CPA ISC - S2 M3 Availability, Resiliency, and Disaster Recovery Flashcards
What is a Cold Site?
A cold site is an off-site location that has all the electrical connections and other physical requirements for data processing, but does not have the actual equipment. It is empty but ready for use.
What is a Hot Site?
A hot site is an off-site location that is equipped to take over the company’s data processing as these locations are not only pre-wired for use but also include the necessary hardware. This is the most expensive option.
What is a Warm Site?
A warm site is between a cold and hot site. It has some stuff installed but will take some actions to get it operational.
What is a Business Continuity Plan (BCP)?
Business continuity plans are more comprehensive than disaster recovery plans and contain contingency and mitigation procedures around all business processes.
What is Mirroring?
Mirroring is a process that applies to data storage and backup, entails copying a database onto a different machine for the purpose of data redundancy in the event that the primary database fails.
What is Replication?
Replication involved copying and transferring data between different databases located in different sites, such as a geographically different data center or the cloud. Replication allows operations to resume quickly using data in the secondary site after a system failure.
Maximum Tolerable Downtime (MTD)
The amount of time a business can tolerate an outage without causing long-term significant damage.
Recovery Point Objective (RPO)
The maximum threshold for data lost, dollars lost, or inoperability as measured by a metric.
Recovery Time Objective (RTO)
The maximum amount of time it should take to restore business operations to a target state following a system failure.
Mean Time to Repair (MTTR)
Average length of time it takes to repair a damaged or inoperable device.
Recovery Time Actual (RTA)
The actual time it takes to restore business operations.
Recovery Point Actual (RPA)
The actual time it takes to recover to a pre-event state.
Uninterrupted Power Supply (UPS)
An Uninterrupted Power Supply is a device that maintains a continuous supply of electrical power to connected equipment.
What is a Full System Backup?
A full system backup is exact copies of the entire database made periodically.
What is an Incremental System Backup?
An incremental system backup is only copying the data items that have changed since the last backup.
What is a Differential System Backup?
A differential system backup copies all changes made since the last full backup. This is essentially a hybrid of full and incremental (where this is in the middle).
Annualized Rate of Occurrence (ARO)
The expected frequency of occurrences in a year.
Exposure Factor (EF)
The damage in terms of dollars, expressed as a percentage of an asset’s value.
Single Loss Expectancy (SLE)
The cost of an individual loss.
SLE = Damage likelihood x Avg cost of asset
Annualized Loss Expectancy (ALE)
The cost of a specific lost in a given year.
ALE = SLE x ARO
What are the steps for developing a Business Continuity Plan?
- Assess key risks
- Identify mission-critical applications and data
- Develop a plan for handling these applications
- Determine responsibilities for parties involved in disaster recovery
- Test the recovery plan
What are the steps of a Business Impact Analysis (BIA)?
1, Establish the BIA approach
2. Identify critical resources
3. Define disruption impacts
4. Estimate losses
5. Establish recovery priorities
6. Create the BIA report
7. Implement BIA recommendations
