[Cisspstudy] Interpretation please
Holland, Brandon
hollandb at frmaint.com
Fri Jun 19 16:47:02 EDT 2009
In her book, CISSP (4th ed), page 779, under the main heading "BUSINESS
IMPACT ANALYSIS" she writes:
[...] The BCP committee must identify the threats to the company and map
them to the following characteristics:
Maximum tolerable downtime - listed as answer
Operational disruption and productivity
Financial considerations
Regulatory responsibilities - listed as answer
Reputation - listed as answer
I still would pick "Employee morale" without further understanding. I
can't bring myself to train my brain to answer a question against my
understanding. Like you said, if I got this even after being "told" the
answer, without further understanding, I'd STILL pick the wrong answer
:)
-----Original Message-----
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of Lamey, Phillip
Sent: Friday, June 19, 2009 3:34 PM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Interpretation please
Which is what I picked ... but as Sergio pointed out ... they key word
here is ANALYZE ... as oppose to ... IS PART OF ... BIA
I don't like the question at all ... I think the wording is terrible and
I would probably get caught in the same type of error on the exam.
The exam engine is from Logical Security ... I have forwarded it on to
Shon for her to review ... just in case.
Thanks for the feedback.
Phil Lamey
-----Original Message-----
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of Holland, Brandon
Sent: Friday, June 19, 2009 5:30 PM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Interpretation please
Hey I think you're testing engine messed that one up. I'm seeing in
Wikipedia and in Shon Harris that that is a critical component of the
BIA, and isn't a "distractor" at all. So, knowing that is part of your
determination, then it IS valid, and should NOT be picked. The only
answer that I can't confirm a relationship to in the BIA of those four
is Employee Morale.
-----Original Message-----
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of Lamey, Phillip
Sent: Friday, June 19, 2009 3:01 PM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Interpretation please
Also ... what does any of that have to do with Employee Morale?
I'm struggling with the logic of this one.
Phil Lamey
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of Sergio Pantoja
Sent: Friday, June 19, 2009 4:56 PM
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Interpretation please
The objectives of the BIA is to identify the organization's business
unit processes and the estimated recovery time frame for business units
(major BU in most cases), estimate the financial impacts, define the
estimated number of personnel required for recovery operations to name a
few objectives. My answer would have been MTD.
I hope this helps you.
On Fri, Jun 19, 2009 at 3:23 PM, Lamey, Phillip <phillip.lamey at cgi.com>
wrote:
I guess maybe I am not understanding what this question is asking.
Does anyone see what this question is asking clearly?
I think I need an interpretation ...
Thank you,
Phil Lamey, P.Eng.
CGI Senior Consultant
(506) 458-5020 ext. 5121
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
--
Sergio Pantoja H.
spantoja at gmail.com
System, Network and Security Administrator Linux User register #239475
Mandrake Club Member
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
More information about the cisspstudy
mailing list