ISC2-CC Domain 2: Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts Welcome to your ISC2-CC Domain 2: Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts 1. CC: Business Continuity Disaster Recovery and Incident Response Concepts In the context of business continuity planning, which of the following is the MOST critical factor to consider when determining the Recovery Time Objective (RTO) for a critical system? A. The cost of downtime per hour for the system. B. The system's role in daily operations. C. The maximum tolerable period of disruption for the system. D. The geographic location of the system's backups. None 2. CC: Business Continuity Disaster Recovery and Incident Response Concepts During an incident response, which of the following steps should be taken FIRST when a breach is detected? A. Begin data recovery procedures immediately. B. Notify external authorities and stakeholders. C. Isolate affected systems to prevent further compromise. D. Conduct a post-incident review to identify lessons learned. None 3. CC: Business Continuity Disaster Recovery and Incident Response Concepts In disaster recovery planning, what is the PRIMARY purpose of an off-site data backup? A. To facilitate rapid access to data in case of a system failure. B. To comply with industry regulations regarding data preservation. C. To ensure data availability in the event of a geographical disaster. D. To reduce the overall cost of the disaster recovery process. None 4. CC: Business Continuity Disaster Recovery and Incident Response Concepts Which of the following is the MOST important factor to consider when developing a business continuity plan (BCP) for an organization? A. The technology stack used by the organization. B. The critical business processes that must be maintained. C. The organization's annual revenue. D. The number of employees in the organization. None 5. CC: Business Continuity Disaster Recovery and Incident Response Concepts What is the PRIMARY goal of conducting a Business Impact Analysis 'BIA'? A. To identify and prioritize the organization's risks. B. To determine the impact of disruptions on business operations. C. To assess the organization's compliance with legal requirements. D. To evaluate the effectiveness of current security measures. None 6. CC: Business Continuity Disaster Recovery and Incident Response Concepts In the context of incident response, what is the significance of having a predefined communication plan? A. To ensure the incident response team can work remotely. B. To guarantee the fastest technical resolution to the incident. C. To provide clear guidelines for internal and external communication. D. To document all actions taken for legal purposes. None 7. CC: Business Continuity Disaster Recovery and Incident Response Concepts Which of the following is the MOST critical element to include in a disaster recovery plan (DRP) for IT systems? A. A detailed budget for disaster recovery expenses. B. A list of all employees and their contact information. C. Detailed procedures for restoring systems and data. D. A catalog of all software licenses and agreements. None 8. CC: Business Continuity Disaster Recovery and Incident Response Concepts When assessing the effectiveness of a business continuity plan (BCP), which of the following metrics is MOST valuable? A. The total cost of implementing the BCP. B. The Recovery Time Objective (RTO) alignment with business needs. C. The number of documented recovery strategies. D. The frequency of BCP updates. None 9. CC: Business Continuity Disaster Recovery and Incident Response Concepts In incident response, the concept of "lessons learned" is MOST closely associated with which phase? A. Preparation B. Detection and Analysis C. Containment, Eradication, and Recovery D. Post-Incident Activity None 10. CC: Business Continuity Disaster Recovery and Incident Response Concepts Which of the following best describes the purpose of a hot site in disaster recovery planning? A. A location where backup media is stored off-site. B. A fully equipped facility where operations can be immediately resumed. C. A secure facility for the incident response team to meet during a disaster. D. A temporary office space with basic amenities but no pre-installed equipment. None 11. CC: Business Continuity Disaster Recovery and Incident Response Concepts When developing an incident response plan, which of the following is the MOST critical component to ensure effective response actions? A. The availability of a dedicated incident response team. B. The inclusion of an automatic data backup system. C. The detailed list of potential incidents and their definitions. D. The integration of the plan with the organization's overall security policy. None 12. CC: Business Continuity Disaster Recovery and Incident Response Concepts In the framework of business continuity management, which of the following is the MOST essential reason for conducting a risk assessment? A. To fulfill insurance requirements. B. To identify and prioritize potential threats to business operations. C. To allocate budget more effectively across departments. D. To comply with local and international regulatory standards. None 13. CC: Business Continuity Disaster Recovery and Incident Response Concepts During the disaster recovery process, what is the PRIMARY purpose of conducting a gap analysis between current recovery capabilities and desired recovery objectives? A. To enhance the technical skills of the IT staff. B. To identify deficiencies and areas for improvement in the recovery plan. C. To reduce the overall cost of the disaster recovery process. D. To increase stakeholder confidence in the recovery plan. None 14. CC: Business Continuity Disaster Recovery and Incident Response Concepts Which of the following best describes the role of a cold site in a disaster recovery scenario? A. A fully operational secondary office location. B. An alternate facility with infrastructure but without pre-installed equipment. C. A virtual environment activated only during an incident. D. A secure storage location for backup data and software. None 15. CC: Business Continuity Disaster Recovery and Incident Response Concepts In incident response planning, which of the following is the MOST critical factor for ensuring the effectiveness of the plan? A. The frequency of incident simulation exercises. B. The technological tools available for incident detection. C. The level of training provided to the incident response team. D. The speed of external communication to media. None 16. CC: Business Continuity Disaster Recovery and Incident Response Concepts What is the PRIMARY goal of a business continuity plan (BCP) test? A. To fulfill audit requirements. B. To verify the effectiveness of the plan under simulated conditions. C. To train new employees on their roles during an incident. D. To satisfy stakeholder demands for organizational resilience. None 17. CC: Business Continuity Disaster Recovery and Incident Response Concepts In the context of disaster recovery strategies, what is the significance of an RPO (Recovery Point Objective)? A. It defines the maximum tolerable amount of data loss measured in time. B. It outlines the total budget allocated for disaster recovery efforts. C. It specifies the minimum required bandwidth for remote backup. D. It identifies the critical personnel needed for recovery operations. None 18. CC: Business Continuity Disaster Recovery and Incident Response Concepts Which of the following elements is MOST critical to include in an incident response plan (IRP) to ensure its comprehensiveness? A. A list of potential sanctions for employees causing an incident. B. Detailed contact information for all stakeholders. C. A catalog of all IT assets and their criticality. D. Specific steps for containment, eradication, and recovery for different types of incidents. None 19. CC: Business Continuity Disaster Recovery and Incident Response Concepts In the process of incident response, what is the PRIMARY reason for classifying incidents based on severity? A. To determine the appropriate level of media disclosure. B. To allocate budget resources for incident management. C. To prioritize response efforts and resource allocation. D. To comply with industry-specific regulatory requirements. None 20. CC: Business Continuity Disaster Recovery and Incident Response Concepts What is the MOST important consideration when selecting a disaster recovery site location? A. Proximity to the primary business location. B. Cost of the site and related expenses. C. Risk of natural disasters in the area. D. Availability of skilled IT personnel in the vicinity. None 1 out of 20 Time is Up! Time's up
