Business Continuity and Disaster Recovery Planning Flashcards

1
Q

BCP

A

Business Continuity Plan. A long-term to ensure continuity of business operations. Goal is to ensure a business will continue to operate before, throughout and after a disaster event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

COOP

A

Continuity of Operations Plan. A plan to maintain operations during a disaster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DRP

A

Disaster Recovery Plan. A short-term plan to recover from a disruptive event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

MTBF

A

Mean Time Between Failures. Quantifies how long a new or repaired system will run on average before failing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MTTR

A

Mean Time To Repair. Describes how long it will take to recover a failed system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PIDAS Fence

A

Perimeter Intruder Detection Assessment System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Disruptive Events (Disaster) Types (3)

A

Natural, Human or Environmental

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

MTD

A

Maximum Tolerable Downtime.
Consists of:
(1) RTO - Recovery Time Objective
(2) WRT - Work Recovery Time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

DRP Process Steps

A

Respond, Activate Recovery Team, Communications, Assessment & Reconsistution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

BCP/DRP Planning Steps

A
Project Initiation
Scope the Project
Business Impact Analysis
Identify Preventive Controls
Recovery Strategy
Plan Design and Development
Implementation, Training and Testing
BCP/DRP Maintenance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

BIA

A

Business Impact Analysis. Process for determining how a disruption to the IT systems of an organization will impact the organization’s requirements, processes and interdependencies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

BIA Components (2)

A

(1) Identification of critical assets

(2) Comprehensive risk analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Failure and Recovery Metrics

A

RPO, RTO, WRT, MTBF MTTR MORs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

RPO

A

Recovery Point Objective. The amount of data loss or system inaccessibility that an organization can withstand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

RTO/WRT

A

Recovery Time Objective/Work Recovery Time. RTO is the maximum time allowed to recover business or IT systems - how long it take to get the hardware running. WRT is the time needed to configure a recovered system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

MTD

A

Maximum Tolerable Downtime. also MAD, MTO or MAO

…MTD = RTO + WRT

17
Q

MOR

A

Minimum Operating Requirements. The minimal environmental and connectivity requirements in order to operate computer equipment.

18
Q

Redundant Site

A

Exact production duplicate site with real-time synchronization of data. Highest cost and highest availability of all recovery options. No loss of data and changeover is transparent to users. Immediate recovery.

19
Q

Hot Site

A

Contains all necessary hardware and critical applications data mirrored in real time. Ready to go site. Recovery in hours.

20
Q

Warm Site

A

Fully configured and ready data center. Relies on backups to restore systems. Recovery in days

21
Q

Cold Site

A

Ready building with contingencies for equipment, supplies and applications. Recovery in weeks.

22
Q

Mobile Sites

A

Datacenters on wheels. Contain equipment, HVAC, fire suppression and physical security. Can be used on-site of original datacenter.

23
Q

Crisis Communications Plan

A

A plan for communicating to staff and the public.

(1) Call Trees/Automated call trees

24
Q

HA

A

High Availability Cluster. The goal is to decrease the recovery time of a system or network device so that the availability of the service is less impacted than it would be by having to rebuild, reconfigure, etc.
(1) Active-active Cluster: Multiply systems used to process traffic or data, load balancing. (2) Active-Passive Cluster: Secondary system online and active with data backed to system.

25
Q

DRP Testing Methods

A

(1) DRP Review: Review of plan.
(2) Checklist (Consistency): Using focused checklist to ensure availability of all necessary resources.
(3) Structured Walk-through: Tabletop exercise. Each aspect of plan is discussed and talk through steps.
(4) Simulation Test: A walk-through drill. Teams respond to simulated disaster to carry out recovery plan
(5) Parallel Processing: Recovery of critical processing components at an alternative facility and then restore data from a previous backup. Main site remains online.
(6) Business Interruption: Main site stopped and recovery performed at alternate site.