5.0 Recover Flashcards
(40 cards)
1
Q
Root cause analysis
A
2
Q
After- action report (AAR)
A
3
Q
Lessons learned
A
4
Q
Reporting and documentation
A
5
Q
Analyze incident reports
A
6
Q
Execute recovery planning processes and procedures
A
7
Q
Document and communicate results
A
8
Q
Security requirements of systems
A
9
Q
System interoperability and integration
A
10
Q
Actions
A
11
Q
Processes
A
12
Q
Tools and technologies
A
13
Q
Devices
A
14
Q
Systems
A
15
Q
Security features
A
16
Q
Management constraints
A
17
Q
Personnel security
A
18
Q
Physical structures, areas, and devices
A
19
Q
Memory forensics analysis/tools
A
20
Q
Volatility
A
21
Q
Data sources and disk images
A
22
Q
Analysis of digital evidence
A
23
Q
Analysis of digital evidence
A
24
Q
Hardware and software tools
A
25
File copying techniques
26
Logical backup
27
Bit-streaming imaging
28
File modification, access, and creation times
29
Forensic recordkeeping
30
Automated audit trails
31
Chain of custody
32
Forensic investigation
33
Forensic collection and analysis tools
34
Recovery planning processes
35
Contingency planning
36
Systems and assets
37
Lessons learned
38
Review of existing strategies
39
Implement improvements
40
Document and communicate reports, lessons learned, and advice for recovery, contingency, and continuity of operations plans
