Blog

The National Institute of Standards and Technology (NIST) publishes SP 800-53. This document describes a variety of IT security controls, such as access control, incident response, and configuration management. Controls are grouped into families. Which NIST control family helps an organization recover from failures and disasters?

What are critical resources?

What step of a business continuity plan (BCP) comes after providing training?

True or False? A business continuity plan (BCP) is part of a business impact analysis (BIA).

True or False? The following equation is used during a cost-benefit analysis to determine projected benefits: Loss After Control – Loss Before Control

You plan to perform a vulnerability assessment on your company’s servers. You know that your assessment may simulate the effects of a denial of service (DoS) attack for a brief period of time. What is the most important task to complete before you perform the assessment?

When performing threat assessments, it’s important to ensure you understand the system or application you are evaluating. To understand a given system or application, you need to understand all of the following, except:

What is the primary purpose of identifying critical resources in the business impact analysis (BIA) process?

True or False? A risk assessment provides a point-in-time report.

True or False? It is acceptable for a vulnerability scanner to have a high rate of false positives.