Domain 2 Flashcards
Incident Response, Business Continuity, and Disaster Recovery
The Incident Response plan
responds to unexpected changes in operating conditions to keep the business operating
The Business Continuity plan
enables the business to continue operating throughout the crisis
The Disaster Recovery plan
is activated to help the business return to normal operations as quickly as possible if both the Incident Response and Business Continuity plans fail
What term is sometimes used interchangeably with “incident management”?
What is the purpose of a red book in the context of business continuity?
To serve as a hard copy backup accessible outside the facility
Business Continuity planning
the proactive
development of procedures to
restore business operations after
a disaster or other significant
disruption to the organization
Why are notification systems and call trees important in a business continuity plan?
To alert personnel when the BCP is being enacted
What is a key outcome of a Business Impact Analysis (BIA)?
Identification of functions and dependencies
What is the first phase in the components of an incident response plan?
Preparation
What is the next step after detection and analysis in the incident response process?
Finding the appropriate containment strategy
Disaster recovery refers specifically to
restoring the information technology and
communications services and systems
needed by an organization, both during the
period of disruption caused by any event
and during restoration of normal services
What is the primary distinction between business continuity planning (BCP) and disaster recovery planning (DRP)?
DRP is about restoring IT, while BCP focuses on business operations
Which of the following is very likely to be used in a disaster recovery (DR) effort?
Data backups
What is the purpose of the Executive Summary in a Disaster Recovery Plan?
To offer a high-level overview of the plan
