The following questions are provided to help you study for the second
test. Do not expect to see these exact questions on the test.
What is a Gedankenexperiment? Why do we do them?
Hint:
How does the concept of containment lead to different actions depending
on the source of an attack?
Why should recovery after an attack lead to a better protected system
than we had before it?
What does the text mean when it says that if we are under a DoS attack,
so is our ISP?
What does Deming's cycle have to do with searching for the cause of
a problem, or a weakness that allowed an attack to succeed?
Whatever you want to call it, what is the purpose of doing a review
of an incident after it is resolved?
Forensic is a word with several meanings. What does it mean
regarding computer security incidents?
Regarding forensics, what are two meanings of the word evidence?
What are two possible sources that can authorize a search for "evidence"
in a workplace?
What is meant by the term anti-forensics?
According to our text, what is the percentage of companies having
a data center disaster lasting 10 or more days that go into bankruptcy?
Regarding the mayhem commercials: how does the commercial about the
dog and the house robbers relate to an IT organization as well as to
a home?
Regarding the mayhem commercials: how does the commercial about the
GPS that was never updated relate to an IT organization and its hardware/software?
Why does your business continuity plan require that you know the scope
of the disaster that has happened to your organization? (Think geography.)
Where should copies of your contingency plans be stored? (The answer
depends greatly on the scope of the disaster.)
Name four of the five informational triggers mentioned in the text
that can cause the organization to implement a plan.
What should be the priority order of dealing with threats to belongings,
health, life, and structural safety? What do you do about a disagreement
between staff about these priorities?
How does the prioritization of threats relate to Maslow's Pyramid?
Just in case you have forgotten, when do we use the business continuity
plan, as opposed to the disaster recovery plan, assuming we have both?
Which of the two plans mentioned above is almost guaranteed to involve
dealing with an outside entity? Why?
What is an advance party, with regard to business continuity plans?
How does the nature of a temporary location (hot, warm, cold) change
the roster of who should be assigned to the advance party?
Ignoring the text's initial, and rather disgraceful, definition of
the word crisis, what should we consider to be the operational
definition to take from this course?
What is the difference between a smoldering crisis and a sudden crisis?
How can our approaches to dealing with them differ?
According to the graphic I pointed out from the text, what pecentage
of the time will a crisis emerge from a source other than the anticipated
sources in that graphic? What can we learn from that statistic?
Why should we be concerned with a head count when there is a sudden
crisis? What about known health issues that apply to our staff or guests?
Name two sources of counseling that may be available to our staff
who have endured a crisis.