CIS 359 STUDY Great Stories/cis359study.com CIS 359 STUDY Great Stories/cis359study.com | Page 42

5. Should an incident begin to escalate, the CSIRT team leader
continues to add resources and skill sets as necessary to attempt to
contain and terminate the incident. The resulting team is called the ____
for this particular incident.
6. A(n) ____ is a CSIRT team member, other than the team leader,
who is currently performing the responsibilities of the team leader in
scanning the organization’s information infrastructure for signs of an
incident.
7. The training delivery method with the lowest cost to the
organization is ____.
8. The U.S. National Institute of Standards and Technology
recommends a set of tools for the CSIRT including incident reporting
mechanisms with which users can report suspected incidents. At least
one of these mechanisms should permit people to report incidents ____.
9. A(n) ____ is an object, person, or other entity that is a potential
risk of loss to an asset.
10. A(n) ____ is used to anticipate, react to, and recover from events
that threaten the security of information and information assets in an
organization; it is also used to restore the organization to normal modes
of business operations;
11. A ____ is a document that describes how, in the event of a disaster,
critical business functions continue at an alternate location while the
organization recovers its ability to function at the primary site.
12. ____ hack systems to conduct terrorist activities through network or
Internet pathways.
13. ____ is the risk control approach that attempts to reduce the impact
caused by the exploitation of vulnerability through planning and
preparation.