Free ISACA CISM Actual Exam Questions - Question 15 Discussion

B imo, having a solid plan ensures you can restore from backups effectively, not just having data.

B vs C, but B’s plan actually directs recovery actions, not just storing data.

It’s C because offsite backups keep your data safe from local threats like ransomware or hardware failure, making recovery much smoother than just relying on a plan or encrypted drives.

B Recovery isn’t just about having the data, it’s also about having a clear plan to get systems back up and running quickly. A disaster recovery plan outlines the steps, roles, and processes needed after an incident, so it’s crucial for effective recovery. Offsite backups (C) are important, but without a plan to use them, you could still struggle.

C imo. Offsite data backups are usually the safest bet to recover data after an attack since they’re separate from the main systems and not affected by things like ransomware or physical damage. A and D might help protect or store data but won’t really help *recover* it if it’s lost. B is important too, but a disaster recovery plan depends on having good backups in the first place. Seen questions similar that aim to highlight offsite backups as the key.