(ISC)2 Certified in Cybersecurity Practice Exam

During which process would a company assess whether it can recover its operations after a data breach?

• A. Vulnerability assessment
• B. Threat modeling
• C. Business impact analysis
• D. Risk assessment

The correct answer is: Business impact analysis

The process during which a company assesses whether it can recover its operations after a data breach is known as business impact analysis (BIA). BIA focuses on identifying and evaluating the potential effects of a disruptive event, such as a data breach, on business operations. It is designed to help organizations understand the critical functions, processes, and resources that are necessary for continued operation and to quantify the impact on those operations if they were to experience a disruption. Through BIA, companies can determine recovery time objectives (RTO), the maximum tolerable downtime (MTD), and prioritize recovery efforts based on the importance of various functions. This analysis allows organizations to create effective business continuity plans and disaster recovery strategies essential for maintaining operations and minimizing losses following a breach. Vulnerability assessment entails identifying, classifying, and prioritizing vulnerabilities in systems, while threat modeling focuses on understanding the potential threats to those systems and their impact. Risk assessment involves evaluating the risks to the organization’s assets and determining the likelihood and consequences of those risks, but it does not specifically focus on recovery after a breach.