SEC110 Chapter 13 – Flashcards
Unlock all answers in this set
Unlock answersquestion
A metallic enclosure that prevents the entry or escape of an electromagnetic field.?
answer
Faraday cage
question
Combining two or more servers to appear as one single unit.?
answer
clustering
question
The ability of a business to continue to function in the even of a disaster.
answer
The ability of a business to continue to function in the event of a disaster. continuity of operations
question
The ability of an organization to maintain its operations and services in the face of a disruptive event.?
answer
business continuity
question
A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.?
answer
mean time between failures (MTBF)
question
Using technology to search for computer evidence of a crime.?
answer
computer forensics
question
The process of identifying threats.
answer
The process of identifying threats. risk assessment
question
A process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence.?
answer
chain of custody
question
A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.?
answer
hot site
question
The maximum length of time that an organization can tolerate between backups.?
answer
recovery point objective (RPO)
question
Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:
answer
computer forensics
question
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?
answer
RAM slack
question
What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?
answer
drive file slack
question
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it's operational and financial position, what should be performed?
answer
Business impact analysis (BIA)
question
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:
answer
service level agreement
question
The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:
answer
Business continuity planning and testing
question
What type of plans include procedures to address redundancy and fault tolerance as well as data backups?
answer
Disaster recovery
question
What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?
answer
mirror image
question
A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:
answer
warm site
question
What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?
answer
raid 5
question
Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:
answer
asymmetric server
question
What kind of data can be lost when a computer is turned off?
answer
volatile
question
Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?
answer
single point of failure
question
In what type of server cluster can services fail over from downed servers to functional servers?
answer
symmetric server
question
How can an administrator keep devices powered when power is interrupted?
answer
UPS
question
Multiple sectors on a disk, when combined, are referred to as a:
answer
cluster
question
snapshot of the current state of a computer that contains all current settings and data is known as what option below:
answer
system image
question
According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?
answer
85%
question
True / false RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted.
answer
True
question
True / false Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene.
answer
False
question
True / false RAID level 0 is known as disk mirroring, because it involves connecting multiple drives in the server to the same disk controller card.
answer
False / Raid 1 mirroring Raid 0 striping/
question
True / false A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning.
answer
False