The flashcards below were created by user geggart on FreezingBlue Flashcards.

  1. after- action review (AAR)
    "A detailed examination by CSIRT team members and key players in the IR process of the events that occurred
  2. alert message
    "A scripted description of the incident that consists of just enough information so that each responder
  3. alert roster
    A document containing contact information on the individuals to be notified in the event of an actual incident.
  4. business continuity plan (BC plan)
    "A detailed set of processes and procedures that ensure that critical business functions can continue if a disaster occurs
  5. business continuity planning (BCP)
    "The actions taken to ensure that critical business functions can continue if a disaster occurs
  6. business continuity team
    The team that manages and executes the BC plan by setting up and starting off- site operations in the event of an incident or disaster.
  7. business impact analysis (BIA)
    "The first phase of the CP process and a crucial component of the initial planning stages
  8. business process
    A task performed by an organization or organizational subunit in support of the overall organization's mission.
  9. business resumption plan (BR plan)
    "A set of plans and procedures combining the DR and BC functions
  10. cold site
    "A facility used for BC operations that provides only rudimentary services and facilities
  11. computer security incident response team (CSIRT)
    A subset of the IR team composed of technical and managerial IT and InfoSec professionals prepared to diagnose and respond to an incident.
  12. contingency planning (CP)
    The overall process of preparing for unexpected adverse events.
  13. contingency planning management team (CPMT)
    "The management team consisting of coordinating executive
  14. crisis management (CM)
    The steps taken during and after a disaster that affect the people inside and outside the organization.
  15. crisis management team (CMT)
    The individuals from various functional areas of the organization who are tasked with the development and implementation of the CM plan.
  16. database shadowing
    The combination of electronic vaulting with remote journaling in which multiple copies of the database are written simultaneously to two separate locations.
  17. desk check
    "The CP testing strategy in which copies of the appropriate plans are distributed to all individuals who will be assigned roles during an actual incident or disaster
  18. disaster recovery plan (DR plan)
    A detailed set of processes and procedures that prepare for and help recover from the effects of disasters.
  19. disaster recovery planning (DRP)
    "The preparation for and recovery from a disaster
  20. disaster recovery team
    "The team that manages and executes the DR plan by detecting
  21. electronic vaulting
    "The bulk batch- transfer of data to an off- site facility
  22. full-interruption testing
    "The CP testing strategy in which the individuals follow each and every IR/DR/BC procedure
  23. hot site
    "A fully configured computer facility used for BC operations
  24. incident candidate
    An adverse event that constitutes a possible incident.
  25. incident classification
    The process of examining a possible incident or incident candidate and determining if it constitutes an actual incident.
  26. incident response (IR)
    A set of procedures that commence when an incident is detected. IR must be carefully planned and coordinated because organizations heavily depend on the quick and efficient containment and resolution of incidents.
  27. incident response plan (IR plan)
    "A detailed set of processes and procedures that anticipate
  28. incident response planning (IRP)
    The preparation for an unexpected event that might compromise information resources and assets.
  29. incident response team
    "The team that manages and executes the IR plan by detecting
  30. Maximum Tolerable Downtime (MTD)
    The total amount of time the system owner/authorizing official is willing to accept for a mission/business process outage or disruption and includes all impact considerations.
  31. mutual agreement
    "A contract between two organizations in which each party agrees to assist the other in the event of a disaster by providing the necessary BC facilities
  32. parallel testing
    "The CP testing strategy in which individuals act as if an actual incident or disaster occurred and begin performing their required tasks and executing the necessary procedures
  33. rapid-onset disasters
    "Disasters that occur suddenly
  34. recovery point objective (RPO)
    "The point in time
  35. recovery time objective (RTO)
    "The maximum amount of time that a system resource can remain unavailable before there is an unacceptable impact on other system resources
  36. remote journaling
    The transfer of live transactions to an off- site facility in which only transactions are transferred and the transfer takes place online and in real time or near real time.
  37. rolling mobile site
    "A specialized BC facility configured in the payload area of a tractor/trailer; or externally stored resources
  38. service bureau
    A service agency that provides a BC facility as a service for a fee.
  39. simulation
    "The CP testing strategy in which each person works individually
  40. slow- onset disasters
    "Disasters that occur over time and gradually degrade the capacity of an organization to withstand their effects. Examples include droughts
  41. structured walk- through
    "The CP testing strategy in which all involved individuals walk through and discuss the steps they would take during an actual CP event
  42. timeshare
    "A facility that operates like a hot
  43. warm site
    "A facility used for BC operations that provides many of the same services and options as a hot site
  44. Work Recovery Time (WRT)
    The amount of effort (expressed as elapsed time) that is necessary to get the business function operational after the technology element is recovered (as identified with RTO).
Card Set
BAKER ITS305 Management of Information Security Chap 3
Show Answers