Effective CISSP Questions

You are developing a backup strategy to support the information system contingency plan (ISCP) that must meet the recovery time objective (RTO) and recovery point objective (RPO) determined in the business continuity plan (BCP). The full backup is scheduled at midnight on Sundays. It takes 7 hours to restore the full backup, differential or incremental backup would be restored afterward. Given the MTD (Maximum Tolerable Downtime) is 24 hours, RTO is 7 hours, and RPO is 1 hour, which of the following is the best decision?
A. Perform a full backup on Sunday and incremental backups on every one hour.
B. Perform a full backup on Sunday and differential backups on every one hour.
C. Perform a full backup every day
D. Call a meeting to review the objectives

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Call a meeting to review the objectives.

Security Planning Process

Source: NIST SP 800-18 R1

Recovery Time Objective (RTO) defines the maximum amount of time that a system resource can remain unavailable. In other words, how soon a system resource should be recovered.

Since RTO is 7 hours, the system should be recovered in 7 hours. If restoring the full backup takes 7 hours, restoring incremental or differential backups also takes some time. In this case, the 7-hour is unachievable, given any backup strategy. Moreover, imagine that the system will be restored at the alternate site or rebuild from scratch. It takes far more time to recover the system.

The best decision is to call a meeting to review the objectives and document in the Plan of Action and Milestone (POA&M). According to NIST SP 800-24 R1, “when it is not feasible to immediately meet the RTO and the MTD is inflexible, a Plan of Action and Milestone should be initiated to document the situation and plan for its mitigation.”



您正在發展備份策略以支持資息系統應變計劃(ISCP),該計畫必須滿足業務連續性計畫(BCP)所規定的復原時間目標(RTO)和復原資料點目標(RPO)。 完整備份計畫在星期日的午夜進行。 恢復完整備份需要7個小時,之後再進行差異備份或增量備份。 如果MTD為24小時,RTO為7小時而RPO為1小時。 以下哪項是最佳決定?
A. 在星期日執行完整備份,並在每一個小時執行一次增量備份。
B. 在星期日執行完整備份,每隔一小時執行差異備份。
C. 每天執行一次完整備份
D. 召開會議以重新檢視目標

1 thought on “CISSP PRACTICE QUESTIONS – 20200225

Leave a Reply