100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
WGU Digital Forensics in Cybersecurity - C840 $9.49   Add to cart

Exam (elaborations)

WGU Digital Forensics in Cybersecurity - C840

 6 views  0 purchase
  • Course
  • Institution

WGU Digital Forensics in Cybersecurity - C840 Business Continuity Plan (BCP) Correct Answer: A plan for maintaining minimal operations until the business can return to full normal operations. Disaster Recovery Plan (DRP) Correct Answer: A plan for returning the business to full normal opera...

[Show more]

Preview 3 out of 20  pages

  • August 24, 2022
  • 20
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers
avatar-seller
WGU Digital Forensics in Cybersecurity - C840
Business Continuity Plan (BCP) Correct Answer: A plan for maintaining minimal operations until the
business can return to full normal operations.

Disaster Recovery Plan (DRP) Correct Answer: A plan for returning the business to full normal
operations.

International Organization for Standardization (ISO) 27001 standard Correct Answer: It is a code of
practice for implementing an information security management system, against which organizations can
be certified.

National Institute of Standards and Technology (NIST) 800-34 standard Correct Answer: It is entitled
Contingency Planning Guide for Information Technology Systems—thus it is clearly related to business
continuity and disaster recovery.

Business Impact Analysis (BIA) Correct Answer: An analysis of how specific incidents might impact the
business operations.

U.S. National Fire Protection Association (NFPA) 1600 Standard Correct Answer: This is formally titled
Standard on Disaster/Emergency Management and Business Continuity Programs focused on
responding to fire-related incidents.

Maximum Tolerable Downtime (MTD) Correct Answer: The length of time a system can be down before
the business cannot recover.

Mean Time to Repair (MTTR) Correct Answer: The average time needed to repair a given piece of
equipment.

Mean time to failure (MTTF) Correct Answer: How long, on average, before a given piece of equipment
will fail through normal use.

Recovery Point Objective (RPO) Correct Answer: The amount of work that might need to be redone, or
data lost.

Recovery Time Objective (RTO) Correct Answer: The time that the system is expected to be back up.
This must be less than MTD.

Single Loss Expectancy (SLE) Correct Answer: The expected monetary loss every time a risk occurs.

Single Loss Expectancy (SLE) formula Correct Answer: Asset Value (AV) x Exposure Factor (EF)

Annualized Loss Expectancy (ALE) Correct Answer: Expected monetary loss for an asset due to a risk
over a one-year period calculated by multiplying single loss expectancy by annualized rate of
occurrence.

,Annualized Loss Expectancy (ALE) formula Correct Answer: Single Loss Expectancy (SLE) * Annual Rate
of Occurrence (ARO)

Annual Rate of Occurrence (ARO) Correct Answer: The number of times an incident is expected to occur
in a year

Damage Potential, Reproducibility, Exploitability, Affected Users, and Discoverability (DREAD) Correct
Answer: It is a mnemonic for risk rating using five categories and an effective model for evaluating the
impact of an attack.

Remote Network MONitoring (RMON) Correct Answer: Developed by the Internet Engineering Task
Force (IETF) in order to support network monitoring and protocol analysis.

Mean squared deviation (MSD) formula Correct Answer: It is relatively simple and provides insight into
how any system deviates from expectations. This is sometimes referred to as the mean squared error.

Mean percentage error (MPE) formula Correct Answer: It is the arithmetic mean of errors from
modeling. This metric compares expected values to actual values and calculates mean error.

Ishikawa diagrams Correct Answer: Commonly used engineering tool in failure mode and effects
analysis (FMEA) in engineering and are sometimes called "fish diagrams"

full backup Correct Answer: Backup that copies all data from a system.

differential backup Correct Answer: All changes since the last full backup

incremental backup Correct Answer: Backup that copies only the changed data since the last backup.

Detection step Correct Answer: 1st step in incident response

Containment step Correct Answer: 2nd step in incident response

Eradication step Correct Answer: 3rd step in incident response

Recovery step Correct Answer: 4th step in incident response

Follow-Up step Correct Answer: 5th step in incident response

Malicious code, Denial of service, Unauthorized access, & Inappropriate usage Correct Answer: NIST
800-61 classifies incidents into the following events on a system or network.

Hierarchical storage management (HSM) Correct Answer: Continuous online backup storage.

Continuity of Operations Plan (COOP) Correct Answer: A predetermined set of instructions or
procedures that describe how an organization's mission essential functions will be sustained within 12
hours and for up to 30 days as a result of a disaster event before returning to normal operations.

, Contain the intrusion Correct Answer: Once an intrusion into your organization's information system
has been detected, what action should be done next?

Scope and Plan Initiation Correct Answer: Business Continuity Plan development depends most on.

Moore's law or Moore's observation Correct Answer: The observation by Gordon Moore of Intel
Corporation that capacity would double, and price would be cut in half roughly every 18 to 24 months
for products based on computer chips and related technology.

Cloud Computing Correct Answer: The practice of delivering hosted services over the internet. This can
be software as a service, platform as a service, or infrastructure as a service.

Speed of accessing data & Fault tolerance Correct Answer: What is the main advantage of cloud
computing?

Type# adb connect ipaddress Correct Answer: How would you connect to a smart TV with ADB?

Adhere to the jurisdiction with the most restrictive requirements Correct Answer: When performing
forensic analysis on devices from diverse jurisdictions, the proper approach is to:

How fast computing power improves Correct Answer: Moore's law concerns which of the following?

Chain of custody process Correct Answer: In a computer forensics investigation, this describes the route
that evidence takes from the time you find it until the case is closed or goes to court

Shut the computer down according to the recommended Secret Service procedure Correct Answer:
What the secret service recommends you doing if a computer is turned on when you arrive

In case other devices are connected Correct Answer: Why should you note all cable connections for a
computer you want to seize as evidence?

The essence of the Daubert standard Correct Answer: That only tools or techniques that have been
accepted by the scientific community are admissible at trial

Preserve evidence integrity Correct Answer: The primary goal when cataloging digital evidence

Important to investigators regarding logging Correct Answer: Logging methods, log retention, and
location of stored logs

Anti-forensics Correct Answer: the actions that perpetrators take to conceal their locations, activities, or
identities.

Cell-phone forensics Correct Answer: The process of searching the contents of cell phones

Chain of custody Correct Answer: the continuity of control of evidence that makes it possible to account
for all that has happened to evidence between its original collection and its appearance in court,
preferably unaltered.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller HIGHFLYER. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79223 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.49
  • (0)
  Add to cart