_______ uses a completely different hash generation approach than SHA-2.
A) SHA-1
B) SHA-3
✅✅-B) SHA-3
C) SHA-4
D) SHA-5 -
________ cloud computing uses a shared responsibility model.
A) Private
B) Hybrid
✅✅-C) Public
C) Public
D) Community -
✅✅
_________ activate the disaster recovery environment but do not switch
operations there. - -Parallel tests
✅✅
_________ analyzes and implements possible responses to control risk. -
-Risk Treatment
✅✅
_________ and _________ help ensure a stable operating environment. -
-Change and Configuration Management
_________ are external forces that jeopardize security. - ✅✅-Threats
_________ are methods used by attackers. - ✅✅-Threat Vectors
,_________ are the combination of a threat and a vulnerability. - ✅✅-Risks
_________ are types of full backups. - ✅✅-Snapshots and Images
✅✅
_________ ask each team member to review their role in the disaster recovery
process and provide feedback. - -Read-throughs
_________ assigns numbers to each version. - ✅✅-Versioning
_________ changes business practices to make a risk irrelevant. - ✅✅-Risk
Avoidance
✅✅
_________ continues until the cost of addressing risks outweighs the benefit. -
-SPOF Analysis
_________ cover password security practices. - ✅✅-Password Policies
✅✅
_________ cover the documentation, approval, and rollback of technology
changes. - -Change Management Policies
_________ cover the use of personally identifiable information. - ✅✅-Privacy
Policies
✅✅
_________ cover use of personal devices with company information. -
-Bring Your Own Device (BYOD) Policies
_________ describe an organization's security expectations. - ✅✅-Policies
(mandatory and approved at the highest level of an organization)
_________ describe authorized uses of technology. - ✅✅-Acceptable Use
Policies (AUP)
_________ describe best practices. - ✅✅-Guidelines (recommendations/advice
and compliance is not mandatory)
,_________ describe how to protect sensitive information. - ✅✅-Data Handling
Policies
✅✅
_________ describe specific security controls and are often derived from
policies. - -Standards (mandatory)
✅✅
_________ describe the policies and procedures governing cybersecurity
incidents. - -Incident Response Plans
_________ empty data centers stock with core equipment, network, and
✅✅
environmental controls but do not have servers. Relatively Inexpensive but can
take weeks or even months to become operational. - -Colt Site
✅✅
_________ fully operational data centers stock with equipment an data and are
available at a moment's notice. Very expensive. - -Hot Site
✅✅
_________ gather the team together for a formal review of the disaster recovery
plan. - -Walk-throughs (aka Tabletop exercise)
✅✅-Business Impact Assessment
_________ identifies and prioritizes risks. -
_________ identifies and removes SPOFs. - ✅✅-Single Point of Failure
Analysis
_________ identifies and triages risks. -✅✅-Risk Assessment
_________ identify security issues requiring investigation. - ✅✅-Detective
Control
_________ impact the physical world. - ✅✅-Physical Controls
_________ include a complete copy of all data. - ✅✅-Full Backups
_________ include all data modified since the last full backup. - ✅✅-Differential
Backups
, ✅✅
_________ include all data modified since the last full or incremental backup. -
-Incremental Backups
_________ Initial Risk of an organization. - ✅✅-Inherent Risk
_________ is crucial to effective incident identification. - ✅✅-Monitoring
_________ is the amount of data to recover. - ✅✅-Recovery Point Objective
(RPO)
_________ is the amount of time to restore service. - ✅✅-Recovery Time
Objective (RTO)
_________ is the level of risk an organization is willing to accept. - ✅✅-Risk
Tolerance
_________ is the percentage of service to restore. - ✅✅-Recovery Service
Level (RSL)
_________ leads to strong incident response. - ✅✅-Prior Planning
✅✅
_________ makes a single system resilient against technical failures. -
-Fault Tolerance
✅✅
_________ protects against the failure of a single component. -
-Redundancy
_________ provide a configuration snapshot. - ✅✅-Baselines (track changes)
✅✅-Backups
_________ provide a data "safety net" -
_________ provide alternate data processing. - ✅✅-Disaster Recovery Sites
_________ provide structure during cybersecurity incidents. - ✅✅-Incident
Response Plan
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller lydiaomutho. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.