CIS 359 STUDY Extraordinary Success /cis359study.com CIS 359 STUDY Extraordinary Success /cis359study.c | Page 25

one of these mechanisms should permit people to report incidents
____.
9. A(n) ____ is an object, person, or other entity that is a potential
risk of loss to an asset.
10. A(n) ____ is used to anticipate, react to, and recover from events
that threaten the security of information and information assets in an
organization; it is also used to restore the organization to normal
modes of business operations;
11. A ____ is a document that describes how, in the event of a
disaster, critical business functions continue at an alternate location
while the organization recovers its ability to function at the primary
site.
12. ____ hack systems to conduct terrorist activities through network
or Internet pathways.
13. ____ is the risk control approach that attempts to reduce the
impact caused by the exploitation of vulnerability through planning
and preparation.
14. ____ ensures that only those with the rights and privileges to
access information are able to do so.
15. ____ is a risk control approach that attempts to shift the risk to
other assets, other processes, or other organizations.
16. A ____ attack seeks to deny legitimate users access to services by
either tying up a server’s available resources or causing it to shut
down.
17. Information assets have ____ when authorized users - persons or
computer systems - are able to access them in the specified format
without interference or obstruction.
18. The purpose of the ____ is to define the scope of the CP
operations and establish managerial intent with regard to timetables