CompTIA Security+ (SY0-501) — Question 912

A Chief Information Security Officer (CISO) is performing a BIA for the organization in case of a natural disaster. Which of the following should be at the top of the
CISO's list?

Answer options

• A. Identify redundant and high-availability systems.
• B. Identity mission-critical applications and systems.
• C. Identify the single point of failure in the system.
• D. Identity the impact on safety of the property.

Correct answer: B

Explanation

The correct answer, B, emphasizes the need to identify mission-critical applications and systems, as these are vital for the organization's operations and recovery efforts. While understanding redundant systems, single points of failure, and safety impacts are important, knowing which applications are critical is the priority in a BIA for effective disaster response.