Security Incident Response and Recovery

Correct Answer: A cyberattack is any attempt to gain unauthorized access to a system or network, while a data breach is any unauthorized access to, or exfiltration of sensitive data.

A cyberattack is a deliberate attempt to gain unauthorized access to a system or network using various methods such as malware, phishing, and social engineering. Data breaches, on the other hand, are the result of successful cyberattacks that involve the unauthorized access, theft, or exfiltration of sensitive data from a compromised system or network. Cyberattacks are thus a means to an end, while data breaches are the outcome of such attacks that can result in reputational harm, loss of revenue, and legal liabilities.

Correct Answer: Penetration Testing

Penetration testing is not a typical component of a Disaster Recovery Plan (DRP). Backup and Recovery Procedures, Designation of Responsibilities, Contact Information for Key Personnel and Vendors, Alternative Processing Sites, and Recovery Prioritization are all common components of a DRP. Penetration testing is related to a security testing program that assesses the security of an information system by deliberately trying to circumvent its defenses.

Correct Answer: An event is any observable occurrence in a system or network, while an incident refers to an event that has significant impact on the system or network.

Events include any occurrence that can be detected or recorded in a system, while incidents go beyond events and are those that have caused harm or damage or have the potential to cause harm or damage to the system or its users. It is important to differentiate between the two because while events are routine, incidents require immediate attention and response to minimize their impact.