Which of the following should be done at a disaster site before any item is removed, repaired, or replaced?
Which of the following should be done at a disaster site before any item is removed, repaired, or replaced?
Before any item is removed, repaired, or replaced at a disaster site, it is crucial to document the damage through photographs. This step is critical for maintaining an accurate record of the situation, which can be useful for insurance claims, legal purposes, and internal evaluations. Once the scene is altered, it becomes challenging to recreate the original state of damage for any investigation or claim process. Hence, taking photos of the damage provides a clear, documented reference of the incident as it originally occurred.
From a CISSP perspective, it is important to document the state of the disaster site before any item is removed, repaired, or replaced. This documentation, in the form of photographs, can be used as evidence in the event of an investigation or lawsuit.
Notify all of the Board of Directors=How? Do you know all the board members? Are they available for your notification? Take photos, use your communication channel to send it up
Communication would be the key here, presuming notifying to board of directors include the change of asset inventory
C is correct
They are all right at some point. I would go D, B, C, A
it's C; assets are tracked in an asset inventory further damage is possible if not handled with care theft could occur etc; some form of evidence for asset conditions should be captured
C. Take photos of the damage should be done at a disaster site before any item is removed, repaired, or replaced. Taking photos of the damage at a disaster site is important because it provides a record of the initial conditions and can help in the assessment of the extent of the damage. This record can be used to document the damage for insurance purposes and for use in any investigations that may be required. It can also be used to assist in the recovery process by providing a reference for what needs to be replaced or repaired. Communicating with the press (A), dispatching personnel to the disaster recovery (DR) site (B), and notifying all of the Board of Directors (D) are all important actions that may need to be taken in the event of a disaster, but they are not the first step that should be taken. The priority should be to assess the damage and document it by taking photos. In summary, taking photos of the damage is an important step that should be done at a disaster site before any item is removed, repaired, or replaced.
Why does we need to notify BOD ? Should we notify the crisis management team instead ?
From the point of view of a Certified Information Systems Security Professional (CISSP), the best answer would be C: "Take photos of the damage". This is because photographic documentation is important for maintaining the integrity of the disaster site, as well as for insurance and legal purposes. It is also important to document the damage before any remediation work is done, as this can help to support any insurance claims or legal actions that may be necessary. As a CISSP, it is important to follow best practices for disaster recovery and to ensure that all necessary documentation is collected and preserved.
It is not clear at all. D makes no sense, the recovery cannot be stop in case a BOD member is not located. C, pictures of a software? of the memory of a computer or files? the only that can have some logic is B.
this situation raise a valid point. In some cases, it may be necessary to notify the Board of Directors or senior management immediately after a disaster occurs, especially if the impact is significant and has the potential to affect the organization's operations, reputation, or financials. The decision of whether to notify the Board of Directors at the disaster site before any item is removed, repaired, or replaced would depend on the specific circumstances and the organization's incident response protocols. It's important to have clear communication channels and predefined roles and responsibilities in place to ensure effective decision-making and timely reporting to key stakeholders during a disaster. taking photo and documenting, is also very important prior of any action on ground
The answer as technicians is obvious "C", remember, we must think like a Manager, The manager would first notify the board of directors of the disaster. D is the answer
Guys yes, photos must be taken. But if the disaster is an outage, what are you gonna do with them? And you are not a technician. You are a manager. You first inform the Board of Directors
I'll go with B, we need to get DRP team employees on the site.
C , you must take picture , asking about specific thing
If we look from human safety point of view, wont option B be the correct answer? ! what is the disaster site causes threat to human life?
C , before remove anything you should picture it
B makes most sense, cant take pictures without people on-site. Nothing to indicate that board are not aware of this already. Question is specifically about what to do before items are removed.
C is the answer. BOD has already been notified once DR is declared.
I would say C. What are you going to notify the board of directors with. You need to know what the damage is so that you have something to say to them.
Secure the site material.
C. Take evidence. Also BOD are just after the stocks.
The sequence shall be, B>C>D>A send someone into site and cross check if the damage severity whether fulfill the criteria of disaster. if positive, the record the proof and notify top management, then align with press via PR channels.
There are 2 sites mentioned: disaster and disaster recovery
Answer: Send someone to the site. In studying with one of the udemy courses, I came across this outline of typical Diaster Recovery plan activation steps. I had selected 'take pictures, but now rethinking this questions based on new knowledge, the answer is send someone to the site. DR plan activation Steps: 1. Declaration of disaster 2. Activation of the DR team 3. Internal communications (ongoing from here on out) 4. Protection of human safety (e.g., evacuation) 5. Damage assessment 6. Execution of appropriate system-specific DRPs (each system and network should have its own DRP) 7. Recovery of mission-critical business processes/functions 8. Recovery of all other business processes/functions
What's the use of the picture if the outage is from the service provider's end?
Human life and safety are on the first place! If the disaster site is the site where disaster occured and the disaster recovery site is the spare site, we need to dispatch personnel to the safe place first.
C - preserve evidence
D correct. You do the CISSP exam from the point of view of a CISO not a forensic analyst. Directors is your first action
Not D - Notifying the Board is important for governance, but it is not an immediate step before handling physical assets at the disaster site.