Business Continuity Planning & Disaster Recovery

This quiz is designed to test and strengthen your understanding of Business Continuity Planning (BCP) and Disaster Recovery (DR), and how these principles apply to your role within the organisation. Each question presents a realistic scenario involving unexpected disruptions, system outages, data loss risks, operational interruptions, and situations where critical services may be impacted.

You will be asked to choose the safest, most effective, and most resilient response in each case.

The goal of this exercise is to help you recognise potential threats to business operations, understand how continuity plans are activated, and apply best practices that minimise downtime and protect essential services. By working through these examples, you will build stronger awareness of how disruptions occur and reinforce the habits that support a stable, resilient working environment

Make your attempt count, you only have one chance to pass this quiz.

By continuing, you agree that System Force can use your details to send you your quiz results by email.

What is the primary purpose of Business Continuity?

To reduce insurance costs

To eliminate all operational risks

To maintain essential services during disruption

To ensure only IT systems remain online

Disaster Recovery focuses on:

Preventing incidents entirely

Managing customer complaints

Reducing staff involvement

Restoring systems and data after a crisis

In the past year, UK cyber attacks increased by approximately what percentage?

25%

10%

50%

A Business Impact Analysis (BIA) does NOT include:

Identifying critical services

Mapping financial and reputational impact

Hiring external PR consultants

Defining acceptable downtime

The 3‑2‑1 Backup Rule recommends:

Two copies on the same device

Three backups every 2 years

One backup stored online only

Three copies, two media types, one off‑site

The roadmap to resilience includes which sequence?

Conduct BIA → Define RTO/RPO → Build plans → Test & train

Test → Ignore → Revise

Build a backup plan → Purchase new hardware only

Perform RTO first → Skip BIA

Which of the following is a major benefit of regularly testing backups?

It reduces requirements for documentation

It improves staff morale

It ensures recoverability when needed

It lowers internet bandwidth use

RTO (Recovery Time Objective) refers to:

Maximum acceptable data loss

Cost of restoring systems

Minimum system uptime

Maximum acceptable downtime after an incident

RPO (Recovery Point Objective) refers to:

The maximum data loss tolerated, measured in time

The number of recovery staff required

How long a backup takes to create

The speed of the recovery team

Which framework focuses specifically on organisational resilience?

NIST 800‑53

ISO 22301

Cyber Essentials

ISO 27001

Immutable backups are primarily used for:

Faster system performance

Reducing storage costs

Preventing accidental file edits

Ransomware resilience

Which UK regulation requires recoverability of personal data?

Cyber Essentials

UK GDPR

Computer Misuse Act

Freedom of Information Act

Why should continuity and disaster recovery plans be tested regularly?

To comply with financial reporting requirements

To shorten annual audits

To reduce the number of staff in the organisation

To ensure the plans actually work during real incidents

What is the most important action during ransomware recovery, according to NCSC guidance?

Restore from clean, offline backups

Pay the ransom quickly

Inform all customers immediately

Reboot all systems

The ICO often takes enforcement action when:

Known risks were ignored and staff were untrained

Too many security tools were used

Organisations fail to upgrade their internet speed

Only manual backups were performed

Any additional feedback you would like to make us aware of?

What additional topics would you like to see covered in future cyber resiliency sessions?

Which part of the training did you find most valuable for improving your cyber resiliency skills, and why?

How confident do you feel in your ability to identify and respond to cyber threats after attending this webinar?

Exit