Business Continuity and Disaster Recovery Planning | SSCP Exam Preparation

Business Continuity and Disaster Recovery Planning

Prev Question Next Question

Question

Business Continuity and Disaster Recovery Planning (Primarily) addresses the:

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The Information Technology (IT) department plays a very important role in identifying and protecting the company's internal and external information dependencies.

Also, the information technology elements of the BCP should address several vital issue, including: Ensuring that the company employs sufficient physical security mechanisms to preserve vital network and hardware components.

including file and print servers.

Ensuring that the organization uses sufficient logical security methodologies (authentication, authorization, etc.) for sensitive data.

& VINES, Russel.

D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, page 279.

Business Continuity and Disaster Recovery Planning primarily addresses the availability of the CIA triad.

The CIA triad stands for Confidentiality, Integrity, and Availability, which are three crucial aspects of information security. Confidentiality refers to protecting information from unauthorized access or disclosure, Integrity refers to ensuring the accuracy and completeness of information, and Availability refers to ensuring that information is accessible when needed.

Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) are two important aspects of information security that focus on ensuring the availability of information systems and data in case of unexpected events such as natural disasters, cyber-attacks, or equipment failures.

Business Continuity Planning (BCP) is the process of developing strategies and procedures that ensure the continuous operation of an organization in the face of disruption. BCP ensures that critical business functions can continue to operate during and after a disruption, minimizing the impact on the organization.

Disaster Recovery Planning (DRP) is the process of creating a plan for recovering IT infrastructure and operations after a disaster. DRP aims to minimize the downtime and data loss resulting from a disaster and ensure that the IT infrastructure can be restored to normal operation as quickly as possible.

Both BCP and DRP focus on ensuring the availability of information systems and data, making sure that critical business functions can continue to operate during and after a disruption. Therefore, Business Continuity and Disaster Recovery Planning primarily address the availability aspect of the CIA triad.

While confidentiality and integrity are also important aspects of information security, they are not the primary focus of BCP and DRP. However, they are considered in the planning process and can be addressed through additional security measures such as access control, encryption, and data backup.

Therefore, the correct answer is A. Availability of the CIA triad.