Question about retention policy - Could someone help me?

Morgi0noCativoMorgi0noCativo Member Posts: 19 ■□□□□□□□□□
I don't know the right answer. Could someone clarify the right question and why the others one are wrong?

Comments

  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    When it comes to retention policies, the policy alone is not enough. You actually need to do periodical tests in order to validate that whatever you have backed up can actually be brought up again and become available.

    I saw you posting other questions also but you are not providing your answer or where you are getting confused. A lot of these answers come from understanding the material and you need to look at the books you are studying from for those specific areas to get more information. Reading the material once and then doing questions isn't enough.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    To add to TheFORCE's point, note that none of the other 3 options put any responsibility on the provider's end. The option you mark in red is basically you flaunting your policy with ZERO responsibility for the provider.
  • PJ_SneakersPJ_Sneakers Member Posts: 884 ■■■■■■□□□□
    If you don't put it in the contract, it doesn't really exist.
  • jayc71jayc71 Member Posts: 112 ■■■■□□□□□□
    As others have said, when dealing with a third party (generally in IT, not just with cloud providers), policies and SLAs must be explicitly stated in the service contract or they are not enforceable.
    CISSP, CCSP, CCSK, Sec+, AWS CSA/Developer/Sysops Admin Associate, AWS CSA Pro, AWS Security - Specialty, ITILv3, Scrummaster, MS, BS, AS, my head hurts.
  • Morgi0noCativoMorgi0noCativo Member Posts: 19 ■□□□□□□□□□
    Thank you for the advice. I will study more. I was reading some CISSP and Security + pdfs, but I didn't find this specific scenario,m however when I was close, the scenario provides different answers for different enterprise.
    TheFORCE wrote: »
    When it comes to retention policies, the policy alone is not enough. You actually need to do periodical tests in order to validate that whatever you have backed up can actually be brought up again and become available.

    I saw you posting other questions also but you are not providing your answer or where you are getting confused. A lot of these answers come from understanding the material and you need to look at the books you are studying from for those specific areas to get more information. Reading the material once and then doing questions isn't enough.
Sign In or Register to comment.