Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 4, Problem 5E
a.
Explanation of Solution
Incident Response Plan:
- Incident Response Plan mainly focuses on immediate response of an incident and it is basically concerned with keeping people safe.
- It is a complete set of functions and actions that detect, mitigate and anticipate the impact of a sudden event that might compromise information property and resource.
- This plan is generally written for Safety, Security and Health with help of Business Continuity Manager, but IS (
Information Systems ) and ICT (Information Communications Technology) should make sure that there is a plan, particularly if they are the sole occupants of a building...
b.
Explanation of Solution
- This occurrence is considered as an incident.
- Law enforcement should be involved in the incident...
c.
Explanation of Solution
- This occurrence is considered as a disaster.
- Law enforcement should not be involved in the case
- For re...
d.
Explanation of Solution
- This occurrence is considered as an incident.
- La...
e.
Explanation of Solution
- This occurrence is considered as a disaster.
- Law enforcement should be involved to get back the company resource and to investigate if the worker took the server home to attempt to interrupt the company in a malicious way...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
Classify each of the following occurrences as an incident or disaster. If an occurrence is a disaster, determine whether business continuity plans would be called into play.a. A hacker breaks into the company network and deletes files from a server.b. A fire breaks out in the storeroom and sets off sprinklers on that floor. Some computers are damaged, but the fire is contained.c. A tornado hits a local power station, and the company will be without power for three to five days.d. Employees go on strike, and the company could be without critical workers for weeks.e. A disgruntled employee takes a critical server home, sneaking it out after hours.For each of the scenarios (a–e), describe the steps necessary to restore operations. Indicate whether law enforcement would be involved.
Distinguish between a system crash and a "disaster."
Which of these statements is TRUE?
Question 9 options:
a)
b)
C)
d)
e)
ALL events MUST be logged
The requirements for defining something as an event are LOW
A specific incident would ONLY be associated to one event
An average organization would observe SLIGHTLY more events than incidents
ALL incidents are very serious and are worthy of a thorough investigation
Chapter 4 Solutions
Principles of Information Security (MindTap Course List)
Ch. 4 - Prob. 1RQCh. 4 - Prob. 2RQCh. 4 - Prob. 3RQCh. 4 - Prob. 4RQCh. 4 - Prob. 5RQCh. 4 - Prob. 6RQCh. 4 - Prob. 7RQCh. 4 - Prob. 8RQCh. 4 - Prob. 9RQCh. 4 - Prob. 10RQ
Ch. 4 - Prob. 11RQCh. 4 - Prob. 12RQCh. 4 - Prob. 13RQCh. 4 - Prob. 14RQCh. 4 - Prob. 15RQCh. 4 - Prob. 16RQCh. 4 - Prob. 17RQCh. 4 - Prob. 18RQCh. 4 - Prob. 19RQCh. 4 - Prob. 20RQCh. 4 - Prob. 2ECh. 4 - Prob. 3ECh. 4 - Prob. 4ECh. 4 - Prob. 5ECh. 4 - Prob. 1CEDQCh. 4 - Prob. 2CEDQCh. 4 - Prob. 3CEDQ
Knowledge Booster
Similar questions
- Susan is the lead investigator for a security incident and realizes that she will not be able to complete her investigation without causing severe disruption to the business. The action she feels she must take exceedsthe authority granted to her under the incident response plan. What should Susan do? a)Shut down all business operations immediately until she develops a plan b)Take the action immediately to protect the business c)Discount the action as a possibility because it exceeds her authority d)Consult with higher levels of managementarrow_forwarda) Which control policy is necessary for the prevention of unauthorized entry and facility damage? b) Write two examples of the controls needed to secure the facilities, offices, and rooms.arrow_forwardWhich of the following statements are FALSE regarding the process of managing cyber security incidents? a. The containment phase is concerned with limiting the ongoing damage from the incident. b. An incident report is produced as part of the recovery phase.. c. Weaknesses that are identified as leading to d. An event must be classified as an incident before a response is mobilisarrow_forward
- With the aid diagram shows several standard steps to be taken when an incident occursarrow_forwardA. Mean time between failures is the average time it takes to repair a serviceable device True False B. Snapshot backup can either be full, incremental or differential and can complete much faster than traditional backups, but require systems and software that supports them. True False C. An incident is any meaningful change in the network’s state that is both detectable and happened at a specific time. True Falsearrow_forwardHow should the risk be defined from the point of view of the network and operating system? Also, what are some examples of hazards that occur in the actual world?arrow_forward
- An internal auditor at the ACME Corporation recently performed a PCI DSS compliance audit on the company’s production systems and identified three instances of non-compliance. As the risk owner, you were assigned all three risks in the SimpleRisk application. You have already completed a risk mitigation plan for one of the risks, but in your haste to address the issue, you neglected to complete the risk mitigation form in SimpleRisk for the other two. In this section of the lab, you will review and complete the risk mitigation form for each of the remaining risks. Your security recommendations should include both technical and procedural mitigation actions. If necessary, use the Internet to research best practices for managing user accounts on a Windows Server 2019 domain controller.arrow_forwardThe concept of "risk" is interpreted differently by network/OS systems. Are there any examples of hazards you can provide as well?arrow_forwardChain Link Consulting is an information technology consulting company that focuses on system security concerns. When the company's president asks you to assist her with the preparation of a presentation for a group of potential clients at a trade show meeting next month, you say "yes." First and foremost, she would like you to examine system security concerns in light of all six security levels. Afterwards, she wants you to come up with a list of methods that Chain Link might evaluate a client's security procedures in order to obtain an accurate evaluation of their level of exposure.It was her way of making the situation more intriguing by saying that it was fine to be imaginative in your ideas, but that you should avoid proposing anything that would be unlawful or immoral. Example: It might be OK to pretend as a job candidate with phony references to see whether they were being reviewed, but it would be inappropriate to steal a lock and access the computer room to check on things.Your…arrow_forward
- Question 19 deterrent physical controls are enough to ensure the physical security in most situations True Falsearrow_forwardThe concept of "risk" is interpreted in a manner that is exclusive to Network/OS systems. Furthermore, are there any specific examples of risk that you are able to provide?arrow_forwardWhich of the following is the best description of purpose of risk management? a. To implement measures to reduce risks to an acceptable level. b. To outline the threats to which IT resources are exposed. c. To determine the damage caused by possible security incidents. d. To determine the probability that a certain risk will occur.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,