A chief Information Security Officer (CISO) is performing a BIA for the organization in case of a natural disaster. Which of the
following should be at the top of the CISO's list? a. identify redundant and high-availability systems
b. identify mission-critical applications and systems
c. identify the single point of failure in the systems
d. identify the impact on safety of the property
The correct answer is option (D) Identify the impact on safety of the property
Explanation:
Solution
In every Business Impact Analysis, the first and the most important step is for the CISO is to identify and estimate the impact of the aftereffects on the business and property of an organization that may be occurred from the disaster.
Physical security is very important, but it is not noticed by most organizations. It is important if you do not want anyone to take away your information or destroy it, in case of natural calamity. the reason could be that, the intruder is doing it for his personal achievement, financial gain,or seeking revenge or when one is taken unaware and becomes a target. If this security is not maintained properly all the safety measures will not be useful once the attacker gets through by gaining physical access.
Example of property can be software, equipment, facilities, company’s assets.
Answer: It depends, but it is definitely a networking attack.
Explanation:
After scanning for vulnerable ports, I could go in a number of different directions. I could initiate a DOS attack by flooding a vulnerable port with requests. I could also initiate a Man-in-the-Middle attack by intercepting their network traffic (usually through port 80(HTTP) if it's not encryped). Because of this, it is highly recommended to use a VPN, so hackers have a harder time getting your data