Question

What strategies can be used to test contingency plans? [MANAGEMENT OF INFORMATION SECURITY]

  1. What strategies can be used to test contingency plans? [MANAGEMENT OF INFORMATION SECURITY]
Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

Strategies of Testing Contingency Plans(MANAGEMENT OF INFORMATION SECURITY):-

Once problems are identified during the testing process, improvements can be made, and the resulting plan can be relied on in times of need.

There are five testing strategies that can be used to test contingency plans:

  1. Desk Check
  2. Structured walkthrough
  3. Simulation
  4. Parallel testing
  5. Full interruption

1. Desk Check:- The simple kind of validation involves distributing copies of the appropriate plans to all individuals who will be assigned roles during an actual incident. Each of these people performs a desk check by reviewing the plan and creating a list of correct and incorrect components. While not a true test ,this strategy is good way to review the perceived feasibility and effectiveness of plan.

2.Structured walkthrough:- In a structured walk-through, all involved individuals walk through the steps they would take during an actual event. This exercise can consist off of an on site walk-through in which everyone discuss their actions at each particular location and juncture ,or it may be more of a talk-through or chalk-talk,in which all involved individuals sit around a conference table and discuss in turn their responsibilities as the incident unfolds.

3.Simulation:- In a simulation ,each person works individually , rather than in a group setting to simulate the performance of each talks . The simulation stop short of performing the actual physical tasks required ,such as installing the backup data or disconnecting the communication circuit, the major difference between a Walkthrough and simulation is that individual work on their own talks and are responsible for identifying the faults in their own procedures.

4.Parallel testing:- In a parallel testing individuals act as if an actual incident occurred and begin to performing their required tasks and executing the necessary procedures, without interfering with the normal operations of their business great care must be taken in ensure that the procedure performed do not halt the operation of the business function ,thereby creating and actual incident.

5.Full interruption:-In full-interruption testing ,the individuals follow each and every procedure, including the interruption of service, restoration of data from backups,and notification of appropriate individuals .This exercise is often performed after normal business hours in organizations that cannot afford to disrupt or simulate the disruption of business function .Although full-interruption testing is the most rigorous testing strategy ,it is unfortunately too risky for most Businesses.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
What information generated by a process costing system can be used by management? How can management...
What information generated by a process costing system can be used by management? How can management use this process costing Information?
1- In your own words, discuss why information security is a management issue. What is management...
1- In your own words, discuss why information security is a management issue. What is management able to do that technology can not? 2- Why do employees constitute one of the greatest threats to information security? 3-What is the difference between a threat and an attack?
Step 1 Research security plans. Using course materials and the Internet, research various security plans. Use...
Step 1 Research security plans. Using course materials and the Internet, research various security plans. Use the following to guide your research: How do the security plans differ? In what ways are they alike? How can these plans be used to ensure the security of sensitive information? Step 2 Post your responses to the discussion board. Respond to the following and, if appropriate, include personal experience as part of your answers: What affects can an organization endure when a security...
What is a management maintenance model? What does it accomplish? [MANAGEMENT OF INFORMATION SECURITY][Please provide a...
What is a management maintenance model? What does it accomplish? [MANAGEMENT OF INFORMATION SECURITY][Please provide a long explanation for what it accomplished.] Thank you.
The statistical distribution used for the test of independence for time contingency table test is the...
The statistical distribution used for the test of independence for time contingency table test is the ____ distribution
Who is ultimately responsible for an organization's contingency planning and execution? Senior leadership, project management team(s),...
Who is ultimately responsible for an organization's contingency planning and execution? Senior leadership, project management team(s), Chief Information Officer, or Chief Security Officer? Why do you think so?
CS-320 Software Test Automation & QA Why is test management important? In other words, what are...
CS-320 Software Test Automation & QA Why is test management important? In other words, what are the risks of not appropriately verifying and validating your code? Describe the role and significance of each of the following major components of test management using specific, real-world examples: Test organization Test strategies Test planning Test monitoring Configuration management What are the types of tools and technology that can be used to support software testing? Provide specific examples to illustrate each.
Which of the following is the BEST way to align security and business strategies? A. Include...
Which of the following is the BEST way to align security and business strategies? A. Include security risk as part of corporate risk management. B. Develop a balanced scorecard for security. C. Establish key performance indicators (KPIs) for business through security processes. D. Integrate information security governance into corporate governance. Correct Answer: C????? or D????? or B?????????? ______________________ Note ■ Some websites claim that the correct answer is C ("Establish key performance indicators (KPIs) for business through security processes"). Ultimately...
Contingency plans are a part of what phase of the decision-making process? Alternative generation Evaluating alternatives...
Contingency plans are a part of what phase of the decision-making process? Alternative generation Evaluating alternatives Choosing an alternative Stating the goal Implementation In a high context culture, which of the following is true: Control information on a “need to know” basis. Physical context relied upon for information Prefer explicit and careful directions from someone who “knows”. Knowledge is a commodity.
What are the differences between quality and grade? What strategies can be used to ensure quality...
What are the differences between quality and grade? What strategies can be used to ensure quality planning?
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT