
A Cold site is cheap, a warm site is not to expensive to maintain, and a hot siteis the easiest to test.
10. List and describe

You May Also Find These Documents Helpful

  • Good Essays

    RLOT2 Task 2 B rev 1

    • 569 Words
    • 2 Pages

    Defense in Depth provides the university several layers of protection. Starting at the endpoints, host intrusion protection (HIPS), should be installed on each Device. Properly installed, HIPS will not permit the installation of unauthorized programs. This was the root cause of the (D)DoS recently experienced. At the routers access control lists (ACLs) must be put in place to allow only traffic with a legitimate protocol and destination. Between the routers and the endpoint a firewall solution must be put in place. The firewall must be configured to allow only allowed protocols and port numbers to communicate with specific destinations. Between the firewall and endpoint a (D)DoS a detection tool (such as Arbor’s Prevail) must be put in place. This measure not only allows for quick detection of (D)DoS it also permits the automatic mitigation of the…

    • 569 Words
    • 2 Pages
    Good Essays
  • Good Essays

    is4680 lab #2

    • 630 Words
    • 2 Pages

    Windows Hardening Defense, starts with the basics, Log in with least amount of privileges. Always use Firewall and AV. Monitor channels for security advisories and alerts. Know your system(s). Patch early and patch often, Unpatched Systems are the lowest of low hanging fruit. Have a patch policy documented and stick with it. Review patches as they are released and determine criticality based on the exploit, threat footprint for your system(s), and whether or not there is a POC or fully weapon exploit in the wild. When possible, test patches before rolling out in production on servers. Most clients should have automatic updates enabled for the OS and any application listening on a socket or used with untrusted data (java, adobe, browsers, etc...) Servers should be updated during maintenance windows if possible and depending on criticality (of threat and server).…

    • 630 Words
    • 2 Pages
    Good Essays
  • Good Essays

    Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.…

    • 1164 Words
    • 7 Pages
    Good Essays
  • Good Essays

    IS3110 U5D1

    • 712 Words
    • 3 Pages

    Remove unnecessary services, applications, and network protocols to reduce exploits on applications you commonly are not using.…

    • 712 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    2. What is the difference between the disaster recovery plan (DRP) and a business continuity…

    • 314 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Unit 2 Lan

    • 272 Words
    • 2 Pages

    Weekly tasks or assignments (Individual or Group Projects) will be due by Monday and late submissions will be assigned a late penalty in accordance with the late penalty policy found in the syllabus. NOTE: All submission posting times are based on midnight Central Time.…

    • 272 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Bsbwor501A - Assessment

    • 1439 Words
    • 6 Pages

    Q2: Explain “meaningful and achievable objectives of a project”. Please give 1 example of each.…

    • 1439 Words
    • 6 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Lab 9

    • 1001 Words
    • 3 Pages

    Unauthorized access to data centers, computer rooms and wiring closets, servers must be shut down occasionally for maintenance causing network downtime, data can be easily lost or corrupt and recovering critical business functions may take too long to be useful.…

    • 1001 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 7 Lab

    • 293 Words
    • 2 Pages

    4. What is the definition of recovery time Objective (RTO) Why is this important to define n an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or business Continuity Plan (BCP)?…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Given the following list of end-user policy violations and security breaches, select three breaches and identify strategies to control and monitor each event to mitigate risk and minimize exposure.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    quiz 2

    • 651 Words
    • 3 Pages

    1. A null session is basically a pseudoaccount that has no username or password, but can used to access information on ___.…

    • 651 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    In this assignment, I will go over the different items related to the disaster recovery plan. I will go over the purpose of the plan, explain the key elements that go into a plan, the methods of testing the plan, and why we test the plan. All while explaining why the disaster recovery plan is so critical to businesses in the event of an emergency.…

    • 665 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    TEAM 5 GROUP MEMBERS: Tao Zhang Neha Sampath Aprajita Sharma Claton McDonald Jeremy Holthuysen Sunpatakorn Saponwatanun Set different access levels for every customer as well Assign different access levels for every employee. Use a combination of finger print, ID card, and access code to enter data warehouse (archive room).…

    • 375 Words
    • 5 Pages
    Satisfactory Essays
  • Satisfactory Essays

    IS4560 Lab 1 Assessment

    • 292 Words
    • 1 Page

    13. To truly test the IT security team, if they know the attack is coming they can prepare for the attack.…

    • 292 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    Isom Elephant House

    • 6088 Words
    • 25 Pages

    The project is a discussion document regarding a company’s current market position and how Information Technology is used and how it can be further used to remain competitive in the industry today.…

    • 6088 Words
    • 25 Pages
    Satisfactory Essays