Secure Software Lifecycle Professional – CSSLP – Question297

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

A.
Disaster recovery plan
B. Business continuity plan
C. Continuity of Operations Plan
D. Contingency plan

Correct Answer: D

Explanation:

Explanation: A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans include specific strategies and actions to deal with specific variances to assumptions resulting in a particular problem, emergency, or state of affairs. They also include a monitoring process and triggers for initiating planned actions. Answer: A is incorrect. Disaster recovery is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Answer: B is incorrect. It deals with the plans and procedures that identify and prioritize the critical business functions that must be preserved. Answer: C is incorrect. It includes the plans and procedures documented that ensure the continuity of critical operations during any period where normal operations are impossible.