M3 - Business Resiliency and Continuity Planning

Questions and Answers

What is the main advantage of a full backup?

• It requires the least amount of storage space.
• It is less time-consuming than other backup types.
• It is the quickest way to restore functionality.
• It provides an exact copy of the entire database. (correct)

Which disaster recovery site type is immediately operational?

• Hot Site (correct)
• Warm Site
• Cold Site
• Remote Site

What differentiates a differential backup from an incremental backup?

• It copies all changes since the last full backup. (correct)
• It stores only one copy of backup.
• It requires less storage space.
• It is quicker to restore than incremental backup.

Which step is considered the most important in the disaster recovery planning process?

Test Plan (B)

How does replication differ from mirroring?

Replication can occur at any time while mirroring occurs continuously. (D)

What is the main difference between business continuity plans and disaster recovery?

Business continuity plans are more comprehensive and include non-IT aspects. (D)

Which of the following classifications describes a disruption impact that can operate for an extended time if damaged?

Low (A)

What does the Recovery Point Objective (RPO) represent?

The maximum threshold for data or dollars lost during an outage. (A)

Which step in the Business Impact Analysis (BIA) involves identifying critical resources and processes that are most vulnerable?

Identify critical resources (C)

Which metric assesses the amount of time until services are operational after a disruption?

Agreed Service Time (AST) (D)

What is included in step four of the Business Impact Analysis (BIA)?

Estimate losses. (C)

Which system availability control focuses on ensuring consistent power supply?

Uninterrupted Power Supply (A)

In the context of disaster recovery, what is a long-term outage related to the destruction of resources referred to as?

Disaster Recovery (A)

Flashcards

Cold Site

A disaster recovery site that has no equipment in place, requiring 1-3 days to become operational. It's the most affordable option.

Warm Site

A disaster recovery site that has equipment on-site but not connected. It takes 0-3 days to become operational. Moderate in cost.

Hot Site

A disaster recovery site with all equipment and operations in place. Ready for immediate operation, but it's the most expensive option.

Differential Backup

A backup method that copies all changed data since the last full backup. Restoration is simpler but takes longer. Requires storing two backup copies.

Incremental Backup

A backup method that copies only the data changed since the last backup, creating incremental changes. It's fast, efficient, and suitable for daily backups.

Business Impact Analysis (BIA)

Identifies critical business processes and their vulnerabilities to assess recovery needs.

Maximum Tolerable Downtime (MTD)

The maximum amount of time a business can tolerate an outage without causing long-term consequences.

Recovery Point Objective (RPO)

The maximum amount of data that can be lost during an outage without causing irreparable harm.

Recovery Time Objective (RTO)

The maximum amount of time it should take to restore business operations after an outage.

Business Continuity Plan

A comprehensive plan that outlines procedures for resuming operations after a disruption. It covers both IT and non-IT aspects.

Disaster Recovery Plan

A plan that outlines steps to restore IT systems after a disaster. This plan is more focused on technical recovery than overall business continuity.

Mean Time to Repair (MTTR)

The average time it takes to restore a system or service after a failure.

Recovery Point Actual (RPA)

The actual time it takes to recover to a pre-event state after a disaster.

Study Notes

Business Resiliency

• Business resiliency is the ability for a business to continue operating or quickly return to operations after an event.
• Key components include business continuity plans, systems availability controls, and crisis management. Disaster recovery plans also play a key role.

Business Continuity Plans

• More comprehensive than disaster recovery, encompassing non-IT aspects.
• Key steps involve identifying key business processes, risks, acceptable downtime, and implementing mitigation/contingency plans.

Business Impact Analysis (BIA)

• A critical step in business continuity planning.

• Identifies how quickly business units can recover.

• Key steps include establishing an approach, identifying critical resources, defining disruption impacts, estimating losses, establishing recovery priorities, and creating a report.

• Disruptions are categorized as low, medium, or high impact based on downtime.

• Step 4: Estimating losses uses the following metrics:

  • Annualized Rate of Occurrence (ARO): Number of occurrences per relevant years
  • Exposure Factor (EF): Percentage damage to asset value
  • Single Loss Expectancy (SLE): EF * Asset Value
  • Annualized Loss Expectancy (ALE): SLE * ARO

• Step 5: Establishing Recovery Priorities evaluates system availability metrics, including:

  • Agreed Service Time (AST): Time until services are operational.
  • Minimal Downtime (DT): Time service isn't working.
  • Maximum Tolerable Downtime (MTD): Time without long-term consequences from an outage.
  • Recovery Point Objective (RPO): Max threshold for data/financial loss or inoperability.
  • Recovery Time Objective (RTO): Max time to restore business operations.
  • Mean Time to Repair (MTTR): Average time to restore operations.
  • Recovery Time Actual (RTA): Actual time to restore operations.
  • Recovery Point Actual (RPA): Actual time to recover to pre-event state.

System Availability Controls

• Measures to ensure systems remain operational include redundancy, system backups, uninterrupted power supplies, IT infrastructure controls, and physical security.

Crisis Management Plans

• Address unexpected, large-scale incidents.

Disaster Recovery

• Plans for long-term outages caused by resource destruction with a focus on IT systems.
• Outlines steps to resume operations.
• Example: storing duplicate files offsite.
• Key steps:
  • Assess risks.
  • Identify mission-critical applications/data.
  • Develop a plan for handling mission-critical items.
  • Determine who is responsible.
  • Thoroughly test the disaster recovery plan (most important step).

Disaster Recovery Sites

• Cold Site: No equipment in place. Recovery time: 1-3 days. Cheapest.
• Warm Site: Equipment on-site but not plugged in. Recovery time: 0-3 days. Moderately expensive.
• Hot Site: Equipment and operations in place. Immediately operational. Most expensive.

Backups

• Full Backup: Exact copy of the entire database. Very time-consuming. Fastest restoration. Common weekly practice.
• Incremental Backup: Copies changes since the last backup. Reflects one day of transactions.
• Differential Backup: Copies changes since the last full backup. Slower than incremental but simpler restoration. Stores 2 copies of backup.

Replication vs. Mirroring

• Replication: Transfers data to a secondary DB.
• Mirroring: Copies a database onto a machine at the same site.