1. _ incident responses enables the organization to react to a detected incident quickly and effectively, without confusion or wasted time and effort.

a.

Recording

b.

Publishing

c.

Predefining

d.

Discussing

5 points

QUESTION 2

1. The U.S. National Institute of Standards and Technology recommends a set of tools for the CSIRT including incident reporting mechanisms with which users can report suspected incidents. At least one of these mechanisms should permit people to report incidents ____.

a.

anonymously

b.

directly to the CSO

c.

online

d.

for a reward

5 points

QUESTION 3

1. In a(n) ____________________ plan test strategy, each potential participant individually details the performance of each task, though stopping short of the actual physical task required.

5 points

QUESTION 4

1. A recommended practice for the implementation of the physical IR plan is to select a ____ binder.

a.

green

b.

red

c.

black

d.

blue

5 points

QUESTION 5

1. In ____________________ training, prepackaged software provides training at the trainee’s workstation.

5 points

QUESTION 6

1. Incident analysis resources include network diagrams and lists of ____, such as database servers.

a.

desk checks

b.

protocol analyzers

c.

critical assets

d.

simulation software

5 points

QUESTION 7

1. The Southeast Collegiate Cyber Defense Competition is unique in that it focuses on the operational aspect of managing and protecting an existing network infrastructure. Unlike “capture-the-flag ” exercises, this competition is exclusively a real-world ____ competition.

a.

defensive

b.

hacking

c.

end-user training

d.

offensive

5 points

QUESTION 8

1. The IR plan is usually ____ when an incident causes minimal damage with little or no disruption to business operations.

a.

placed on alert

b.

placed on standby

c.

activated

d.

not activated

5 points

QUESTION 9

1. A final IR plan should be tested at least ____________________ by performing at least a structured walk-through test and a more realistic type of test, when possible.

5 points

QUESTION 10

1. ____ is the process of systematically examining information assets for evidentiary material that can provide insight into how an incident transpired.

a.

Disaster recovery

b.

Incident response

c.

War gaming

d.

Forensics analysis

5 points

QUESTION 11

1. Organizing the incident response planning process begins with staffing the disaster recovery committee.

True

False

5 points

QUESTION 12

1. Should an incident begin to escalate, the CSIRT team leader continues to add resources and skill sets as necessary to attempt to contain and terminate the incident. The resulting team is called the ____ for this particular incident.

a.

response unit

b.

forensic team

c.

IR unit

d.

reaction force

5 points

QUESTION 13

1. The responsibility for creating an organization’s IR plan often falls to the ____.

a.

chief information security officer

b.

database administrator

c.

forensic expert

d.

project manager

5 points

QUESTION 14

1. A recommended practice for the implementation of the physical IR plan document is to organize the contents so that the first page contains the ____ actions.

a.

“during attack”

b.

“before attack”

c.

training

d.

testing

5 points

QUESTION 15

1. A favorite pastime of information security professionals is ____, which is a simulation of attack and defense activities using realistic networks and information systems.

a.

war gaming

b.

parallel testing

c.

simulation

d.

structured walk-through

5 points

QUESTION 16

1. The ____ Department of an organization needs to review the procedures of the CSIRT and understand the steps the CSIRT will perform to ensure it is within legal and ethical guidelines for the municipal, state, and federal jurisdictions.

a.

Auditing

b.

Labor

c.

Legal

d.

Public Relations

5 points

QUESTION 17

1. The training delivery method with the lowest cost to the organization is ____.

a.

user support group

b.

self-study (noncomputerized)

c.

on-the-job training

d.

one-on-one

5 points

QUESTION 18

1. In computer-based training settings, trainees receive a seminar presentation at their computers.

True

False

5 points

QUESTION 19

1. General users require training on the technical details of how to do their jobs securely, including good security practices, ____ management, specialized access controls, and violation reporting.

a.

password

b.

war gaming

c.

“before action”

d.

organization

5 points

QUESTION 20

1. There are several national training programs that focus on incident response tools and techniques.

True

False

As an IT manager, discuss how your company will use Enterprise Resource Planning (ERP) to integrate the various functions of an entity. What are the advantages of using ERP? In your discussion, please be sure to provide substantive explanation of what ERP is and give example(s) of ERP. Use APA throughout.

Read and respond to at least two (2) of your classmates no later than Saturday 11:59pm EST of week 10 . Please note that secondary post not completed on the due date will receive zero grade.

Please use APA throughout in your main post and responses to other posts.

A. What is the leadership paradox? Give some reasons why a leader can encounter difficulty in newly formed teams or groups using a participative management system. Support your discussion with at least two (2) external sources.

B. Present a discussion of the strategies for encouraging participative management in the workforce, and how to implement each of these strategies. Support your discussion with at least two (2) external sources.

C. What serious biases or misassumptions do groups that are involved in inter-team conflict sometimes experience? How do these biases and prejudices affect the ability of teams to accomplish their goals? Support your discussion with at least two (2) external sources.