Home > Certified Information Security Manager (CISM) > Quizzes > CISM: Testing Incident Response, BCP, and DRP
CISM: Testing Incident Response, BCP, and DRP
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 47% Most missed: “Which test provides the most assurance about the effectiveness of the recovery p…”
Incident response plan (IRP) focuses on immediate response to an incident. Disaster recovery plan (DRP) focuses on restoring operations at the primary site after disasters occur. Most important is Business Continuity Plan, or BCP. Key facets of Disaster Recovery and Incident Response can be found or referenced within a BCP. Since a BCP is designed to issue guidance on the key components, objectives, and processes around continued operations during a business interruption, it is most frequently used as a blanket response plan for most types of events that can occur, which is not the correct... Show more
CISM: Testing Incident Response, BCP, and DRP
Time left 00:00
14 Questions

1. What is the most effective way to ensure that operational incident risks are managed effectively?
2. Which of the following activities increases the chance of operations resuming after a disaster?
3. What is the major challenge of an untested response plan?
4. The organization wants to test the effectiveness of its business continuity plan. However, it does want to impact its normal business operations. Which of the following tests will give the most assurance?
5. The security manager has reported a DRP test as a failure, even though all the essential services have been restored at the hot site. What is the main reason for this failure?
6. Which of the following demonstrates the difference between a parallel test and a simulation test?
7. What is the most effective way to improve the performance of the incident response team?
8. What is the most effective way to determine that the disaster recovery plan is current?
9. The organization is using the infrastructure of a third-party service provider to conduct a recovery test. After completing the test, the security manager should ensure which of the following?
10. The success of a disaster recovery test primarily depends on which of the following?
11. Which test provides the most assurance about the effectiveness of the recovery plan?
12. An organization does not want to disturb its continuous operations. Which test will be best to determine the effectiveness of the response and recovery process without impacting normal business operations?
13. When is a recovery test considered successful?
14. The security manager has noted that the system administrator has failed to report an attempted attack. This situation can be prevented by doing what?