WGU Digital Forensics in Cybersecurity - C840
Business Continuity Plan (BCP) Correct Answer: A plan for maintaining minimal operations until the business can return to full normal operations.
Disaster Recovery Plan (DRP) Correct Answer: A plan for returning the business to full normal opera...
WGU Digital Forensics in Cybersecurity - C840
Business Continuity Plan (BCP) Correct Answer: A plan for maintaining minimal operations until the
business can return to full normal operations.
Disaster Recovery Plan (DRP) Correct Answer: A plan for returning the business to full normal
operations.
International Organization for Standardization (ISO) 27001 standard Correct Answer: It is a code of
practice for implementing an information security management system, against which organizations can
be certified.
National Institute of Standards and Technology (NIST) 800-34 standard Correct Answer: It is entitled
Contingency Planning Guide for Information Technology Systems—thus it is clearly related to business
continuity and disaster recovery.
Business Impact Analysis (BIA) Correct Answer: An analysis of how specific incidents might impact the
business operations.
U.S. National Fire Protection Association (NFPA) 1600 Standard Correct Answer: This is formally titled
Standard on Disaster/Emergency Management and Business Continuity Programs focused on
responding to fire-related incidents.
Maximum Tolerable Downtime (MTD) Correct Answer: The length of time a system can be down before
the business cannot recover.
Mean Time to Repair (MTTR) Correct Answer: The average time needed to repair a given piece of
equipment.
Mean time to failure (MTTF) Correct Answer: How long, on average, before a given piece of equipment
will fail through normal use.
Recovery Point Objective (RPO) Correct Answer: The amount of work that might need to be redone, or
data lost.
Recovery Time Objective (RTO) Correct Answer: The time that the system is expected to be back up.
This must be less than MTD.
Single Loss Expectancy (SLE) Correct Answer: The expected monetary loss every time a risk occurs.
Single Loss Expectancy (SLE) formula Correct Answer: Asset Value (AV) x Exposure Factor (EF)
Annualized Loss Expectancy (ALE) Correct Answer: Expected monetary loss for an asset due to a risk
over a one-year period calculated by multiplying single loss expectancy by annualized rate of
occurrence.
,Annualized Loss Expectancy (ALE) formula Correct Answer: Single Loss Expectancy (SLE) * Annual Rate
of Occurrence (ARO)
Annual Rate of Occurrence (ARO) Correct Answer: The number of times an incident is expected to occur
in a year
Damage Potential, Reproducibility, Exploitability, Affected Users, and Discoverability (DREAD) Correct
Answer: It is a mnemonic for risk rating using five categories and an effective model for evaluating the
impact of an attack.
Remote Network MONitoring (RMON) Correct Answer: Developed by the Internet Engineering Task
Force (IETF) in order to support network monitoring and protocol analysis.
Mean squared deviation (MSD) formula Correct Answer: It is relatively simple and provides insight into
how any system deviates from expectations. This is sometimes referred to as the mean squared error.
Mean percentage error (MPE) formula Correct Answer: It is the arithmetic mean of errors from
modeling. This metric compares expected values to actual values and calculates mean error.
Ishikawa diagrams Correct Answer: Commonly used engineering tool in failure mode and effects
analysis (FMEA) in engineering and are sometimes called "fish diagrams"
full backup Correct Answer: Backup that copies all data from a system.
differential backup Correct Answer: All changes since the last full backup
incremental backup Correct Answer: Backup that copies only the changed data since the last backup.
Detection step Correct Answer: 1st step in incident response
Containment step Correct Answer: 2nd step in incident response
Eradication step Correct Answer: 3rd step in incident response
Recovery step Correct Answer: 4th step in incident response
Follow-Up step Correct Answer: 5th step in incident response
Malicious code, Denial of service, Unauthorized access, & Inappropriate usage Correct Answer: NIST
800-61 classifies incidents into the following events on a system or network.
Continuity of Operations Plan (COOP) Correct Answer: A predetermined set of instructions or
procedures that describe how an organization's mission essential functions will be sustained within 12
hours and for up to 30 days as a result of a disaster event before returning to normal operations.
, Contain the intrusion Correct Answer: Once an intrusion into your organization's information system
has been detected, what action should be done next?
Scope and Plan Initiation Correct Answer: Business Continuity Plan development depends most on.
Moore's law or Moore's observation Correct Answer: The observation by Gordon Moore of Intel
Corporation that capacity would double, and price would be cut in half roughly every 18 to 24 months
for products based on computer chips and related technology.
Cloud Computing Correct Answer: The practice of delivering hosted services over the internet. This can
be software as a service, platform as a service, or infrastructure as a service.
Speed of accessing data & Fault tolerance Correct Answer: What is the main advantage of cloud
computing?
Type# adb connect ipaddress Correct Answer: How would you connect to a smart TV with ADB?
Adhere to the jurisdiction with the most restrictive requirements Correct Answer: When performing
forensic analysis on devices from diverse jurisdictions, the proper approach is to:
How fast computing power improves Correct Answer: Moore's law concerns which of the following?
Chain of custody process Correct Answer: In a computer forensics investigation, this describes the route
that evidence takes from the time you find it until the case is closed or goes to court
Shut the computer down according to the recommended Secret Service procedure Correct Answer:
What the secret service recommends you doing if a computer is turned on when you arrive
In case other devices are connected Correct Answer: Why should you note all cable connections for a
computer you want to seize as evidence?
The essence of the Daubert standard Correct Answer: That only tools or techniques that have been
accepted by the scientific community are admissible at trial
Preserve evidence integrity Correct Answer: The primary goal when cataloging digital evidence
Important to investigators regarding logging Correct Answer: Logging methods, log retention, and
location of stored logs
Anti-forensics Correct Answer: the actions that perpetrators take to conceal their locations, activities, or
identities.
Cell-phone forensics Correct Answer: The process of searching the contents of cell phones
Chain of custody Correct Answer: the continuity of control of evidence that makes it possible to account
for all that has happened to evidence between its original collection and its appearance in court,
preferably unaltered.
Los beneficios de comprar resúmenes en Stuvia estan en línea:
Garantiza la calidad de los comentarios
Compradores de Stuvia evaluaron más de 700.000 resúmenes. Así estas seguro que compras los mejores documentos!
Compra fácil y rápido
Puedes pagar rápidamente y en una vez con iDeal, tarjeta de crédito o con tu crédito de Stuvia. Sin tener que hacerte miembro.
Enfócate en lo más importante
Tus compañeros escriben los resúmenes. Por eso tienes la seguridad que tienes un resumen actual y confiable.
Así llegas a la conclusión rapidamente!
Preguntas frecuentes
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
100% de satisfacción garantizada: ¿Cómo funciona?
Nuestra garantía de satisfacción le asegura que siempre encontrará un documento de estudio a tu medida. Tu rellenas un formulario y nuestro equipo de atención al cliente se encarga del resto.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller HIGHFLYER. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for $9.49. You're not tied to anything after your purchase.
