BCS CISMP-V9 Exam Actual Questions

Dumpster diving refers to the practice of sifting through commercial or residential waste to find items that have been discarded but can still be of value, particularly information. In the context of information security, dumpster diving is a significant threat because it can lead to the recovery of sensitive documents, storage devices, or other materials that contain confidential data. When disposing of such items, it's crucial to ensure they are destroyed or sanitized in a manner that prevents data reconstruction or retrieval.This aligns with the BCS Information Security Management Principles, which emphasize the importance of secure disposal methods to protect against unauthorized access to or recovery of sensitive information1234.

A desk-top exercise is a form of testing for a continuity plan that involves a structured discussion around a written scenario. This scenario is used as the basis for simulation, without the activation of actual resources. It typically involves key personnel discussing the steps they would take in response to a particular set of circumstances, as outlined in the scenario. This type of exercise is designed to validate the theoretical aspects of a plan and ensure that those involved understand their roles and responsibilities. It can also highlight any gaps or issues within the plan that need to be addressed.

A battle box, in the context of business continuity, is a portable container that holds items and information essential for an organization to continue critical operations during and after a disaster. This may include contact lists, key documents, backup media, and other resources necessary for decision-making and recovery efforts. The concept of a battle box aligns with theDisaster Recovery and Business Continuity Managementdomain of Information Security Management Principles, which emphasizes the importance of preparedness and the ability to respond effectively to incidents that disrupt business operations.

http://www.battlebox.biz/why.asp

Arson is an act of intentionally setting fire to property for malicious reasons. It is a criminal act and is not classified as a natural disaster. Natural disasters are events that occur due to natural processes of the Earth, such as tsunamis, lightning strikes, and other weather-related events. An electromagnetic pulse can be a natural event if it is caused by solar flares or a man-made event if it is the result of a nuclear explosion.However, arson is always the result of human activity and is not caused by natural processes1.

A hot site is a type of disaster recovery facility that is fully equipped and ready to take over operation at a moment's notice. It includes HVAC, power, communications infrastructure, computing hardware, and a real-time duplication of the organization's existing ''live'' data. This enables an organization to resume operations quickly after a disaster with minimal downtime. Hot sites are typically maintained at a state of readiness and can become operational almost immediately after an incident occurs. This contrasts with cold sites, which provide space and infrastructure but require installation and configuration of equipment, and warm sites, which are partially equipped with some operational resources.