My answer is A. The BCP addresses overall business operations and continuity, not just the immediate response to security incidents. manual business operation process can be kicked off while waiting for the system up and running. The IRP, on the other hand, is tailored to handle security events specifically, making it the most effective in reducing their potential impact.
Well, if the objective of containment is to reduce the impact of the incident, and we know that "containment" is one of the steps of incident response, then I'd say the correct answer here is A.
The correct answer is B. Business continuity plan (BCP). A BCP is designed to help minimize the impact of a security event, such as a natural disaster, cyber attack, or other unforeseen event, and ensure the continuity of your business operations.
Security awareness is most relevant to reducing the likelihood of an incident, especially those related to social engineering and policy non-compliance.
IRP's main focus is to reduce the impact/damage of the incident through containment. When the incident reaches a pre-defined threshold (RTO, RPO, SDO...), it is escalated to BCP which then focusses on the continuity of operations at acceptable level using minimum resources. It is an ongoing activity, or as mentioned in ISACA REVIEW MANUAL, ' a continuous process. DRP primarily focusses on recovering operations rather than reducing impacts.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Booict
3 months, 3 weeks agoMarcelus1714
9 months, 1 week agoAlexJacobson
9 months, 3 weeks agoAlexJacobson
9 months, 3 weeks agoAaronS1990
1 year, 2 months agoRowlandmarc
1 year, 3 months agokoala_lay
1 year, 3 months agoGoseu
1 year, 4 months agoCISSPST
1 year, 4 months agorichck102
1 year, 4 months ago