(ISC2 CC) Domain 2: Incident Response, Business Continuity and Disaster Recovery Concepts

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/16

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

17 Terms

1
New cards

Security Operations Center

A centralized organizational function fulfilled by an information security team that monitors, detects and analyzes events on the network or system to prevent and resolve issues before they result in business disruptions.

2
New cards

Business Continuity (BC)

Actions, processes and tools for ensuring an organization can continue critical operations during a contingency.

3
New cards

Disaster Recovery (DR)

The activities necessary to restore IT and communications services to an organization during and after an outage, disruption or disturbance of any kind or scale.

4
New cards

Business Continuity Plan (BCP)

The documentation of a predetermined set of instructions or procedures that describe how an organization's mission/business processes will be sustained during and after a significant disruption.

5
New cards

Disaster Recovery Plan (DRP)

A predetermined set of instructions or procedures that describe how an organization’s mission-essential functions will be sustained within 12 hours and for up to 30 days as a result of a disaster event before returning to normal operations.

6
New cards

Incident Response Plan (IRP)

The documentation of a predetermined set of instructions or procedures to detect, respond to and limit consequences of a malicious cyberattack against an organization's information systems.

7
New cards

Business Impact Analysis (BIA)

Process of analyzing operational functions and the effect that a disruption might have on them.

8
New cards

Disaster

When an organization's critical business function(s) cannot be performed at an acceptable level within a predetermined period following a disruption.

9
New cards

Adverse Events

Events with a negative consequence

(i.e. system crashes, network packet floods, unauthorized use of system privileges, defacement of a web page or execution of malicious code that destroys data)

10
New cards

Event

Any observable occurrence in a network or system.

11
New cards

Incident

An event that jeopardizes or potentially jeopardizes the confidentiality, integrity or availability of an information system or the information the system processes, stores or transmits.

12
New cards

Incident Handling or Incident Response (IR)

The process of detecting and analyzing incidents to limit its effect.

13
New cards

Breach

The loss of control, compromise, unauthorized disclosure, unauthorized acquisition or any similar occurrence where: an unauthorized user accesses or potentially accesses PII; or an authorized user accesses PII for outside of an authorized purpose.

14
New cards

Exploit

A particular attack.

It is named this way because these attacks exploit system vulnerabilities.

15
New cards

Intrusion

A security event, or combination of security events, that constitutes a security incident in which an intruder gains, or attempts to gain, access to a system or system resource unauthorized.

16
New cards

Vulnerability

Weakness in an information system, system security procedures, internal controls or implementation that could be exploited or triggered by a threat source.

17
New cards

Zero Day

A previously unknown system vulnerability with the potential of exploitation without risk of detection or prevention because it does not, in general, fit recognized patterns, signatures or methods.