CompTIA CASP+ (CAS-003) — Question 210

A Chief Information Security Officer (CISO) has created a survey that will be distributed to managers of mission-critical functions across the organization. The survey requires the managers to determine how long their respective units can operate in the event of an extended IT outage before the organization suffers monetary losses from the outage. To which of the following is the survey question related? (Choose two.)

Answer options

• A. Risk avoidance
• B. Business impact
• C. Risk assessment
• D. Recovery point objective
• E. Recovery time objective
• F. Mean time between failures

Correct answer: B, D

Explanation

The correct answers are B and D. 'Business impact' refers to understanding the financial implications of an IT outage, while 'Recovery point objective' (RPO) indicates the maximum acceptable amount of data loss measured in time. The other options do not directly relate to the financial aspect of downtime and its operational impact.