Question on BCP/DRP and SDLC Steps

Morning guys,I have a question on the BCP/DRP and SDLC steps and knowing the flow of those processes.

For SDLC, the Sybex book doesn't really help me in understanding the flow of the SDLC, so decided to commit to memory the NIST SP800-14 listed in the 11th Hour. This is the P-IDIOD steps, and all the substeps I can now explain to myself. Is this good enough though? Not sure what to expect.

Second question, Sybex lists the following steps for BCP:
1. Project Scope and Planning
2. BIA
3. Continuity Planning
4. Approval and Implementation

Whereas 11th hour and Kelly Handerhan seem to follow the PSBIRPIB (NIST SP800-34) steps. Since I have been using the Sybex in majority as my guide, should I rather stick to the PBCA and learn the substeps of those? Kinda feels like the 11th hour is throwing me off and confusing me. I also dont recall and specific DRP steps to help understand the flow in the Sybex book, came across RACAR for DRP in Reddit.

Appreciate any help in this direction as I want to get BCP/DRP finally under the knee this weekend as I am writing on the 13th of April.

Find more posts tagged with

Comments

TheRedBar0n

Oh wow, all my formatting is messed up. Sorry guys, will see if I can correct that. EDIT: Fixed, Chrome doesn't like the HTML editor it seems.

H-bomb

I don’t really think there is a right or wrong way to go about it. You don’t need to know specifics but just a general process flow. But, if in doubt I would go Sybex. This is why I recommend sticking to one book.

TheRedBar0n

H-bomb wrote: »

I don’t really think there is a right or wrong way to go about it. You don’t need to know specifics but just a general process flow. But, if in doubt I would go Sybex. This is why I recommend sticking to one book.

Thank you for the advise my good sir!

roxer

If this is for the CISSP, know the ordered steps for the BCP and others as well. Know the process flow of each too (BCP/DRP/IR/Configuration Management. Also understand the SDLC models and the differences between them. I don't want to disagree with H-Bomb, but use the Eric Conrad CISSP SG and 11th hour books for the BCP/DRP and IR--has better examples in this regard. NIST 800-34...

kabbra

As hard as it is to read, my main book for studying was Gordon’s official CBK. This book covers things such as SCAP, CPTED, SOC reports and others that I could not find in Chapple’s book for example. Mike Chapple’s book mention that the BCP list in his book is as defined by ISC2, so I would go with it.

TheRedBar0n

kabbra wrote: »

As hard as it is to read, my main book for studying was Gordon’s official CBK. This book covers things such as SCAP, CPTED, SOC reports and others that I could not find in Chapple’s book for example. Mike Chapple’s book mention that the BCP list in his book is as defined by ISC2, so I would go with it.

Thanks, yeah read that as well and decided to stick to the PBCA process and able to explain every step to myself. Writing tomorrow

TheRedBar0n

I provisionally passed the CISSP exam this morning! Long pause at 100 questions, and bam, congratulations letter. Big thanks to God, family, friends and support from techexams forumites and Reddit! Exam was really difficult but made it

Sources used was Sybex 7th edition plus the practice test book. Skillset for insurance, and 11th hour. Also watched the Cybrary videos, these are a must for anyone attempting the exam. Final video watched was the exam tips video from Larry Greenblatt to get my mindset adjusted for the exam. Studied for about 3.5 months.

roxer

Congratulations!! That's awesome news!

PersianImmortal

Congratulations!!!

H-bomb

Nice! Congrats

kabbra

Well done! Congratulations.

Can'tTakeIt!

That’s awesome! Congrats! So now that you’ve taken the exam, can you say which version/steps of BCP/DRP and SDLC is applicable to the exam?

TheRedBar0n

Thanks for all the congrats guys!

TheRedBar0n

Can'tTakeIt! wrote: »

That’s awesome! Congrats! So now that you’ve taken the exam, can you say which version/steps of BCP/DRP and SDLC is applicable to the exam?

Thanks man. There isn't a specific model of BCP and SDLC. You need to know and understand the flow. I went with the Sybex BCP steps and learned all those steps till I was able to explain every step in detail to myself, some guys use the NIST SP800-34 steps and it works for them. As for SDLC, I used the 11th hour flow, I believe this was NIST SP800-14.