Chapter 10: Planning for Contingencies Key Terms

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/39

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

40 Terms

1
New cards

adverse events

Events with negative consequences that could threaten an organization’s information assets or operations.

2
New cards

contingency planning (CP)

The actions taken by senior management to specify organizational priorities and actions when an adverse event becomes an incident or disaster.

3
New cards

business impact analysis (BIA)

Assessment of adverse events to determine criticality, recovery priorities, and organizational impact.

4
New cards

Recovery point objective (RPO)

The point in time to which data must be restored; maximum acceptable data loss.

5
New cards

Recovery time objective (RTO)

The maximum time a system can be unavailable before harming operations or exceeding the MTD.

6
New cards

Maximum tolerable downtime (MTD)

The total outage time an organization is willing to accept, including RTO and WRT.

7
New cards

Work recovery time (WRT)

The time needed after technical recovery to restore business processes fully.

8
New cards

incident response (IR)

Planning and preparation for detecting, responding to, and recovering from a cybersecurity incident.

9
New cards

incident

An adverse event that may result in information loss but does not threaten organizational viability.

10
New cards

cybersecurity incident response team (CIRT/CSIRT)

A team prepared to detect, respond to, and recover from cybersecurity incidents.

11
New cards

Electronic vaulting

Bulk data transfer method to send backups to an off-site facility.

12
New cards

Remote journaling

Backup method transferring transaction logs to an off-site facility as they occur.

13
New cards

Database shadowing

Creating duplicates of databases and transaction data at a remote site; combines vaulting and journaling.

14
New cards

Incident classification

The process of determining whether an adverse event is an actual incident.

15
New cards

incident commander

The manager on duty who leads the CIRT during an incident.

16
New cards

incident detection

Identification and classification of an adverse event as an incident.

17
New cards

alert roster

A contact list for notifying personnel during incidents or disasters.

18
New cards

alert message

A brief description of an incident used to instruct responders on initial actions.

19
New cards

after-action review (AAR)

Post-incident analysis from detection to full recovery to evaluate effectiveness and lessons learned.

20
New cards

Protect and forget

A CP philosophy focusing on defending assets and preventing recurrence rather than prosecuting attackers.

21
New cards

Apprehend and prosecute

CP philosophy emphasizing identifying, collecting evidence on, and prosecuting attackers.

22
New cards

Digital forensics

Process of preserving, identifying, extracting, documenting, and interpreting digital evidence.

23
New cards

e-discovery

Identification and preservation of evidence for legal action.

24
New cards

disaster recovery (DR)

Planning and actions to restore systems and operations after a major disruption.

25
New cards

business continuity (BC)

Ensures long-term organizational viability when primary operations are disrupted.

26
New cards

Hot site

Fully equipped facility with hardware, software, and connectivity ready for immediate use.

27
New cards

Warm site

Facility with many services of a hot site but missing installed software or full configuration.

28
New cards

Cold site

Facility with basic infrastructure but no hardware, peripherals, or ready connectivity.

29
New cards

Timeshare

Business continuity strategy where organizations share leased facilities.

30
New cards

Service bureau

An external agency paid to provide BC facilities or processing services.

31
New cards

Mutual agreement

Two organizations agree to assist each other with BC resources during disasters.

32
New cards

Rolling mobile site

A mobile, preconfigured cybersecurity/IT facility housed in a tractor-trailer.

33
New cards

Work-from-home

A BC strategy allowing employees to operate remotely using organizational virtual access.

34
New cards

business resumption planning (BRP)

The combined planning for disaster recovery and business continuity.

35
New cards

crisis management (CM)

Planning for risks involving injury, trauma, loss of life, or reputational harm during disasters.

36
New cards

Desk check

Plan review where responders read and verify CP/IR/DR components.

37
New cards

Structured walk-through

A physical walkthrough where participants review and discuss their response steps.

38
New cards

talk-through

A discussion-only walk-through performed in a conference room.

39
New cards

Simulation

A role-playing test that imitates an actual disaster scenario.

40
New cards

Full-interruption testing

A comprehensive test where systems are shut down and recovery procedures are fully executed.