Chapter 18 - Disaster Recovery Planning Flashcards
According to the Federal Emergency Management Agency, approximately what percentage of US states is rated with at least a moderate risk of seismic activity?
80 percent
Which disaster type is not usually covered by standard business or homeowner’s insurance?
Flood
How long does it take to activate warm sites?
Activation of warm site typically takes at least 12 hours from the time a disaster is declared. This does not mean that any site that can be activated in less than 12 hours qualifies as a hot site; however, switch over times for most hot sites are often measured in seconds or minutes, and complete cut overs seldom take more than an hour or two.
During the salvage of the Local Area Network and Servers, which of the following steps would normally be performed first?
The first activity in every recovery plan is damage assessment, immediately followed by damage mitigation.
This first activity would typically include assessing the damage to all network and server components (including cables, boards, file servers, workstations, printers, network equipment), making a list of all items to be repaired or replaced, selecting appropriate vendors and relaying findings to Emergency Management Team.
Following damage mitigation, equipment can be recovered and LAN communications network and servers can be reinstalled.
What is NOT normally one of the questions that would be asked in regards to an organization’s information security policy?
Actions to be performed in case of a disaster are not normally part of an information security policy but part of a Disaster Recovery Plan (DRP).
Only personnel implicated in the plan should have a copy of the Disaster Recovery Plan whereas everyone should be aware of the contents of the organization’s information security policy.
The MOST common threat that impacts a business’s ability to function normally is
The MOST common threat that impacts a business’s ability to function normally is power. Power interruption cause more business interruption than any other type of event.
The second most common threat is Water such as flood, water damage from broken pipe, leaky roof, etc…
Who should direct short-term recovery actions immediately following a disaster?
The Disaster Recovery Manager should also be a member of the team that assisted in the development of the Disaster Recovery Plan. Senior-level management need to support the process but would not be involved with the initial process.
MTD values for critical systems
Here are some examples of MTD values suggested by Shon Harris:
NonEssential 30 Days
Normal 7 Days
Important 72 Hours
Urgent 24 Hours
Critical Minutes to hours
Work Recovery Time (WRT)
WRT is the remainder of the overall MTP values. RTO usually deals with getting the infrastructure and system backup and running, and WRT deals with restoring data, testing processes, and then marking everything “live” for production purposes.
Purpose of change control committee
The committee is informed to ensure that all changes are properly submitted, tested, and approved. The goal is for changes to be desirable and beneficial for the company as a whole, and that change be developed and implemented in a correct manner.
HSM
A hierarchical storage management (HSM) system is an automated data storage system. It provides continuous online backup functionality.
Recovery Time Objective (RTO)
RTO is the earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences associated with a break in business continuity.
The backup site should be at least how many miles away from the primary site to give the company maximum protection in case of regional disasters.
25
Prosper steps for developing a disaster recovery plan
- Develop the continuity planning policy statement.
- Conduct the business impact analysis.
- Identify preventive controls.
- Develop recovery strategies.
- Develop the contingency plan.
- Test the plan and conduct training and exercises.
- Maintain the plan.
Functional exercises
It allows personnel to validate their operational readiness for emergencies by performing their duties in a simulated operational environment.