FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 1: Contingency Planning Within Information Security

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 31

Essay

Review LaterAdd Note

Review Later

What is the difference between avoidance of risk and acceptance of risk?

Correct Answer

verified

Avoidance is the risk control strategy t...

View Answer

Show Answer

Question 32

Multiple Choice

Review LaterAdd Note

Review Later

____ is the process of examining and documenting the security posture of an organization's information technology and the risks it faces.

A) Risk identification
B) Data classification
C) Security clearance
D) DR

E) C) and D)
F) A) and B)

Correct Answer

verified

Show Answer

Question 33

Essay

Review LaterAdd Note

____________________ is defined by the Committee on National Security Systems (CNSS)as the protection of information and its critical elements,including the systems and hardware that use,store,and transmit that information.

A ____ deals with the preparation for and recovery from a disaster,whether natural or man-made.

The vision of an organization is a written statement of an organization's purpose.

____ is the process of moving the organization toward its vision.

What is a polymorphic threat?

A ____ is a document that expresses how an organization ensures that critical business functions continue at an alternate location while the organization recovers its ability to function at the primary site if a catastrophic incident or disaster occurs.

What is the difference between transference and mitigation?

____ ensures that only those with the rights and privileges to access information are able to do so.