Disaster recovery plans are critical to ensuring the continuity of business operations. Like any security control, they should be tested to ensure that they function properly and will be ready to restore business operations in the event of a disruption. In this video, learn about the different types of tests that evaluate the effectiveness of business continuity and disaster recovery plans, including read-through tests, walk-through tests, simulations, parallel tests, and full interruption tests.
- [Instructor] Disaster recovery plans are critical…to ensuring the continuity of business operations.…As with any security control,…disaster recovery plans should be tested…to ensure that the plan functions properly…and will be ready to restore business operations…in the event of a disruption.…Each test of a disaster recovery plan has two goals.…First, it validates that the plan functions correctly…and that disaster recovery technology will work…in the event of an actual disaster.…
Second, the disaster recovery test provides…an opportunity to identify necessary updates to the plan…due to technology or business process changes.…Let's talk about five types of disaster recovery testing.…Read-throughs, walk-throughs,…simulations, parallel tests,…and full interruption tests.…Read-throughs are the simplest form…of disaster recovery testing.…They're also known as checklist reviews.…
In this approach, disaster recovery staff distribute…copies of the current plan to all personnel involved…in disaster recovery efforts…and ask those personnel to review their procedures.…
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A completed Learning Path of the series will be available once all the courses are released.
- Using security assessment tools
- Scanning for vulnerabilities
- Threat assessment techniques
- Performing penetration testing
- Reviewing monitor logs
- Performing code reviews
- Performing fuzz testing and misuse case testing
- Analyzing coverage
- Assessing disaster recovery sites and backups
- Testing BC/DR plans
- Collecting security process data and metrics
- Auditing and control management