Intrusion Detection Chapter 9

____ disasters include acts of terrorism and acts of war.

Which of the following is not usually an insurable loss?

An ____ may escalate into a disaster when it grows in scope and intensity.

In disaster recovery, the ____ is the point at which a management decision to react is made in reaction to a notice or other datum such as a weather report or an activity report from IT indicating the escalation of an incident.

A ____ is a description of the disasters that may befall an organization, along with information on their probability of occurrence, a brief description of the organization's actions to prepare for that disaster, and the best case, worst case, and most likely case outcomes of the disaster.

Useful resources in the DR planning process are the ____ provided by the Federal Agency Security Practices (FASP) section of NIST's Computer Security Resource Center (CSRC).

____ are highly probable when infected machines are brought back online or when other infected computers that may have been offline at the time of the attack are brought back up.

A ____ is used for an office or small campus, with segment distances measured in tens of meters. It may have only a few hosts, or it may have hundreds of clients with multiple servers.

____ may be caused by earthquakes, floods, storm winds, tornadoes, or mud flows.

____ are those that occur suddenly, with little warning, taking the lives of people and destroying the means of production.

A DR plan addendum should include the trigger, the ____ method, and the response time associated with each disaster situation.

The part of a disaster recovery policy that identifies the organizational units and groups of employees to which the policy applies is called the ____ section.

____ are likely in the event of a hacker attack, when the attacker retreats to a chat room and describes in specific detail to his or her associates the method and results of his or her latest conquest.

A ____ is a collection of nodes in which the segments are geographically dispersed and the physical link is often a data communications channel provided by a public carrier.

The ____ assembles a disaster recovery team.

According to NIST, the first item of business for a disaster recovery team is to develop the ____.

The primary vehicle for articulating the purpose of a disaster recovery program is the ____.

____ occur over time and slowly deteriorate the organization's capacity to withstand their effects.

Once the incident has been contained, and all signs of the incident removed, the ____ phase begins.

Deciding which technical contingency strategies are selected, developed, and implemented is most often based on the type of ____ being used.

Contingency strategies for ____ should emphasize the need for absolutely reliable data backup and recovery procedures because they have less inherent redundancy than a distributed architecture.