Activity
Mon
Wed
Fri
Sun
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
What is this?
Less
More

Memberships

CISSP Study Group

Public β€’ 968 β€’ Free

31 contributions to CISSP Study Group
Types of Controls
Remember that detective, recovery, and corrective controls are enforced after an incident is present. However, deterrent, directive, preventive, and compensating controls are applicable before an incident takes place. It is always better to stop something bad from happening than it is to deal with it after it has happened. Witcher, Rob; Berti, John; Hablas, Lou; Mitropoulos, Nick. Destination CISSP: A Concise Guide (p. 130). Destination Certification Inc.. Kindle Edition.
2
0
The Devil is in the Details - Recovery and restoration
While the distinction between restoration and recovery might seem straightforward, the nuanced differences can have significant implications for cybersecurity. - Recovery often focuses on the immediate resumption of business operations. This might involve activating disaster recovery plans, transitioning to redundant systems, or temporarily outsourcing critical functions. - Restoration, on the other hand, is a more comprehensive process that aims to return a compromised system or network to its original state. This can include forensic investigations, remediation of vulnerabilities, and rebuilding damaged infrastructure. A common oversight is assuming that recovery alone is sufficient. While it's essential to maintain business continuity, a hasty return to operations without a thorough restoration could leave systems vulnerable to future attacks. In the context of business continuity and disaster recovery planning (BCDR), what is the Recovery Point Objective (RPO) in terms of data recovery? A. The RPO is the minimum amount of data that needs to be recovered.B. The RPO is the amount of time it takes to recover an acceptable percentage of data lost.C. The RPO is a goal to recover a targeted percentage of data lost.D. The RPO is the maximum amount of time for which loss of data is acceptable. Explanation: The Recovery Point Objective (RPO) is a critical metric in BCDR planning. It defines the maximum amount of data loss that an organization can tolerate before it negatively impacts business operations. In other words, it specifies the oldest acceptable backup or recovery point.
5
0
Risk response and control
[attachment]
0
1
New comment Sep 18
Risk response and control
1-10 of 31
@misterfonzie-samuraijack-2147
Another galaxy, another cert, another life...

Active 12d ago
Joined Aug 15, 2024
Norfolk, VA
powered by