Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP > Domain 7: BCP/DRP > Flashcards

Domain 7: BCP/DRP Flashcards

1
Q

Plan that ensures that a business will continue to operate before, throughout, and after a disaster event is experienced

A

Business Continuity Planning (BCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • Short-term plan for dealing with specific IT-oriented disruptions
  • Also can be apart of the BCP
A

Disaster Recovery Plan (DRP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List the documents inside of a BCP

A
  1. Continuity Planning Goals
  2. Statement of Importance
  3. Statement of Priorities
  4. Statement of Organizational Responsibility
  5. Statement of urgency and Timing
  6. Risk Assessment
  7. Risk Acceptance/Mitigation
  8. Vital records Program
  9. Emergency-Response Guideline
  10. Testing and exercises
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • Disaster Recovery Process step

- We assess the event to see if it constitutes as a disaster

A

Respond

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  • Disaster Recovery Process step

- After disaster is declared we initiate the recovery team

A

Activate team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  • Disaster Recovery Process step
  • Ensures consistent timely status updates are delivered back to the central team managing the response and recovery process
  • Interaction must often occur out-of-band
A

Communicate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  • Disaster Recovery Process step
  • More thorough evaluation carried out to determine the extent of the damage and to determine the proper steps necessary to ensure the organizations’ ability to meet its mission
A

Assess

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  • Disaster Recovery Process step

- The successful recovery of critical business operations at either a primary or secondary site

A

Reconstitution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

List the 4 steps of the Business Continuity Planning process

A
  1. Project Scope and planning
  2. Business Impact Analysis (BIA)
  3. Continuity Planning
  4. Approval and Implementation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The BCP Project Scope and planning process includes what steps?

A
  • Business Organization Analysis
  • BCP Team selection
  • Resource requirements
  • Legal and regulatory requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • BCP Project Scope and planning process
  • Identifies all depts. and individuals that have a stake in the BCP process
  • Foundation for BCP team selection
  • Used to guide the next stages of BCP development
A

Business Organization Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The BCP team should include what members?

A

At minimum representatives from each of the operational and support departments

  • IT dept.
  • IT security
  • Facility management
  • Attorneys
  • HR
  • Public relations
  • Senior management representatives
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  • BCP Project Scope and planning process
  • Testing, training and maintenance phases of BCP that will require some hardware and software commitments
  • Full-scale implementation
  • Materials consumed by the BCP team
A

Resource requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  • BCP Project Scope and planning process

- Ensures organization remains compliant with, laws, regulations, and contractual obligations

A

Legal and regulatory requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  • Business Continuity Planning process

- Focuses on developing and implementing strategy to minimize the impact realized risks might have on protected assets

A

Continuity Planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  • Continuity Planning process

- In this step it its determined which risks will be addressed by the BCP

A

Strategy development

17
Q
  • Continuity Planning process
  • BCP team designs specific procedures and mechanism that will mitigate the risks deemed unacceptable during the strategy development stage
A

Provisions and processes

18
Q

What are three categories of assets that must be protected through BCP provisions and processes?

A
  1. People
  2. Buildings /Facilities
  3. IT Infrastructure
19
Q
  • Business Continuity Planning process
  • BCP should should be endorsed by top executive at the company i.e. CEO
  • Once endorsed a schedule is created to apply the BCP
A

Approval and Implementation

20
Q
  • BCP Document
  • Describes the goals set forth by the BCP team and senior management for the plan
  • i.e. call center should experience no more than 15 consecutive minutes of downtime
A

Continuity Planning Goals

21
Q
  • BCP Document
  • Letter to organization’s employees stating the reason that the organization devoted resource to the BCP development process and requesting cooperation with the BCP implementation
A

Statement of Importance

22
Q
  • BCP Document
  • Lists the functions considered critical to continued business operations in a ranked order
  • Doc comes from business impact assessment phase
A

Statement of Priorities

23
Q
  • BCP Document
  • Restates the org commitment to the BCP and informs all employees they are expected to do everything they can to assist with the BCP process
  • Can be incorporated into the same letter as the Statement of Importance
A

Statement of Organizational Responsibility

24
Q
  • BCP Document
  • Expresses the criticality of implementing the BCP and outlines the implementation timetable decided on by the BCP team and agreed to by senior management.
A

Statement of Urgency and Timing

25
Q
  • BCP Document
  • Includes all the risks considered during the BIA as well as the quantitative and qualitative analyses performed to assess these risks.
A

Risk Assessment

26
Q
  • BCP Document
    Categorizes each risk identified as either:
    1. acceptable - why org should not be worried and future events that cause reconsideration
    2. unacceptable - outlines provisions and processes put into place to reduce risk
A

Risk Acceptance/Mitigation

27
Q
  • BCP Document
  • States where critical business records will be stored and the procedures for making and storing backup copies of those records.
A

Vital Records Program

28
Q
  • BCP Document

- Outline the organizational and individual responsibilities for immediate response to an emergency situation.

A

Emergency-Response Guideline

29
Q
  • BCP Document

- Ensures the plan remains current and that all personnel are trained to perform their duties in the event of a disaster

A

Testing and exercises

CISSP (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions