Question 1
Within the private sector, the Supreme Court stated, "Every warrantless workplace search must be evaluated carefully on its facts. In general, however, law enforcement officers can conduct a warrantless search of private (i.e., nongovernment) workplaces only if the officers obtain the consent of either the employer or another employee with common authority over the area searched."
True
False
Question 2
CSIRT is an acronym for ____________________.
Question 3
From the communities of interest and the CPMT, the executive leadership of the organization should begin building the team responsible for all subsequent IR planning and development activities. This team, the ____________________ team should consist of individuals from all relevant constituent groups that will be affected by the actions of the frontline response teams.
Question 6
The laws governing search and seizure in the public sector are much more straightforward than those in the private sector.
True
False
Question 5
The ____ section of the business continuity policy identifies the roles and responsibilities of the key players in the business continuity operation.
a. education requirements
b. training requirements
c. scope
d. roles and responsibilities
Question 6
A ____ is defined by the ICM as a disruption in the company's business that occurs without warning and is likely to generate news coverage and may adversely impact employees, investors, customers, suppliers, and other stakeholders.
a. business crisis
b. smoldering crisis
c. sudden crisis
d. humanitarian crisis
Question 7
Regardless of which IR model an organization chooses, multiple employees should be in charge of incident response.
True
False
Question 8
____ is the process of ensuring that every employee is trained to perform at least part of the job of another employee.
a. Computer training
b. Task rotation
c. Job rotation
d. Cross-training
Question 9
Which of the following is the most suitable as a response strategy for malware outbreaks?
a. Creating a strong password policy
b. Blocking known attackers
c. Verifying the IP address of the attacker
d. Escalating physical security
Question 10
The first item of business for a disaster recovery team is to develop the ____.
a. business impact analysis
b. disaster recovery plan
c. disaster recovery training
d. disaster recovery policy