This chapter has provided information on identifying assets. Asset identification is an important first step in any risk identification process. An organization’s assets include its hardware and software, data and information assets, and personnel. The seven domains of a typical IT infrastructure can be used to ensure that all the assets are identified.
Once the assets have been identified, they can be protected using various tools. A business impact analysis helps in identifying the impact to the business if a service fails, which helps in prioritizing the most important assets. A disaster recovery plan documents the steps that would need to be taken to restore a failed system. A business continuity plan is broader and is used to help ensure that mission-critical systems continue to operate even after a disaster.
Ensuring that a service is operational 99.999 percent of the time is possible even if a server needs to be regularly rebooted.
True
False
What is a single point of failure?
Any single part of a system that can fail
Any single part of a system that can cause the entire system to fail if it fails
Any single part of a system that has been protected with redundancy
Any single part of a system
When identifying the assets in an organization, what would be included?
Hardware
Software
Personnel
Only A and B
A, B, and C
When identifying hardware assets in an organization, what information should be included?
Model number and manufacturer
Serial number
Location
Only A and C
A, B, and C
An organization may use a ________ rotation policy to help discover dangerous shortcuts or fraudulent activity.
What type of data should be included when identifying an organization’s data or information assets?
Organizational data
Customer data
Intellectual property
A and B only
A, B, and C
What is a data warehouse?
A database used in a warehouse
A database used to identify the location of products in a warehouse
A database created by combining multiple databases into a central database
One of several databases used to create a central database for data mining
What is data mining?
The process of retrieving relevant data from a data warehouse
A database used in metal mining operations
A database created by combining multiple databases into a central database
A process used to extract, load, and transform a data warehouse
What can an asset management system be compared with to ensure an entire organization is covered?
Hardware and software assets
Software assets
Personnel and data assets
The seven domains of a typical IT infrastructure
When updating an organization’s business continuity plans, only ________ systems should be included.
Which of the following is a privacy regulation that may impact data sourced from the European Economic Area?
HIPAA
GDPR
PCI DSS
FOIP
What should an organization use if it wants to determine what the impact would be if a specific IT server fails?
BIA
BCP
DRP
BCC
What should an organization use if it wants to ensure it can continue mission-critical operations in the event of a disaster?
BIA
BCP
DRP
BCC
What should an organization use if it wants to ensure it can recover a system in the event of a disaster?
BIA
BCP
DRP
BCC
A BCP and a DRP are two different things.
True
False
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.