nerdexam
ExamsCISSP-ISSMPQuestions#95
(ISC)2(ISC)2

CISSP-ISSMP · Question #95

CISSP-ISSMP Question #95: Real Exam Question with Answer & Explanation

The correct answer is B: Contingency plan. A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans are often devised by governments or businesses who want to be prepared for anything that could happen. Contingency plans include specific strategies and actions to deal wit

Security Operations Management

Question

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Options

  • ADisaster recovery plan
  • BContingency plan
  • CContinuity of Operations Plan
  • DBusiness continuity plan

Explanation

A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans are often devised by governments or businesses who want to be prepared for anything that could happen. Contingency plans include specific strategies and actions to deal with specific variances to assumptions resulting in a particular problem, emergency, or state of affairs. They also include a monitoring process and "triggers" for initiating planned actions. They are required to help governments, businesses, or individuals to recover from serious incidents in the minimum time with minimum cost and disruption. Answer option C is incorrect. It includes the plans and procedures documented that ensure the continuity of critical operations during any period where normal operations are impossible. Answer option A is incorrect. Disaster recovery planning is a subset of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications (such as networking), and other IT infrastructure. A business continuity plan (BCP) includes planning for non-IT related aspects such as key personnel, facilities, crisis communication, and reputation protection, and should refer to the disaster recovery plan (DRP) for IT-related infrastructure recovery/continuity. Answer option D is incorrect. Business continuity planning (BCP) is the creation and validation of a practiced logistical plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption. The logistical plan is called a business continuity plan. The BCP lifecycle is as follows:

Topics

#Contingency Planning#Recovery Plans#Business Continuity#Disaster Recovery

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP-ISSMP PracticeBrowse All CISSP-ISSMP Questions