Free Preparation Discussions
MENU
ISC2 CSSLP Exam - Topic 11 Question 63 Discussion
Topic #: 11
Which of the following are the types of access controls? Each correct answer represents a complete solution. Choose three.
The Recovery Point Objective (RPO) describes the acceptable amount of data loss measured in time. It is the point in time to which data must
be recovered as defined by the organization. The RPO is generally a definition of what an organization determines is an 'acceptable loss' in a
disaster situation. If the RPO of a company is 2 hours and the time it takes to get the data back into production is 5 hours, the RPO is still 2
hours. Based on this RPO the data must be restored to within 2 hours of the disaster.
Answer B is incorrect. The Recovery Time Objective (RTO) is the duration of time and a service level within which a business process
must be restored after a disaster or disruption in order to avoid unacceptable consequences associated with a break in business continuity. It
includes the time for trying to fix the problem without a recovery, the recovery itself, tests and the communication to the users. Decision time
for user representative is not included. The business continuity timeline usually runs parallel with an incident management timeline and may
start at the same, or different, points.
In accepted business continuity planning methodology, the RTO is established during the Business Impact Analysis (BIA) by the owner of a
process (usually in conjunction with the Business Continuity planner). The RTOs are then presented to senior management for acceptance.
The RTO attaches to the business process and not the resources required to support the process.
Answer D is incorrect. The Recovery Time Actual (RTA) is established during an exercise, actual event, or predetermined based on
recovery methodology the technology support team develops. This is the time frame the technology support takes to deliver the recovered
infrastructure to the business.
Answer C is incorrect. The Recovery Consistency Objective (RCO) is used in Business Continuity Planning in addition to Recovery Point
Objective (RPO) and Recovery Time Objective (RTO). It applies data consistency objectives to Continuous Data Protection services.
Felton
4 months agoGearldine
4 months agoAdelle
4 months agoMarshall
4 months agoAgustin
4 months agoBerry
5 months agoIzetta
5 months agoJulieta
5 months agoMitsue
5 months agoWayne
5 months agoFairy
5 months agoBrittni
5 months agoCherry
9 months agoShayne
9 months agoEveline
8 months agoGracia
8 months agoShannon
8 months agoRolland
8 months agoNu
9 months agoMariann
8 months agoHubert
9 months agoKarina
9 months agoAlonso
10 months agoNieves
8 months agoSilvana
8 months agoLigia
9 months agoTyisha
10 months agoMicah
8 months agoVi
8 months agoSylvie
8 months agoAnastacia
8 months agoAnglea
8 months agoJade
8 months agoRonny
9 months agoLeigha
9 months agoErasmo
9 months agoLili
9 months agoGeorgene
10 months agoHyman
10 months agoTracey
10 months agoErnestine
11 months ago