Disaster recovery plans are critical to ensuring the continuity of business operations. Like any security control, they should be tested to ensure that they function properly and will be ready to restore business operations in the event of a disruption. In this video, learn about the different types of tests that evaluate the effectiveness of business continuity and disaster recovery plans, including read-through tests, walk-through tests, simulations, parallel tests, and full interruption tests.
- [Instructor] Disaster recovery plans are critical…to ensuring the continuity of business operations.…As with any security control,…disaster recovery plans should be tested…to ensure that the plan functions properly…and will be ready to restore business operations…in the event of a disruption.…Each test of a disaster recovery plan has two goals.…First, it validates that the plan functions correctly…and that disaster recovery technology will work…in the event of an actual disaster.…
Second, the disaster recovery test provides…an opportunity to identify necessary updates to the plan…due to technology or business process changes.…Let's talk about five types of disaster recovery testing.…Read-throughs, walk-throughs,…simulations, parallel tests,…and full interruption tests.…Read-throughs are the simplest form…of disaster recovery testing.…They're also known as checklist reviews.…
In this approach, disaster recovery staff distribute…copies of the current plan to all personnel involved…in disaster recovery efforts…and ask those personnel to review their procedures.…
Looking for study partners?Join the CISSP Exam study group
Learn about security assessment and testing practices needed to prepare for the Certified Information Systems Security Professional (CISSP) exam. CISSP—the industry's gold standard certification—is necessary for many top jobs. This course helps you approach the exam with confidence by providing coverage of key topics, including threat assessment, log monitoring, and software testing. It also covers disaster recovery and security process assessment. Students who complete this course will be prepared to answer questions on the sixth CISSP exam domain: Security Assessment and Testing.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management