An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?
An incident recovery plan is a statement of actions that should be taken before, during or after an incident. Identify which of the following is NOT an objective of the incident recovery plan?
An incident recovery plan typically focuses on actions to be taken to recover from an incident, such as ensuring the reliability of systems, providing standards for testing the plan, and maintaining key business processes. However, avoiding legal liabilities is not generally an objective of the incident recovery plan. This aspect would typically be the responsibility of legal and compliance departments, not part of the recovery process itself.
I am going with C since "Creating new business processes to maintain profitability after incident" could be considered a post incident leason learned, making it an objective of the incident recovery plan.
A or C? Objectives of incident recovery plan are - provide security to computers - optimize risks - provide assurance to realibility - provide standards for testing - reduce decision making during an incident
anyone can explain? A or C?
I couldn’t find anything related to this in the book but I think it will most likely be A
same here. but incident recovery doesn't also avoid legal liabilities right? so really torn between the two. but i'd go with letter C here
wanna setup a study group chat mate?
Answer is A as per book
The answer is C because legal has nothing to do with instant response; however, creating a new business plan is a lesson learned the last step of an incident response plan
business plan should be updated after risk assessment. e.g. avoidance, acceptance.