Continuity, Disaster Recovery, and Computer Forensics

Why would you perform a BIA?correct answersTo prioritize the recovery of time-sensitive business functions. Control analysiscorrect answersAsses technical and nontechnical measures to strengthen systems against attack. Vulnerability identificationcorrect answersAsses systems and applications in terms if their ability to withstand hazards Likelihood determinationcorrect answersConsider vulnerabilities, threat sources, and existing or planned controls to rate the probability of threat realization. Threat identificationcorrect answersNote all human, natural, and environmental hazards to the system. System characterizationcorrect answersDefine the scope of the system and identify critical data What are some factors to consider when selecting backup methods?correct answers-Database backups shouldn't rely on copy-based strategies -Bare metal backups require multiple gigabytes of storage -When backing up a messaging system at the mailbox level, time constraints should be considered -Snapshots should be taken of open files to back them up Which considerations are key to fault tolerance?correct answers-Ensure that all essential system components are on a UPS or backup generator -Keep and inventory if essential spare parts for your system -Boost fault tolerance in your system by minimizing single points of failure Which activities should you perform during the project initiation phase of developing a business continuity plan, or BCP?correct answers-Outline a timeline for developing a comprehensive continuity plan -Secure the commitment of departmental leaders who will be responsible for implementing the BCP -Persuade senior management to the importance of having BCP -Determine which possible disasters should be recovered by the BCP Qualitative assessmentcorrect answers-The IT manager's opinion on what impact a fire would have on a company's ability to continue functioning -The financial officer's assessment of the cost of an information leak, based on fines and average court settlements Quantitative assessmentcorrect answers-The cost to the company if its web server is down for three hours -The cost to the company if the sales staff are locked out due to errors caused by password complexity requirements Which scenarios are best practiced for data handling?correct answers-Senior management sets permissions on top-secret folders, so that only some users can access them -A user disposes of a file on the network by encrypting its content You want to enhance the security of an existing system using an incident response policy. Sequence the stages of incident response you can use to do ct answers1. Create procedures and guidelines to harden the security of your system 2. Find and analyze security incidents as they occur 3. Contain incidents and rescue affected systems