Chapter 14 - Business Continuity Flashcards
Business continuity
The ability of an organization to maintain its operations and services in the face of a disruptive event.
Single point of failure
A component or entity in a system which, if it no longer functions, would adversely affect the entire system.
High availability
A system that can function for an extended period of time with little downtime.
Mission-essential function
The activity that serves as the core purpose of the enterprise.
Disaster recovery plan (DRP)
A written document that details the process for restoring IT resources following an event that causes a significant disruption in service.
Fault tolerance
A systems ability to deal with malfunctions.
Redundancy
The use of duplicated equipment to improve the availability of the system.
Mean time to recovery (MTTR)
The average time for a device to recover from a failure that is not a terminal failure
Mean time between failures (MTBF)
A statistical value that is the average time until a component fails, cannot be repaired, and must be replaced.
Redundant Array of Independent Drives (RAID)
A technology that uses multiple hard disk drives for increased reliability and performance.
Hot site
A duplicate of the production site that has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.
Cold site
A remote site that provides office space; the customer must provide and install all the equipment needed to continue operations.
Warm site
A remote site that contains computer equipment but does not have active internet or telecommunication facilities, and does not have backups of data.
Data backup
The process of copying information to a different medium and storing it at an offsite location so that it can be used in the event of a disaster.
Recovery point objective (RPO)
The maximum length of time that an organization can tolerate between backups.
Recovery time objective (RTO)
The length of time it will take to recover data that has been backed up.
Full backup
The starting point for all backups that copies the entire set of data.
Differential backup
A backup that copies any data that has changed since last full backup.
Incremental backup
A backup that copies any data that has changed since last full backup or last incremental backup.
Data sovereignty
The concept that data stored in a digital format is subject to the laws of the country in which the storage facility resides.
Electromagnetic interference (EMI)
Electromagnetic fields emitted from technology devices that can result in interference.
Electromagnetic pulse (EMP)
A short duration burst of energy by the source.
Faraday cage
A metallic enclosure that prevents the entry or escape of an electromagnetic field.
Forensics
The application of science to questions that are of interest to the legal profession.
Incident response plan (IRP)
A set of written instructions for reacting to a security incident.
The 6 action steps to be taken when an incident occurs, called the incident response process, also make up the 6 elements of an IRP
1) preparation
2) identification
3) containment
4) eradication
5) recovery
6) lessons learned
Chain of custody
A process of documentation that shows that the evidence was always under strict control and no unauthorized individuals were given the opportunity to corrupt the evidence.