cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Nitesh
Newcomer II

Disaster Recovery Plan

Dear team

 

I am preparing for upcoming CISSP exam and currently doing self study.

Need you advice for below question

 

What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?

  • A. To ensure Information Technology (IT) staff knows and performs roles assigned to each of them
  • B. To validate backup sites' effectiveness
  • C. To find out what does not work and fix it
  • D. To create a high level DRP awareness among Information Technology (IT) staff

I suppose the best answer should be Option C as finding the flaws and fixing the same should be the primary goal.

but even option A make sense.

 

Appreciate your advice on the correct answer.

 

Thanks

Nitesh

7 Replies
dcontesti
Community Champion

@Nitesh wrote 

What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?

  • A. To ensure Information Technology (IT) staff knows and performs roles assigned to each of them
  • B. To validate backup sites' effectiveness
  • C. To find out what does not work and fix it
  • D. To create a high level DRP awareness among Information Technology (IT) staff

I suppose the best answer should be Option C as finding the flaws and fixing the same should be the primary goal.

but even option A make sense.

__________________________________________________________________________

 

First,  where did you get this question?

 

Second, A is partially right but in a real disaster you might not have all the IT staff and you might need to use other folk to do the work (that is, you might an UNIX guide follow the instructions to boot a windows box or vice versa or you might only have your B or C team available).

 

The optimal answer is C, you want to walk through the plan and try to learn about the weaknesses within your plan, such that you can find rapid solutions and document them 

 

So I would also say that B could be correct.  If you are using a backup site (hot or cold), part of the exercise is to determine whether that site has the capacity/bandwidth to handle the recovery. 

 

I am not the author of the question but I assume that they are lumping A and B into C, making C the best answer to the question.

 

As to D, testing the plan would not provide high level awareness with IT staff.

 

My take on the question.

 

Anyone else

 

d

 

 

JKWiniger
Community Champion

I really don't like questions because they seem so subjective you me. I worked at a company where they had almost no backups when I got there and they did not like it when I told them the needed to spend 10K on backup tapes. The problem was even though I was able to get everything to be backed up I did not thing to test the backups and sure enough one tape drive was faulty! I never gave any king of error but the backups did not work!

 

So because of this I would go with answer C, but you need to take the mentality of the Organization into account. Some focus on the best operational answer where I have seem others focus on the best management answer. To me, all answers are valid, but they always seem to want "the best" answer.

 

Just something to think about.

 

John-

rslade
Influencer II

> dcontesti (Community Champion) posted a new reply in Exam Preparation on 11-29-2020 01:07 PM in the (ISC)² Community :

> @Nitesh wrote  What is the MAIN reason for testing a Disaster Recovery Plan
> (DRP)?
> A. To ensure Information Technology (IT) staff knows and performs
> roles assigned to each of them
> B. To validate backup sites' effectiveness
> C. To find out what does not work and fix it
> D. To create a high level DRP
> awareness among Information Technology (IT) staff

> __________________________________________________________________________

>   First,  where did you get this question?

Yeah, I'd agree. This is definitely a "four right answers" question, but there doesn't
seem to be any *strong* reason to prefer one over any other.

>   The optimal answer is C, you want
> to walk through the plan and try to learn about the weaknesses within
> your plan, such that you can find rapid solutions and document them

Agreed, although weakly: answer C does have the broadest application.

>   As to D, testing the plan would not provide
> high level awareness with IT staff.

Oh, come on, Diana. Even 20 years ago we were teaching about the value of using
a full-on simulation test for awareness training (although it definitely does limit D
as an answer).

>   My take on the question.   Anyone
> else

Didja miss me? (No, of course not ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Le mieux est l'ennemi du bien - The best is the enemy of the good
- Voltaire
By induction, the TERRIBLE is the enemy of the WORST...
- PGN, 20100730
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
dcontesti
Community Champion

@rslade wrote

 


>   As to D, testing the plan would not provide
> high level awareness with IT staff.

Oh, come on, Diana. Even 20 years ago we were teaching about the value of using
a full-on simulation test for awareness training (although it definitely does limit D
as an answer).

 

Rob, yes 20 years ago we were teaching the value of full-on simulation but if we were doing it right, this training provided the high level knowledge.  The actual exercise provided either sheer panic in some staff or quiet acknowledgement.  I never had to explain why we were doing the exercise whilst doing one.  So I stand by my original statement D is a throwaway answer.

 

d

 

Nitesh
Newcomer II

I did get this question while practicing for the exam online.
The source is examtopics.com

Thanks
Nitesh

CISOScott
Community Champion


@Nitesh wrote:

What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?

  • A. To ensure Information Technology (IT) staff knows and performs roles assigned to each of them
  • B. To validate backup sites' effectiveness
  • C. To find out what does not work and fix it
  • D. To create a high level DRP awareness among Information Technology (IT) staff

I suppose the best answer should be Option C as finding the flaws and fixing the same should be the primary goal.

but even option A make sense.

 

Appreciate your advice on the correct answer.

 

Thanks

Nitesh


Remember that when you do testing of your plans, BCP, DRP, COOP, etc. it is usually done in a controlled manner and not during an actual emergency. The reason we do this is to know that, during an emergency things works as planned. Doing controlled and planned tests allow you the time to find resources to fix any identified errors in your plan.

So if your backup solution or your DRP did not work as planned (C)  how would 

A) IT people knowing their roles help any? 

B) Validating the backup site's effectiveness be of any importance? If the backups didn't work I would say that the site isn't effective. Well technically the backup solution is not effective, the site where it sits may not make any difference.

D) IT staff having a high level of DRP awareness help you get back up and running?

To me, even though the other answers are partially correct and are desired outcomes, the question asks the main reason for testing a DRP plan. The main thing is to find out what works and what doesn't work during a CONTROLLED exercise and not during an actual emergency. Then you have plenty of time to find money, resources, or other needed items to make the DRP work so that it would be ready during an actual emergency.

rslade
Influencer II

> CISOScott (Community Champion) posted a new reply in Exam Preparation on 12-01-2020 01:08 PM in the (ISC)² Community :


>   Remember that when you do
> testing of your plans, BCP, DRP, COOP, etc. it is usually done in a
> controlled manner and not during an actual emergency.

There *is* one form of testing that is very close to an actual emergency, and that
is the "full interruption" test (aka "pushing the Big Red Button"). ("Big Red
Button" is a general reference to any form of emegency kill switch.) The first
step in any full interruption test is "update your resume." Lots can go wrong, and
it's the fault of the person who called for a full interruption test, so it's a serious
danger to your career.

Once upon a time the IT, infosec, and BCP guys were talking to the CEO (of an
airline) about the BCP, and saying how prepared they were. This discussion was
taking place in the machine room, which is always dangerous. The CEO hit the
actual Big Red Button and said "Prove it." Several things were wrong with the
BCP and the company lost $20 million.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
The young man knows the rules but the old man knows the
exceptions. - Oliver Wendell
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468