A. Full backups and differential backups B

Review Questions 
843
19.
What combination of backup strategies provides the fastest backup restoration time?
A.
Full backups and differential backups
B.
Partial backups and incremental backups
C.
Full backups and incremental backups
D.
Incremental backups and differential backups
20.
What type of disaster recovery plan test fully evaluates operations at the backup facility but 
does not shift primary operations responsibility from the main site?
A.
Structured walk-through
B.
Parallel test
C.
Full-interruption test
D.
Simulation test

Chapter 
19
Investigations and 
Ethics
ThE CISSP Exam ToPICS CovErEd In 
ThIS ChaPTEr InCludE:
✓
Domain 1: Security and Risk Management
■
1.5 Understand, adhere to, and promote professional ethics
■
1.5.1 (ISC)
2
Code of Professional Ethics
■
1.5.2 Organizational code of ethics
✓
Domain 7: Security Operations
■
7.1 Understand and support investigations
■
7.1.1 Evidence collection and handling
■
7.1.2 Reporting and documenting
■
7.1.3 Investigative techniques (e.g., root-cause analysis, 
incident handling)
■
7.1.4 Digital forensics tools, tactics, and procedures
■
7.2 Understand requirements for investigation types
■
7.2.1 Administrative
■
7.2.2 Criminal
■
7.2.3 Civil
■
7.2.4 Regulatory
■
7.2.5 Industry standards

In this chapter, we explore the process of investigating whether 
a computer crime has been committed and collecting evidence 
when appropriate. This chapter also includes a complete dis-
cussion of ethical issues and the code of conduct for information security practitioners.
As a security professional, you must be familiar with the various types of investiga-
tions. These include administrative, criminal, civil, and regulatory investigations, as well as 
investigations that involve industry standards. You must be familiar with the standards of 
evidence used in each investigation type and the forensic procedures used to gather evidence 
in support of investigations.
Investigations
Every information security professional will, at one time or another, encounter a security 
incident that requires an investigation. In many cases, this investigation will be a brief, 
informal determination that the matter is not serious enough to warrant further action or 
the involvement of law enforcement authorities. However, in some cases, the threat posed 
or damage done will be severe enough to require a more formal inquiry. When this occurs, 
investigators must be careful to ensure that proper procedures are followed. Failure to abide 
by the correct procedures may violate the civil rights of those individual(s) being investi-
gated and could result in a failed prosecution or even legal action against the investigator.

Download 19,3 Mb.

Do'stlaringiz bilan baham: