Subject Name: Business Continuity Planning and Disaster Recovery PlanningReview Questions Instructions:
Please be comprehensive and answer the Following review questions completely.
1. What is the formal definition of a CSIRT?2. What is the difference in the roles between the CSIRT and the IRPT?3. What is the most essential reason to involve upper management in the CSIRT formation process?4. Is management approval a simple, one-time action?5. Among the skills needed by the CSIRT staff, what is required beyond technical skill?6. What are the structures most often used to develop CSIRTs?7. What are the most likely staffing models for CSIRTs?8. How does the need for 24/7 operations affect staffing decisions?9. How does the need to manage employee morale affect staffing decisions for CSIRTs?10.How does the organizational structure impact staffing design for CSIRTs?11. What is an IDPS?12. What are the compelling reasons to acquire and use an IDPS?13. What are the three dominant placements for IDPSs? Give one advantage and one disadvantage to each approach.14. What are the dominant approaches used to detect intrusions in IDPSs? Give one advantage and one disadvantage of each approach.15. What is a log file monitor? What is it used to accomplish?16. What does the term trap and trace mean?17. What is a honeypot? What is a honeynet? How are they different?18. What general approach is recommended to distinguish real incidents from false positive events?19. What activities go into a complete log management approach?20. What are the two key facets needed to design, develop, and operate a comprehensive IDPS?