Valid CAS-005 Dumps shared by ExamDiscuss.com for Helping Passing CAS-005 Exam! ExamDiscuss.com now offer the newest CAS-005 exam dumps, the ExamDiscuss.com CAS-005 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CAS-005 dumps with Test Engine here:
A company recently experienced a ransomware attack. Although the company performs systems and data backup on a schedule that aligns with its RPO (Recovery Point Objective) requirements, the backup administrator could not recover critical systems and data from its offline backups to meet the RPO. Eventually, the systems and data were restored with information that was six months outside of RPO requirements. Which of the following actions should the company take to reduce the risk of a similar attack?
Correct Answer: C
Comprehensive and Detailed Explanation: * Understanding the Ransomware Issue: * The key issue here is that backups were not recoverable within the required RPO timeframe. * This means the organization did not properly test its backup and disaster recovery (DR) processes. * To prevent this from happening again, regular disaster recovery testing is essential. * Why Option C is Correct: * Disaster recovery testing ensures that backups are functional and can meet business continuity needs. * Frequent DR testing allows organizations to identify and fix gaps in recovery strategies. * Regular testing ensures that recovery meets the RPO & RTO (Recovery Time Objective) requirements. * Why Other Options Are Incorrect: * A (Encrypt & label backup tapes): While encryption is important, it does not address the failure to meet RPO requirements. * B (Reverting to manual business processes): While a manual continuity plan is good for resilience, it does not resolve the backup and recovery failure. * D (Tabletop exercise & RACI matrix): A tabletop exercise is a planning activity, but it does not involve actual recovery testing.