Question 1.docx



Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0

Question 1.docx Uploaded by Sri Harsha



Bestsellers



Books



Audiobooks











Save

Embed

Share

Print

1

Download



Magazines



News



Documents

High-level Principles for

of 10

 

ISM Practice Test

Midterm

 Search document



Question 1



Sheet Music

2 out o

A Disaster Recovery Plan (DR plan) deals with identifying, classifying, responding to, and recovering from an incident. Selected Answer

!alse

Question 2

2 out o

A """" attac# see#s to deny legitimate users access to services $y either tying up a server%s availa$le resources or causing it to shut down. Selected Answer

$.

DoS Question 3

2 out o

A """" deals with the preparation for and recovery from a disaster, whether natural or man&made. Selected Answer

a.

disaster recovery plan Question 4

2 out o

A """" is a document that descri$es how, in the event of a disaster, critical $usiness functions continue at an alternate location while the organi'ation recovers its a$ility to function at the primary site. Selected Answer

c.

continuity plan Master your semester with$usiness Scribd Read Free Foron 30this Days Sign up to vote title Question 5 & The New York Times  Useful  Not useful Special offer for students: Only $4.99/month.

 

Cancel anytime.

A(n) """" is a plan or course of action used $y an organi'ation to convey

2 out o





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music

Master your semester with Scribd & The New York Times Special offer for students: Only $4.99/month.



Upload

Sign In

Read Free For 30 Days Cancel anytime.

Join





Search



Home



Saved

802 views

1



Sign In

Upload

RELATED TITLES

0




Bestsellers



Books



Audiobooks











Save

Embed

Share

Print

Magazines



News



Documents



Sheet Music


1

Download



Join

of 10

 

ISM Practice Test

Midterm

 Search document



$usiness impact analysis (A) Question 7

2 out o

A(n) """" is an o$*ect, person, or other entity that is a potential ris# of loss to an asset. Selected Answer

c.

threat Question 8

2 out o

A(n) """" is any clearly identi+ed attac# on the organi'ation%s information assets that would threaten the assets% con+dentiality, integrity, or availa$ility. Selected Answer

a.

incident Question 9

2 out o

You're Reading a Preview

A(n) """" is used to anticipate, react to, and recover from events that Unlock and full access with a free trial.assets in an threaten the security of information information organi'ation it is also used to restore the organi'ation to normal modes of $usiness operations Download With Free Trial Selected Answer

c.

contingency plan Question 10

2 out o Master your semester with Scribd  Read Free Foron 30this Days Sign up to vote title  """""""""""""""""""" is de+ned as a -aw or  wea#ness system & TheA(n) New York Times Useful in Not useful security procedures, design, implementation, or internal controls that

Special offer for students: Only $4.99/month.

Cancel anytime.

could $e e/ercised (accidentally triggered or intentionally e/ploited) and





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0




Bestsellers



Books



Audiobooks









Save

Embed

Share

Print

Magazines



News



Documents


1

Download







of 10

 

ISM Practice Test

Midterm

 Search document



or protect5 Sheet Music

7hich information assets would cause more lia$ility5 Depending on answers to the a$ove 4uestions, the weighted factor is assigned and are arranged in order of importance.

Question 12

2 out o

!or the purpose of ma#ing relative ris# assessments, we can say that """""""""""""""""""" e4uals the li#elihood of a vulnera$ility occurring times the value (or impact) of that asset to the organi'ation minus the percentage of ris# that is already $eing controlled plus an element of uncertainty. Selected Answer

ris#

Question 13

eed

:ow is a $usiness continuity (;) plan di

purpose of $eing a$le to recover in case of any disaster. 6he data is stored in a secondary site and the plans Unlock are made to access and recover that data in case full access with a free trial. of any disaster. 7hereas, the $usiness continuity plan is the planning and oversight of management that must ma#eDownload sure that the functions With6Free Trial are operated without any interruption if any system or emterprise fails. 6he $usiness continuity is $usiness centric and not data centric.

Question 14

2 out o

Master your semester with Scribd  Read Free Foron 30this Days Sign up to vote title ntellectual property (P) includes trade secrets, copyrights, trademar#s,  & Theand New York Times patents.  Useful  Not useful Special offer for students: Only $4.99/month. Selected Answer

Question 15

Cancel anytime.

6rue





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Upload

Sign In

RELATED TITLES

0




Bestsellers



Books



Audiobooks Magazines



News



Documents













Save

Embed

Share

Print


1

Download



Join

of 10

 

ISM Practice Test

Midterm

 Search document



Acceptance 6ermination

Sheet Music

Question 16

eed

Provide $rief descriptions for access control lists (A;>s) and con+guration rules. Selected A;>s are $asically a set of commands, grouped together $y a num$er or name Answer that is used to +lter tra@c entering or leaving an interface.

n$ound A;>sncoming pac#ets are processed $efore they are routed to an out$ound interface. An in$ound A;> is e@cient $ecause it saves the overhead of routing loo#ups if the pac#et will $e discarded after it is denied $y the +ltering tests. f the pac#et is permitted $y the tests, it is processed for routing. =ut$ound A;>sncoming pac#ets are routed to the out$ound interface and then processed through the out$ound A;>. 6ypes of Access ;ontrols . ?andatory access controls (?A;) give users and data owners limited control over access to information 2. ondiscretionary controls managed $y a central authority in organi'ation can $e $ased on individual%s role or a speci+ed set of assigned tas#s B. Discretionary access controls (DA;) implemented at discretion or option of data user C. >attice&$ased access control variation of ?A; users assigned matri/ of You're Reading a Preview authori'ations for areas of access ;on+guration rules Unlock full access with a free trial. . A;> statements are processed top&down until a match is found, and then no more statements in the list are processed. 2. f no match is found in the Download A;>, the pac#et is dropped With Free Trial (implicit deny). B. ach A;> needs either a uni4ue num$er or a uni4ue name. C. 6he router cannot +lter tra@c that it, itself, originates. E. Fou can have only one P A;> applied to an interface in each direction (in$ound and out$ound) you can8t have two or more in$ound or out$ound A;>s applied to the same interface. G. Applying an empty A;> to an interface permits all tra@c $y default in order  Read Free Foron 30this Days Sign up to title for an A;> to have an implicit deny statement, you need atvote least one actual  permit or deny statement. Not useful  Useful  Cancel anytime. H. Remem$er the num$ers you can use for P A;>s.Standard A;>s can use Special offer for students: Only $4.99/month. num$ers ranging IJJ and BKKIJJJ, and e/tended A;>s can use KKIJJ and 2KKKI 2GJJ.

Master your semester with Scribd & The New York Times





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0




Bestsellers



Books



Audiobooks









Save

Embed

Share

Print

Magazines



News



Documents Sheet Music


1

Download







Selected Answer

of 10

 

ISM Practice Test

Midterm

 Search document



c.

information security managers Question 18

2 out o

A $usiness impact analysis (A) identi+es threats, vulnera$ilities, and potential attac#s to determine what controls can protect the information. Selected Answer

!alse

Question 19

2 out o

A weighted analysis ta$le can $e useful in resolving the issue of which $usiness function is the most critical to the organi'ation. Selected Answer

6rue

Question 20

2 out o

A(n) """""""""""""""""""" is the collection of individuals responsi$le for the overall planning and development of the contingency planning process. Selected Answer

Question 21

You're Reading a Preview ;P?6 Unlock full access with a free trial.

eed

Download With Free Trial riey descri$e three #ey downtime metrics. Selected ?a/imum 6olera$le Downtime t represents the total amount of Answer time the system owner is willing to accept for a $usiness process outage and

includes all impact considerations. Recovery 6ime =$*ective 6he period of time witin which systems, applications or functions should $e recovered after an outage. 6he  Free Foron 30this Sign up to vote title recovery time o$*ectives are used as the $asis forRead development ofDays recovery  strategies. Not useful  Useful  Cancel anytime. Recovery Point =$*ective 6he point in time to which lost Special offer for students: Only $4.99/month. systems and data can $e recovered after an outage as determined $y the $usiness. t is also referred to the ma/imum accepta$le data loss.

Master your semester with Scribd & The New York Times





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

RELATED TITLES

0




Bestsellers



Books



Audiobooks Magazines



News



Documents













Save

Embed

Share

Print


1

Download



Join

of 10

 

ISM Practice Test

Midterm

 Search document




Selected Answer

6rue

Question 24

eed

:ow does the length of the recovery time o$*ective (R6=) of a contingency plan a
the $est solution. f the R6= is +ve days, then tape, recorda$le compact dis# or o
Question 25

2 out o

n a ;P?6, a(n) """" leads the pro*ect to ma#e sure a sound pro*ect planning process is used, a complete and useful pro*ect plan is developed, and pro*ect resources are prudently managed. Selected Answer

d. Reading a Preview You're

pro*ect manager

Question 26

Unlock full access with a free trial.

eed

Download With Free Trial

n one or two sentences, de+ne $usiness impact analysis (A). Selected 6he $usiness impact analysis is the systematic process to determine and Answer evaluate the potential e
a result of disaster. t is an essential component of organi'ation8s $usiness Master youras semester with Scribd  continuity plan. Read Free Foron 30this Days Sign up to vote title  Question 27 & The New York Times  Useful  Not useful K out o Special offer for students: Only $4.99/month.

Cancel anytime.





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0




Bestsellers



Books



Audiobooks











Save

Embed

Share

Print


1

Download



Magazines



News



Documents

 

of 10

ISM Practice Test

Midterm

 Search document



2 out o



Sheet Music

6he """" is the period of time within which systems, applications, or functions must $e recovered after an outage. Selected Answer

d.

recovery time o$*ective Question 30

2 out o

6he """" is the point in time $y which systems and data must $e recovered after an outage as determined $y the $usiness unit. Selected Answer

c.

recovery point o$*ective Question 31

2 out o

6he """" is used to collect information directly from the end users and $usiness managers. Selected Answer

d.

You're Reading a Preview facilitated data&gathering session Question 32


2 out o


6he """" *o$ functions and organi'ational roles focus on costs of system creation and operation, ease of use for system users, timeliness of system creation, and transaction response time. Selected Answer

$.

information and professionals Master your semester withtechnology Scribd management  Read Free Foron 30this Days Sign up to vote title  Question 33 & The New York Times  Useful  Not useful 2 out o Special offer for students: Only $4.99/month.

Cancel anytime.

6he """" *o$ functions and organi'ational roles focus on protecting th





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

RELATED TITLES

0




Bestsellers



Books



Audiobooks











Save

Embed

Share

Print

Magazines



News



Documents


1

Download



Join

of 10

 

ISM Practice Test

Midterm

 Search document



Question 35



Sheet Music

2 out o

6he downtime metric, """""""""""""""""""", is also referred to as ma/imum accepta$le data loss. Selected Answer

Recovery Point =$*ective

Question 36

2 out o

A """" is a contractual document guaranteeing certain minimal levels of service provided $y a vendor. Selected Answer

c.

service agreement Question 37

2 out o

A """" is a synonym for a virtuali'ation application. Selected Answer

d.

hypervisor Question 38


2 out o


A """" is an agency that provides physical facilities in the event of a Download With Free Trial disaster for a fee. Selected Answer

$.

service $ureau Question 39

Master your semester with Scribd  2 out o Read Free Foron 30this Days Sign up to vote title  & TheA New York Times Useful Not useful   """" is commonly a single device or server that attaches to a networ# Special offer for students: Only $4.99/month.protocols and uses 6;P9P&$ased

an online storage environment.

Cancel anytime.

and communications methods to provide





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0




Bestsellers



Books



Audiobooks











Save

Embed

Share

Print

1

Download



Magazines



News



Documents


of 10

 

ISM Practice Test

Midterm

 Search document



Question 41



Sheet Music

2 out o

A potential disadvantage of a """" site&resumption strategy is that more than one organi'ation might need the facility simultaneously. Selected Answer

a.

time&share Question 42

2 out o

A resumption location #nown as a """" is a fully con+gured computer facility capa$le of esta$lishing operations at a moment%s notice. Selected Answer

$.

hot site Question 43

K out o

A(n) """" $ac#up only archives the +les that have $een modi+ed since the last $ac#up. You're Reading c. a Preview

Selected Answer

di

Question 44

2 out o


A(n) """" covers the con+dentiality of information from everyone unless disclosure is mandated $y the courts. Selected Answer

d.

Master your semester with Scribd agreement nondisclosure Read Free Foron 30this Days Sign up to vote title Question 45 & The New York Times  Useful  Not useful Special offer for students: Only $4.99/month.

Cancel anytime.

A(n) """" is an agreement in which the client agrees not to use the

 

2 out o





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join





Search



Home



Saved

802 views

1



Sign In

Upload

Join

RELATED TITLES

0




Bestsellers



Books



Audiobooks











Save

Embed

Share

Print

1

Download



Magazines



News



Documents



Sheet Music


of 10

 

ISM Practice Test

Midterm

 Search document



private cloud Question 47

2 out o

A(n) """" is often included in legal documents to ensure that a vendor is not lia$le for actions ta#en $y a client. Selected Answer

d.

statement of indemni+cation Question 48

2 out o

A(n) """""""""""""""""""" is a duplicate facility that needs only the latest data $ac#ups and the personnel to function. Selected Answer

:ot site

Question 49

2 out o

Advances in cloud computing have opened a new +eld in application redundancy and $ac#up. ecause organi'ations that lease """" are in Reading a Preview e
Download With Free Trial d.

SaaS

Question 50

2 out o

Master your semester f an intruder can """" a with device,Scribd then no electronic protection can deter Read Free Foron 30this Days Sign up to vote title  the loss of information. & TheSelected NewAnswer York Times  Useful  Not useful d. Special offer for students: Only $4.99/month.

Cancel anytime.

physically access





Home



Saved



Bestsellers



Books



Audiobooks



Magazines



News



Documents



Sheet Music




Upload

Sign In


Join



Question 1.docx

Recommend Documents