Preview

Quiz Week 5

Satisfactory Essays
Open Document
Open Document
381 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Quiz Week 5
Quiz Week 5
Victor Sabani
ITT Technical Institute

Quiz Week 5
Quiz Questions
1. What is the purpose of a CIRT plan? Describe what this plan does and what other plan it ties into.
The purpose of the CIRT plan is to identify which group is responsible for what. It also provides information for the DRP.
2. Describe what the three models are for a CIRT plan based on the NIST SP 800-61 template.
Critical incident response team, Distributed incident response teams, and the Coordinating team
3. Define three of the responsibilities that an Incident Response Team would have. List them and describe the responsibilities.
Develop Responsibilities generic procedures to respondto an incedent, determine cuase of incident determine best response to an incident, and protect collected evidence, to ensure that there is noo tampering of evidence.
4. As much as 80% of all incidents are a result of internal attacks. List four inappropriate usages from users.
File sharing P2P, access web sites that are prohibited, purposely do things not supposed to according to the AUP, and spam coworkers.
5. List and explain three basic protection steps you can take to ensure all servers are hardened, thus reducing incidents.
You can enable firewalls to block ports, have up to date AV software, reduce the attack surface disabling services not used/.
6. Define a DRP and explain when it is invoked.
A DRP according to the book is a plan of what to do when something happens. It is invoked after a incident.
7. Describe two CSFs for a DRP.
Two CSFs for a DRP are management support, a disaster recovery budget.
8. Explain what Recovery Time Objective (RTO) is and why the DRP needs to be written to meet it.
A RTO is the time needed to recover a system, so the MAO can be accurate.
9. Describe the advantages and disadvantages for each of the DRP location possibilities.
A Cold site is cheap, a warm site is not to expensive to maintain, and a hot siteis the easiest to test.
10. List and describe

You May Also Find These Documents Helpful

  • Good Essays

    is4680 lab #2

    • 630 Words
    • 2 Pages

    Windows Hardening Defense, starts with the basics, Log in with least amount of privileges. Always use Firewall and AV. Monitor channels for security advisories and alerts. Know your system(s). Patch early and patch often, Unpatched Systems are the lowest of low hanging fruit. Have a patch policy documented and stick with it. Review patches as they are released and determine criticality based on the exploit, threat footprint for your system(s), and whether or not there is a POC or fully weapon exploit in the wild. When possible, test patches before rolling out in production on servers. Most clients should have automatic updates enabled for the OS and any application listening on a socket or used with untrusted data (java, adobe, browsers, etc...) Servers should be updated during maintenance windows if possible and depending on criticality (of threat and server).…

    • 630 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.…

    • 748 Words
    • 6 Pages
    Satisfactory Essays
  • Good Essays

    IS3110 U5D1

    • 712 Words
    • 3 Pages

    There are several different types of controls that you can take advantage of for securing your servers. Below are official guidelines from the (National Institute for Standards and Technology), or NIST.…

    • 712 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Identify three types of sensitive information involved with each situation. Then, describe three ways in which each information item could be misused or harmed. For each of these, note at least one likely finding that you would include in a risk analysis report of the organization. Finally, answer the questions at the end.…

    • 670 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    2. What is the difference between the disaster recovery plan (DRP) and a business continuity…

    • 314 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Bsbwor501A - Assessment

    • 1439 Words
    • 6 Pages

    Q2: Explain “meaningful and achievable objectives of a project”. Please give 1 example of each.…

    • 1439 Words
    • 6 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Lab 9

    • 1001 Words
    • 3 Pages

    1. What are some common risks, and vulnerabilities commonly found in the System/Application Domain that must be mitigated with proper security countermeasures?…

    • 1001 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 7 Lab

    • 293 Words
    • 2 Pages

    10. In order to craft back-up and recovery procedures, you need to review the IT systems, hardware, software and communications infrastructure needed to support business operations, functions and define how to maximize availability. This alignment of IT systems and components must be based on business operations , functions, and prioritizations. This prioritization is usually the result of a risk assessment and how those risks, threats, and vulnerabilities impact business operations and functions. What is the proper sequence of development and implementation for these following plans?…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Given the following list of end-user policy violations and security breaches, select three breaches and identify strategies to control and monitor each event to mitigate risk and minimize exposure.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    In this assignment, I will go over the different items related to the disaster recovery plan. I will go over the purpose of the plan, explain the key elements that go into a plan, the methods of testing the plan, and why we test the plan. All while explaining why the disaster recovery plan is so critical to businesses in the event of an emergency.…

    • 665 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Disaster Recovery Plan

    • 526 Words
    • 3 Pages

    For each testing method listed, briefly describe each method and your rationale for why it will or will not be included in your DRP test plan.…

    • 526 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    IS4560 Lab 1 Assessment

    • 292 Words
    • 1 Page

    13. To truly test the IT security team, if they know the attack is coming they can prepare for the attack.…

    • 292 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    iss project0

    • 376 Words
    • 1 Page

    2. Other than installing virus and worm control software, what can SLS do to prepare for the next…

    • 376 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Since there is no 100% method to stop external cyber-attacks, attention to detail must be made in regards to proper configuration of the network to include state of the art hardware and software. To include current security patches for both software and hardware respectively. Additionally, hardware and software measures will be limited in their effectiveness without network policies and techniques to protect against external cyber-attacks such as Denial of Service, Distributed Denial of Service, Masquerading and IP Spoofing, Smurf Attacks, Land c Attacks, and Man-in-the-Middle attacks.…

    • 615 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Cialis Case Report

    • 904 Words
    • 4 Pages

    Please find enclosed an analysis of the case “Product Team Cialis: Getting Ready to Market” .The report includes the situational analysis, the problem statement, options, criteria for evaluation, evaluation of options, recommendations, action plan and the contingency plan.…

    • 904 Words
    • 4 Pages
    Powerful Essays