SEC110 Chapter 13

Flashcard maker : Lily Taylor
A metallic enclosure that prevents the entry or escape of an electromagnetic field.?
Faraday cage
Combining two or more servers to appear as one single unit.?
The ability of a business to continue to function in the even of a disaster.
The ability of a business to continue to function in the event of a disaster. continuity of operations
The ability of an organization to maintain its operations and services in the face of a disruptive event.?
business continuity
A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.?
mean time between failures (MTBF)
Using technology to search for computer evidence of a crime.?
computer forensics
The process of identifying threats.
The process of identifying threats. risk assessment
A process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence.?
chain of custody
A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.?
hot site
The maximum length of time that an organization can tolerate between backups.?
recovery point objective (RPO)
Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:
computer forensics
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?
RAM slack
What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?
drive file slack
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it’s operational and financial position, what should be performed?
Business impact analysis (BIA)
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:
service level agreement
The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:
Business continuity planning and testing
What type of plans include procedures to address redundancy and fault tolerance as well as data backups?
Disaster recovery
What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?
mirror image
A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:
warm site
What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?
raid 5
Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:
asymmetric server
What kind of data can be lost when a computer is turned off?
Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?
single point of failure
In what type of server cluster can services fail over from downed servers to functional servers?
symmetric server
How can an administrator keep devices powered when power is interrupted?
Multiple sectors on a disk, when combined, are referred to as a:
snapshot of the current state of a computer that contains all current settings and data is known as what option below:
system image
According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?
True / false
RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted.
True / false
Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene.
True / false
RAID level 0 is known as disk mirroring, because it involves connecting multiple drives in the server to the same disk controller card.
False / Raid 1 mirroring Raid 0 striping/
True / false
A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning.

Get instant access to
all materials

Become a Member