3.4

Question 1

network load balancer

Answer 1

a device that is used to evenly distribute incoming network traffic across multiple servers or resources when there is a high volume of traffic coming into the company’s network or web server

Question 2

load balancer (info)

Answer 2

They distribute Transmission Control Protocol (TCP),
User Datagram Protocol (UDP), Hypertext Transfer
Protocol (HTTP), and Transport Layer Security (TLS)
traffic across multiple servers to efficiently allocate
resources and offer failover solutions

Question 3

clustering

Answer 3

intended to improve performance and availability of a complex physical or virtual system

involves an active node and a passive node that share a common quorum disk, reinforced by a witness server, heartbeat communication and a VIP at the forefront

Clusters are designed to be a redundant set of service functionalities based on active-standby or active-active deployments

Question 4

Cluster deployments are often measured by:

Answer 4

• Reliability – the ability to successfully provide responses on each incoming request
• Availability – the uptime of the server (usually measured as % of annual uptime)
• Performance the average of the time spent by the service to provide responses or by the throughput
• Scalability – the ability to handle a growing amount of work in a capable manner without degradation in the quality of service

Question 5

clustering techniques

Answer 5

High availability clusters
Load balancing clusters
High-performance clusters
Storage clusters

Question 6

High availability clusters

Answer 6

prioritize resilience over
other advantages and can be implemented in either
Active-Passive or Active-Active architecture

Question 7

Load balancing clusters

Answer 7

highlight balancing the jobs
among all of the servers in the cluster and incorporate load balancing software in the controller node

Question 8

High-performance clusters

Answer 8

use multiple servers to
execute a specific task very quickly and support data-intensive projects such as live-streaming and
real-time data processing

Question 9

Storage clusters

Answer 9

offer massive storage arrays,
sometimes in support of high-performance clusters,
but always in a support role for other servers or clusters such as storage area networking or
hypervisor cluster data stores

Question 10

Full Backups

Answer 10

• The process backs up everything regardless of whether the archive bit is set or not:
• Clears the archive bit once the backup completes
• This method takes the longest to back up and the time depends on how much must be backed up
• A full backup is quickest to restore as only the most recent full backup is required
• A full backup should be scheduled, automated, and tested although it is common to perform this manually

Question 11

incremental backups

Answer 11

This method backs up any new file or any file that has changed since
* The last full backup
* The last incremental backup

• Subsequent backups only store changes that were made since the previous backup
• An incremental backup clears the archive bit once the backup completes
• The process of restoring lost data from an incremental backup is longer, but the backup process
  is much quicker
• In is not recommended to perform incremental backups manually

Question 12

differential backups

Answer 12

This method backs up any file that has the archive
bit set
* Backs up any new file or any file that has changed since the last full backup
* A differential back up DOES NOT clear the archive bit when the backup completes
* It is slow to back up but quick to restore
* The last full backup and the most recent differential backup are needed for restoration
* It is not recommended to perform differential backups manually

Question 13

snapshots

Answer 13

Are immediate point-in-time virtual copies of the source data
* Offer easier and faster backups and restores
* Should be replicated to another medium or cloud storage to be considered a backup
* Do not increase time to back up based on amount of data
* Improve Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
* Have fast restores
* Result in less data is lost with an outage
* Can easily be encrypted and decrypted

Question 14

backup frequency

Answer 14

Backup frequency is often based on the business impact analysis metric known as the Recovery Point
Objective (RPO):
* RPO is the maximum amount of data loss that you
can tolerate in case of a disaster
* The lower the RPO, the more frequently you need to
back up your data

Question 15

journaling

Answer 15

Journaling is also referred to as journal-based
backup
* Journaling is the simultaneous (real-time) logging of all data-file updates
* This log offers an audit trail and is used to reconstruct the database if the original file is damaged or destroyed
* Journal-based backup is an alternate method of backup that uses a change journal maintained by a hardware or software storage manager

Question 16

encrypting backup

Answer 16

Encrypting the database and other data backups helps secure the data

Question 17

Continuity of operations plan (COOP) or business
continuity plan (BCP)

Answer 17

helps to ensure that the entity
remains operational at a pre-determined level when
disaster strikes

• These are plans and documents approved by executive management that:
• Outline the risk to business
• Populate risk register/ledger
• Provide requirements to mitigate incidents
• Identify the procedures needed to recover from a
  disaster

Question 18

business impact analysis (BIA)

Answer 18

Recovery Time Objective (RTO)
Maximum tolerable downtime (MTD)
Recovery Point Objective (RPO)
Mean time to repair (MTTR)
Mean time between failures (MTBF)

Question 19

Mean time between failures (MTBF):

Answer 19

The number of failures per million hours for a product

Question 20

Mean time to repair (MTTR):

Answer 20

The average time needed to repair or replace a failed system or module

Question 21

Recovery Point Objective (RPO):

Answer 21

The maximum targeted period in which an asset or data may be lost from an IT service due to a major
event

Question 22

Maximum tolerable downtime (MTD):

Answer 22

Absolute maximum amount of time that a resource, service, or function can be unavailable

Question 23

Recovery Time Objective (RTO):

Answer 23

The target amount of time within which a process must be restored after disruption

Question 24

Disaster recovery planning (DRP)

Answer 24

• Outlines the technical aspects involved for restoration:
• Order of restoration (most critical to least critical)
• Backups, snapshots, and restores
• Contact information
• Communication plans
• Chain of authority
• Step-by-step instructions
• Locations of documents, software, and keys
• Recovery sites: Hot, warm, cold, mobile, cloud,
  shared

Question 25

Multicloud

Answer 25

* Is a cloud computing model where an enterprise leverages a combination of clouds (two or more public clouds, two or more private clouds, or a combination of public, private, and edge clouds) * Enables the distribution of data, applications, and services to accelerate app transformation and the delivery of new apps * Supports disaster recovery by leveraging more than one provider for enhanced high availability and durability

Question 26

geographic dispersion

Answer 26

* Distance between systems, or geographic dispersion, has benefits but also has physical and practical limitations * For a disaster recovery solution, typically, the greater the distance between the systems, the greater the protection you will have from areawide disasters * This distance will come with application environment impacts: * When distance is added to a data replication solution, latency is introduced * Latency is the added time it takes for data to reach the target system

Question 27

capacity planning

Answer 27

* Is a technique for analyzing how much production capacity organizations need to meet consumer demand * Is widely used in the data center, manufacturing, and cloud services industries * Assists organizations in governing whether they have enough raw materials, people, technology, and infrastructure to deliver the value proposition

Question 28

types of capacity planning

Answer 28

Product Workforce Tool Production

Question 29

Read-through (plan review)

Answer 29

is where the business continuity plan owner and business continuity team discuss the business continuity plan: * Look for missing elements and inconsistencies within the plan or with the organization * Is a type of checklist test that is useful to train new members of a team, including the business function owner

Question 30

Tabletop testing

Answer 30

is where participants gather in a room to execute documented plan activities in a stress-free environment: * Can use blueprints, topological diagrams, or computer models to effectively demonstrate whether team members know their duties in an emergency and if they need training * Identifies documentation errors, missing information, and inconsistencies across business continuity plans

Question 31

Walkthrough testing

Answer 31

g is a planned rehearsal of a possible incident designed to evaluate an organization's capability to manage that incident: * Provides an opportunity to improve the organization's future responses and enhance the relevant competencies of those involved * Is often done on a limited basis or by scheduling each department or building separately for fire and active shooter drills

Question 32

Simulation testing

Answer 32

determines if business continuity management procedures and resources work in a realistic situation: * May be the most elaborate test most entities ever conduct * Uses established business continuity resources, such as the recovery site, backup equipment, services from recovery vendors, and transportation * Can require sending teams to alternate sites to restart technology as well as business functions

Question 33

A parallel test

Answer 33

involves bringing the recovery site to a state of operational readiness, but maintaining operations at the primary site: * Staff are relocated, backup tapes are transferred, and operational readiness is established in accordance with the disaster recovery plan, while operations at the primary site continue normally * This may be the most comprehensive test most entities ever conduct

Question 34

full interruption test

Answer 34

operations are completely shut down at the primary site to fully emulate the disaster: * The enterprise transfers to the recovery site in accordance with the disaster recovery plan * This is a very thorough test, which is also expensive (may be cost-prohibitive) * The full interruption test has the capacity to cause a major disruption of operations if the test fails

Question 35

types of power outages

Answer 35

blackout brownouts permanent fault rolling blackouts

Question 36

blackout

Answer 36

is a complete loss of power to an area: * This is the most severe type of power outage, typically affecting large numbers of people over potentially large areas

Question 37

brownouts

Answer 37

typically occur if there is a drop in electrical voltage or a drop in the overall electrical power supply: * While brownouts do not cause a complete loss of power, they can cause poor performance from some equipment and some devices

Question 38

permanent fault

Answer 38

a sudden loss of power typically caused by a power line fault: * These are simple and easy to deal with; once the fault is removed or repaired, power is automatically restored

Question 39

rolling blackouts

Answer 39

are different from the other three as they are planned power outages: * These are usually implemented in areas with unstable grids or with infrastructure that cannot handle the population it serves * Rolling blackouts can also be caused if there's not enough fuel to run power at full capacity, whether for the short-term or long-term

Question 40

uninterruptible power supply (UPS)

Answer 40

an electrical component that delivers emergency power to a load when the main power source (typically utility power) fails It conditions incoming power to ensure clean and uninterrupted power, protects devices from power problems, and enables seamless system shutdown during complete outages * A UPS system is particularly beneficial for networking equipment and other devices that can lose data when power is suddenly lost * The UPS is a critical investment to thwart damage, data loss, and downtime caused by power issues

Question 41

generators

Answer 41

* A backup generator is a failover power solution that provides power to business operations and homes * They are typically stationary and require a concrete pad used as a foundation usually situated outside a facility or site * Standby generators are a robust solution that can offer power for days during extended power outages, depending on the fuel type and configuration of the generator * Many sites employ prime or continuous generators for disaster recovery site solutions

Question 42

multiple power sources (info)

Answer 42

* Electricity companies can operate in the same area because they can compete to provide electricity to consumers * While the power may come from the same grid or transmission lines, different companies can generate and supply electricity to the grid * These companies then compete based on factors such as pricing, customer service, and renewable energy offerings * It is similar to how different phone carriers can operate using the same cell towers and infrastructure

Question 43

mobile site recovery time

Answer 43

24 to 48 hours

Question 44

mobile site advantages

Answer 44

* Moderately priced * Typically, can be in place for 36 to 72 hours * Can be placed in the parking lot adjacent to your impacted facility

Question 45

mobile site disadvantages

Answer 45

* Recovery time typically is at least 2 to 5 days longer than a hot site * Access to the impacted facility may be hindered because of the event * A trailer may not be configured exactly as you need it

Question 46

mobile site (info)

Answer 46

This approach avoids employee travel issues but has limitations on equipment availability and outbound bandwidth if small aperture satellite terminal (VSAT) links must be used for communication. If the disaster profile includes events such as hurricanes, floods or toxic spills, these solutions may not be appropriate.

Question 47

cold site recovery time

Answer 47

72 plus hours

Question 48

cold site advantages

Answer 48

* Lowest cost solution * Basic infrastructure power, air, and communication are in place * Can rent the facility for a longer term at lower cost

Question 49

cold site disadvantages

Answer 49

* This has the longest recovery time * All equipment must be ordered, delivered, installed, and made operational * This is the worst solution for supporting ongoing operations

Question 50

cold site (info)

Answer 50

An environmentally appropriate space can be either provisioned internally or contracted from a commercial facilities service provider. Cold-site strategies are usually based on "quick-ship" delivery agreements to allow server, storage, and communications hardware and network service providers to quickly build out the data center and/or client workspace infrastructure.

Question 51

Reciprocal agreement recovery time

Answer 51

12 to 48 hours

Question 52

Reciprocal agreement advantages

Answer 52

* Least costly solution * Better than no strategy

Question 53

Reciprocal agreement disadvantages

Answer 53

* Reciprocal agreement seldom works * Typically, organizations are in the same geographic area and a wide-range disaster like an earthquake renders it of no use * There is no easy way to test

Question 54

Reciprocal agreement (info)

Answer 54

This is typically a formal agreement between two trusted, non-competing partners in different industries in which each provides secure sites for the other. This option is the least favorable and has the greatest risk associated with it.

Question 55

Cloud recovery time

Answer 55

0 to 24 hours

Question 56

cloud advantages

Answer 56

* Data and applications available immediately * Location independent * Easy to test

Question 57

cloud disadvantages

Answer 57

* Security is a concern * Cloud may not allow enough time for a daily cycle processing window

Question 58

Cloud (info)

Answer 58

Data should be in place so activation would only be limited by connectivity and network addressing (DNS propagation)