
[Apr-2024] CBCP-002 Free Sample Questions to Practice One Year Update
Download CBCP-002 exam with GAQM CBCP-002 Real Exam Questions
GAQM CBCP-002 certification exam is an excellent way for professionals to validate their expertise in business continuity and risk management, and to demonstrate their commitment to ensuring the resilience and continuity of their organizations. With the demand for business continuity professionals on the rise, this certification is a valuable asset for anyone looking to advance their career in this field.
GAQM CBCP-002 (Certified Business Continuity Professional) exam is designed to test the knowledge and skills of those who are responsible for managing and ensuring the continuity of business operations. Certified Business Continuity Professional (CBCP) certification is intended for professionals who have a thorough understanding of business continuity planning, disaster recovery planning, and risk management.
NEW QUESTION # 24
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.
- A. False
- B. True
Answer: B
Explanation:
Explanation
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.
This is true because one of the recovery strategies for a disaster is to have an alternate site where the critical functions and processes can be resumed until the primary site is restored or replaced. The alternate site can be a pre-arranged location, such as a rented office space, a hotel, or another branch of the same organization, or a mobile facility, such as a trailer or a container. The alternate site should have the necessary equipment, systems, data, and resources to support the continuity of the business. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 25
A consultant is a person who borrows your watch to tell you the time, charges you for doingso and then sells you back your watch.
- A. False
- B. True
Answer: A
Explanation:
Explanation
A consultant is a person who borrows your watch to tell you the time, charges you for doing so and then sells you back your watch. This is false because it is a cynical and unfair description of a consultant's role and value. A consultant is a person who provides professional or expert advice in a specific field or domain. A consultant can help an organization to identify problems, analyze situations, develop solutions, implement changes, improve performance, or achieve goals. A consultant can also provide knowledge, skills, tools, or resources that the organization may not have or need temporarily. Verified References:
https://www.investopedia.com/terms/c/consultant.asphttps://phoenixnap.com/blog/what-is-business-continuity-m
NEW QUESTION # 26
Which Process can be both time consuming and expensive as a result, management will expect tangible benefits to be achieved by the process?
- A. Business Continuity Planning
- B. Business Process Planning
- C. Business Contingency Planning
- D. Business Ethical Planning
Answer: A
Explanation:
Explanation
Business continuity planning is the process of identifying, developing, and implementing strategies and plans to ensure the continuity of an organization's critical functions and processes in the event of a disruption. It can be both time consuming and expensive, as it requires a thorough analysis of risks, impacts, resources, and recovery options. However, management will expect tangible benefits from the process, such as reduced losses, increased resilience, improved reputation, and compliance with regulations. Verified References:
https://www.ready.gov/business-continuity-plan https://drii.org/resources/professionalpractices/EN
NEW QUESTION # 27
Which type of risk occurs due to volatile environments in which businesses operate and the nature of their operations?
- A. Project Risk
- B. Business Risk
- C. Auditing Risk
- D. Quality Risk
Answer: B
Explanation:
Explanation
Business risk is the risk of loss or damage to an organization's performance, reputation, assets, or stakeholders due to internal or external factors that affect its ability to achieve its objectives. Business risk can arise from various sources, such as market conditions, customer preferences, competition, technology, regulation, compliance, operations, finance, human resources, or natural disasters. Business risk can have a direct or indirect impact on an organization's profitability, growth, sustainability, or continuity. Verified References:
https://www.investopedia.com/terms/b/businessrisk.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 28
Which certification centre provides the physical infrastructure?
- A. Facility
- B. Service
Answer: A
Explanation:
Explanation
A facility certification center is a center that provides the physical infrastructure for testing and certifying the functionality and performance of products, systems, or services. A facility certification center may have specialized equipment, tools, environments, or standards that can simulate real-world conditions or scenarios.
A facility certification center may also have qualified staff, experts, or auditors who can conduct the testing and certification process. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-
NEW QUESTION # 29
A formal "disaster" can only be declared by the firm owners or by the IT Department Manager.
- A. False
- B. True
Answer: A
Explanation:
Explanation
A formal "disaster" can only be declared by the firm owners or by the IT Department Manager. This is false because a formal "disaster" can be declared by any authorized person who has the responsibility and authority to activate the business continuity and disaster recovery plan. The authorized person may vary depending on the type, scope, and severity of the disaster, but it should be clearly defined in the plan who can declare a disaster and under what circumstances. The authorized person should also communicate the declaration of a disaster to all relevant stakeholders, such as employees, customers, suppliers, partners, regulators, media, or the public. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 30
Which of the following should NOT be released in a publicly released BCP?
- A. BIA results
- B. Process flows
- C. All of the above
- D. Contact lists
Answer: C
Explanation:
Explanation
A publicly released BCP is a version of a business continuity plan that is intended for external audiences, such as customers, suppliers, partners, regulators, media, or the public. It should not contain sensitive or confidential information that may compromise the security or privacy of theorganization or its stakeholders.
Therefore, it should not include process flows that detail how each function or process is performed; contact lists that reveal personal or organizational information; BIA results that show criticality ratings or recovery time objectives; or any other information that may expose vulnerabilities or risks. Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN
NEW QUESTION # 31
Damage assessment includes all but which of the following steps?
- A. Evaluating the time to restore operations and if greater than the MTD, a disaster should be declared and BCP enacted
- B. Having the insurance company declare the total extent of the damages.
- C. Estimate the time it will take to restore critical business functions.
- D. Identifying the affected business functions.
Answer: B
Explanation:
Explanation
Damage assessment is the process of evaluating the extent and severity of the damage caused by a disruption to an organization's facilities, equipment, systems, data, records, or personnel. It includes identifying the affected business functions and processes, estimating the time it will take to restore them to normal or acceptable levels of operation, and evaluating whether the recovery time exceeds the maximum tolerable downtime (MTD) for each function or process. If so, a disaster should be declared and the business continuity plan should be activated. Having the insurance company declare the total extent of the damages is not part of the damage assessment process, as it may take longer than the MTD and may not reflect the operational impact of the damage. Verified References:
https://www.fema.gov/pdf/emergency/nims/Damage_Assessment.pdfhttps://drii.org/resources/professionalpracti
NEW QUESTION # 32
BIA stands for
- A. Business Information Availability
- B. Business Importance and Availability
- C. Business Impact Analysis
- D. Business Improvement Activities
Answer: C
Explanation:
Explanation
Business impact analysis (BIA) is the process of identifying and prioritizing the organization's functions and processes based on their importance to the organization's objectives, and assessing the potential impacts of a disruption to those functions and processes over time. The BIA helps to determine the recovery time objectives (RTOs), recovery point objectives (RPOs), and resource requirements for each function and process, as well as the interdependencies and dependencies among them. The BIA provides the basis for developing recovery strategies and plans. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN
NEW QUESTION # 33
Which register maintains information on all the identified risks relating to an organization?
- A. Crisis register
- B. Risk register
- C. Index register
- D. Memory Data Register
Answer: B
Explanation:
Explanation
A risk register is a register that maintains information on all the identified risks relating to an organization. A risk register is a document or a tool that records and tracks the details of each risk, such as its description, source, impact, likelihood, rating, owner, status, response strategy, action plan, and monitoring method. A risk register is a useful tool for managing risks and communicating them to stakeholders. Verified References:
https://www.investopedia.com/terms/r/risk-register.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 34
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick.
- A. False
- B. True
Answer: B
Explanation:
Explanation
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick. This is true because an illness pandemic is a type of natural disaster that can affect an organization's ability to continue its normal operations. An illness pandemic can cause absenteeism, reduced productivity, increased costs, supply chain disruptions, customer dissatisfaction, or regulatory compliance issues. Therefore, an organization may need to declare a disaster and activate its business continuity and disaster recovery plan if an illness pandemic impacts its critical functions and processes beyond an acceptable level. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 35
Which of the following four are action approach crisis and post-crisis management? (Choose four R's)
- A. Reduction
- B. Rss Feed
- C. Rustic
- D. Readiness
- E. Response
- F. Recovery
Answer: A,D,E,F
Explanation:
Explanation
The four R's are action approaches for crisis and post-crisis management. They are:
Reduction: This approach aims to prevent or mitigate the occurrence or impact of a crisis by identifying and addressing the root causes, vulnerabilities, and risks.
Readiness: This approach aims to prepare for a potential crisis by developing plans, policies, procedures, systems, teams, and resources that can enable a timely and effective response.
Response: This approach aims to manage a crisis by activating the plans, policies, procedures, systems, teams, and resources that can contain, control, and resolve the situation.
Recovery: This approach aims to restore normal operations after a crisis by implementing actions that can repair damages, restore functions and processes, resume services and products, recover losses, and learn lessons. Verified References:
https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.html
https://phoenixnap.com/blog/what-is-business-continuity-management
NEW QUESTION # 36
Risks are diverse and arise from both external and internal sources.
- A. False
- B. True
Answer: B
Explanation:
Explanation
Risks are diverse and arise from both external and internal sources. This is true because risks are uncertainties that can have positive or negative effects on an organization's objectives. Risks can arise from various sources that are either outside or inside the organization's control. External sources of risk include natural disasters, cyberattacks, market fluctuations, customer preferences, competition, regulation, or political instability.
Internal sources of risk include human error, fraud, system failure, process inefficiency, organizational culture, or strategic decisions. Verified References:
https://www.investopedia.com/terms/b/businessrisk.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 37
What is the frequency of BCP testing for critical processes?
- A. Quarterly
- B. Annually
- C. Half-yearly
- D. As per calendar planned at beginning of the year
Answer: C
Explanation:
Explanation
BCP testing is the process of verifying the effectiveness of a business continuity plan and ensuring that it meets the business objectives and requirements. BCP testing should be conducted regularly to identify any gaps or weaknesses in the plan and to update it accordingly1. While the number of tests to be conducted depends on the industry background, size and complexity, available resources, and BCP maturity levels, it is recommended that the tests are conducted twice a year for critical processes but at least minimum once a year1.
NEW QUESTION # 38
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process.
- A. False
- B. True
Answer: B
Explanation:
Explanation
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process. This is true because risk ownership is oneof the key principles of business continuity management. Risk ownership means that each risk has a designated person who is responsible and accountable for its identification, assessment, treatment, monitoring, and reporting. Risk owners should have the authority and resources to manage their risks effectively and efficiently. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://www.thebci.org/training-qualifications/good-practice-g
NEW QUESTION # 39
Which system in place enables you to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk?
- A. Quality Management System
- B. Corporate Governance
- C. Banking System
- D. Auditing Report
Answer: B
Explanation:
Explanation
Corporate governance is the system of rules, practices, and processes by which an organization is directed and controlled. It involves balancing the interests of various stakeholders, such as shareholders, management, customers, suppliers, regulators, and the community. It also enables an organization to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk. Effective corporate governance can enhance performance, accountability, transparency, and trust. Verified References:
https://www.investopedia.com/terms/c/corporategovernance.asphttps://www.thebci.org/training-qualifications/go
NEW QUESTION # 40
......
To be eligible for the CBCP-002 certification exam, candidates must have a minimum of two years of experience in business continuity management or a related field. Candidates must also have completed a minimum of 30 hours of formal training in business continuity or disaster recovery planning. Candidates who pass the CBCP-002 certification exam will receive a certificate from GAQM, which is recognized globally as a mark of excellence in the field of business continuity.
Real exam questions are provided for GAQM: Management tests, which can make sure you 100% pass: https://www.free4torrent.com/CBCP-002-braindumps-torrent.html
CBCP-002 Exam with Guarantee Updated 42 Questions: https://drive.google.com/open?id=1v2zKypS7I-sV_VTp_zcZucnhAcVKkkeJ