[UPDATED Mar-2024] Best Value Available Preparation Guide for CBCP-002 Exam [Q25-Q40]

[UPDATED Mar-2024] Best Value Available Preparation Guide for CBCP-002 Exam

1 Full CBCP-002 Practice Test and 42 Unique Questions, Get it Now!

GAQM CBCP-002 (Certified Business Continuity Professional) certification exam is a globally recognized certification that validates the knowledge and skills of individuals in the field of business continuity management. Certified Business Continuity Professional (CBCP) certification is intended for professionals who are responsible for ensuring the continuity of business operations in the event of any unforeseen disruptions, such as natural disasters, cyber-attacks, or other emergencies. The CBCP-002 certification exam is an essential step for professionals seeking to enhance their knowledge and demonstrate their proficiency in business continuity management.

 

NEW QUESTION # 25
Which of the following are the four T's of risk guidance produced by by the Office of Government Commerce? (choose four)

• A. Treat
• B. Transfer
• C. Tolerate
• D. Technique
• E. Terminate
• F. Title

Answer: A,B,C,E

Explanation:
Explanation
The four T's of risk guidance produced by the Office of Government Commerce are transfer, tolerate, treat, and terminate. They are:
Transfer: This strategy involves transferring or sharing some or all of the responsibility or impact of a risk to another party, such as an insurer, a supplier, or a partner.
Tolerate: This strategy involves accepting or retaining a risk without taking any further action to reduce it, either because the risk level is acceptable or because the cost or effort of reducing it is not justified.
Treat: This strategy involves taking steps to reduce the likelihood or impact of a risk to an acceptable level, such as implementing controls, mitigations, or contingency plans.
Terminate: This strategy involves eliminating or avoiding a risk by discontinuing or changing the activity that causes it. Verified References: https://www.investopedia.com/terms/t/the-four-ts.asp
https://www.thebci.org/training-qualifications/good-practice-guidelines.html

NEW QUESTION # 26
Which risk group is associated with risk of physical assets failing/being damaged or enhanced?

• A. Strategic
• B. Technical
• C. Financial
• D. Operational

Answer: B

Explanation:
Explanation
Technical risk is the type of risk that is associated with risk of physical assets failing/being damaged or enhanced. Technical risk is the uncertainty or variability of the performance or reliability of physical assets, such as equipment, systems, infrastructure, or data. Technical risk can result from factors such as design flaws, manufacturing defects, maintenance issues, obsolescence, human error, natural disasters, or cyberattacks.
Technical risk can affect an organization's operational efficiency, quality, safety, security, or profitability.
Verified References:
https://www.investopedia.com/terms/t/technical-risk.asphttps://www.thebci.org/training-qualifications/good-prac

NEW QUESTION # 27
Which of the following exercises involve all teams?

• A. Multi-team simulation
• B. Full-scale exercise
• C. Facilitated discussion
• D. Plan walkthrough

Answer: B

Explanation:
Explanation
A full-scale exercise is a type of exercise that involves all teams. A full-scale exercise is a high-pressure exercise that simulates a realistic scenario of a disruption that affects all or most of the organization's functions and processes. A full-scale exercise tests the effectiveness and efficiency of the plans, procedures, systems, teams, and resources that are required to respond to and recover from a disruption. A full-scale exercise also evaluates the coordination and communication among all the teams and stakeholders involved.
Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a

NEW QUESTION # 28
Which of the following is a low-pressure exercise that uses presentation techniques including videos, slides, and handouts, so that participants fully understand their plans?

• A. Virtualization
• B. Facilitated discussion
• C. Plan walkthrough
• D. Single team simulation

Answer: C

Explanation:
Explanation
A plan walkthrough is a low-pressure exercise that uses presentation techniques including videos, slides and handouts, so that participants fully understand their plans1.

NEW QUESTION # 29
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.

• A. False
• B. True

Answer: B

Explanation:
Explanation
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.
This is true because one of the recovery strategies for a disaster is to have an alternate site where the critical functions and processes can be resumed until the primary site is restored or replaced. The alternate site can be a pre-arranged location, such as a rented office space, a hotel, or another branch of the same organization, or a mobile facility, such as a trailer or a container. The alternate site should have the necessary equipment, systems, data, and resources to support the continuity of the business. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a

NEW QUESTION # 30
Tolerating risk is where no action is taken to mitigate or reduce a risk.

• A. False
• B. True

Answer: B

Explanation:
Explanation
Tolerating risk is where no action is taken to mitigate or reduce a risk. This is true because tolerating risk is one of the possible strategies for managing risk. Tolerating risk means accepting or retaining a risk without taking any further action to reduce it, either because the risk level is acceptable or because the cost or effort of reducing it is not justified. Tolerating risk may be appropriate for low-priority or low-impact risks that do not pose a significant threat to the organization's objectives. Verified References:
https://www.investopedia.com/terms/t/the-four-ts.asphttps://www.thebci.org/training-qualifications/good-practic

NEW QUESTION # 31
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick.

• A. False
• B. True

Answer: B

Explanation:
Explanation
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick. This is true because an illness pandemic is a type of natural disaster that can affect an organization's ability to continue its normal operations. An illness pandemic can cause absenteeism, reduced productivity, increased costs, supply chain disruptions, customer dissatisfaction, or regulatory compliance issues. Therefore, an organization may need to declare a disaster and activate its business continuity and disaster recovery plan if an illness pandemic impacts its critical functions and processes beyond an acceptable level. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a

NEW QUESTION # 32
BIA helps you identify

• A. Critical services and products
• B. Critical interdependencies and interested parties
• C. Tangible and intangible impact of a disruption over period of time
• D. All of the above

Answer: D

Explanation:
Explanation
BIA helps to identify all of the above aspects of an organization's functions and processes. It helps to identify the critical services and products that the organization delivers to its customers and stakeholders, and the functions and processes that support them. It also helps to identify the critical interdependencies and interested parties that are involved in or affected by the organization's functions and processes, such as suppliers, partners, regulators, or employees. Moreover, it helps to identify the tangible and intangible impacts of a disruption tothe organization's functions and processes over a period of time, such as financial losses, reputational damage, legal liabilities, or customer dissatisfaction. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN

NEW QUESTION # 33
A consultant is a person who borrows your watch to tell you the time, charges you for doingso and then sells you back your watch.

• A. False
• B. True

Answer: A

Explanation:
Explanation
A consultant is a person who borrows your watch to tell you the time, charges you for doing so and then sells you back your watch. This is false because it is a cynical and unfair description of a consultant's role and value. A consultant is a person who provides professional or expert advice in a specific field or domain. A consultant can help an organization to identify problems, analyze situations, develop solutions, implement changes, improve performance, or achieve goals. A consultant can also provide knowledge, skills, tools, or resources that the organization may not have or need temporarily. Verified References:
https://www.investopedia.com/terms/c/consultant.asphttps://phoenixnap.com/blog/what-is-business-continuity-m

NEW QUESTION # 34
A formal "disaster" can only be declared by the firm owners or by the IT Department Manager.

• A. False
• B. True

Answer: A

Explanation:
Explanation
A formal "disaster" can only be declared by the firm owners or by the IT Department Manager. This is false because a formal "disaster" can be declared by any authorized person who has the responsibility and authority to activate the business continuity and disaster recovery plan. The authorized person may vary depending on the type, scope, and severity of the disaster, but it should be clearly defined in the plan who can declare a disaster and under what circumstances. The authorized person should also communicate the declaration of a disaster to all relevant stakeholders, such as employees, customers, suppliers, partners, regulators, media, or the public. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a

NEW QUESTION # 35
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process.

• A. False
• B. True

Answer: B

Explanation:
Explanation
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process. This is true because risk ownership is oneof the key principles of business continuity management. Risk ownership means that each risk has a designated person who is responsible and accountable for its identification, assessment, treatment, monitoring, and reporting. Risk owners should have the authority and resources to manage their risks effectively and efficiently. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://www.thebci.org/training-qualifications/good-practice-g

NEW QUESTION # 36
Damage assessment includes all but which of the following steps?

• A. Estimate the time it will take to restore critical business functions.
• B. Evaluating the time to restore operations and if greater than the MTD, a disaster should be declared and BCP enacted
• C. Having the insurance company declare the total extent of the damages.
• D. Identifying the affected business functions.

Answer: C

Explanation:
Explanation
Damage assessment is the process of evaluating the extent and severity of the damage caused by a disruption to an organization's facilities, equipment, systems, data, records, or personnel. It includes identifying the affected business functions and processes, estimating the time it will take to restore them to normal or acceptable levels of operation, and evaluating whether the recovery time exceeds the maximum tolerable downtime (MTD) for each function or process. If so, a disaster should be declared and the business continuity plan should be activated. Having the insurance company declare the total extent of the damages is not part of the damage assessment process, as it may take longer than the MTD and may not reflect the operational impact of the damage. Verified References:
https://www.fema.gov/pdf/emergency/nims/Damage_Assessment.pdfhttps://drii.org/resources/professionalpracti

NEW QUESTION # 37
BIA stands for

• A. Business Information Availability
• B. Business Impact Analysis
• C. Business Improvement Activities
• D. Business Importance and Availability

Answer: B

Explanation:
Explanation
Business impact analysis (BIA) is the process of identifying and prioritizing the organization's functions and processes based on their importance to the organization's objectives, and assessing the potential impacts of a disruption to those functions and processes over time. The BIA helps to determine the recovery time objectives (RTOs), recovery point objectives (RPOs), and resource requirements for each function and process, as well as the interdependencies and dependencies among them. The BIA provides the basis for developing recovery strategies and plans. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN

NEW QUESTION # 38
Individual accountability for the management of the risk should be clearly established.

• A. False
• B. True

Answer: B

Explanation:
Explanation
Individual accountability for the management of the risk should be clearly established. This is true because accountability is one of the key principles of business continuity management. Accountability means that each person involved in the business continuity management program has a clear understanding of their roles and responsibilities, as well as the authorityand resources to perform them. Accountability also means that each person is held responsible for their actions and outcomes, and that they report on their performance and progress regularly. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana

NEW QUESTION # 39
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system.

• A. False
• B. True

Answer: B

Explanation:
Explanation
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system. This is true because communication is a vital component of any disaster recovery and business continuity plan. Employees need to be informed of the situation, their roles and responsibilities, and the actions they need to take to ensure their safety and the continuity of the business.
The HR Department Manager or the emergency notice system are the designated channels for communicating with employees during a disaster. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a

NEW QUESTION # 40
......

GAQM CBCP-002 (Certified Business Continuity Professional) certification exam is designed for professionals who are responsible for business continuity planning and management in organizations of all sizes. Certified Business Continuity Professional (CBCP) certification is recognized globally and demonstrates expertise and knowledge in business continuity planning, disaster recovery, risk management, and crisis management. Certified Business Continuity Professional (CBCP) certification exam covers a range of topics including business continuity management, risk assessment and analysis, emergency response and crisis management, and business continuity training and awareness.

 

Get Instant Access to CBCP-002 Practice Exam Questions: https://actualtests.crampdf.com/CBCP-002-exam-prep-dumps.html