Effective CISSP Questions

As the ERP system owner, you are developing the information system contingency plan and evaluating how soon the system should be recovered and how much data should be restored. Which of the following should you determine first to guide the recovery process? (Wentz QOTD)
A. Work recovery time
B. Recovery time objective
C. Service delivery objective
D. Maximum tolerable downtime

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. Maximum tolerable downtime.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

Business Impact Analysis (NIST)
Business Impact Analysis (NIST)

A business process that supports the delivery of products or services typically depends on one or more resources. The max tolerable downtime of a business process as a constraint is determined by business people, which drives the setting of recovery objectives of dependent resources.

Common BIA Terminologies
Common BIA Terminologies


作為 ERP 系統所有者,您正在製定信息系統應急計畫(ISCP)並評估系統應該多久恢復以及應該回存多少數據。 您應該首先確定以下哪項來指導恢復(recovery)過程? (Wentz QOTD)
A. 工作恢復時間
B. 恢復時間目標
C. 服務提供目標
D. 最大可容忍停機時間

1 thought on “CISSP PRACTICE QUESTIONS – 20210906

  1. Pingback: 最大可容忍停機時間(MTD) – Choson資安大小事

Leave a Reply