CPA ISC - S2 M3 Availability, Resiliency, and Disaster Recovery

Question 1

What is a Cold Site?

Answer 1

A cold site is an off-site location that has all the electrical connections and other physical requirements for data processing, but does not have the actual equipment. It is empty but ready for use.

Question 2

What is a Hot Site?

Answer 2

A hot site is an off-site location that is equipped to take over the company’s data processing as these locations are not only pre-wired for use but also include the necessary hardware. This is the most expensive option.

Question 3

What is a Warm Site?

Answer 3

A warm site is between a cold and hot site. It has some stuff installed but will take some actions to get it operational.

Question 4

What is a Business Continuity Plan (BCP)?

Answer 4

Business continuity plans are more comprehensive than disaster recovery plans and contain contingency and mitigation procedures around all business processes.

Question 5

What is Mirroring?

Answer 5

Mirroring is a process that applies to data storage and backup, entails copying a database onto a different machine for the purpose of data redundancy in the event that the primary database fails.

Question 6

What is Replication?

Answer 6

Replication involved copying and transferring data between different databases located in different sites, such as a geographically different data center or the cloud. Replication allows operations to resume quickly using data in the secondary site after a system failure.

Question 7

Maximum Tolerable Downtime (MTD)

Answer 7

The amount of time a business can tolerate an outage without causing long-term significant damage.

Question 8

Recovery Point Objective (RPO)

Answer 8

The maximum threshold for data lost, dollars lost, or inoperability as measured by a metric.

Question 9

Recovery Time Objective (RTO)

Answer 9

The maximum amount of time it should take to restore business operations to a target state following a system failure.

Question 10

Mean Time to Repair (MTTR)

Answer 10

Average length of time it takes to repair a damaged or inoperable device.

Question 11

Recovery Time Actual (RTA)

Answer 11

The actual time it takes to restore business operations.

Question 12

Recovery Point Actual (RPA)

Answer 12

The actual time it takes to recover to a pre-event state.

Question 13

Uninterrupted Power Supply (UPS)

Answer 13

An Uninterrupted Power Supply is a device that maintains a continuous supply of electrical power to connected equipment.

Question 14

What is a Full System Backup?

Answer 14

A full system backup is exact copies of the entire database made periodically.

Question 15

What is an Incremental System Backup?

Answer 15

An incremental system backup is only copying the data items that have changed since the last backup.

Question 16

What is a Differential System Backup?

Answer 16

A differential system backup copies all changes made since the last full backup. This is essentially a hybrid of full and incremental (where this is in the middle).

Question 17

Annualized Rate of Occurrence (ARO)

Answer 17

The expected frequency of occurrences in a year.

Question 18

Exposure Factor (EF)

Answer 18

The damage in terms of dollars, expressed as a percentage of an asset’s value.

Question 19

Single Loss Expectancy (SLE)

Answer 19

The cost of an individual loss.

SLE = Damage likelihood x Avg cost of asset

Question 20

Annualized Loss Expectancy (ALE)

Answer 20

The cost of a specific lost in a given year.

ALE = SLE x ARO

Question 21

What are the steps for developing a Business Continuity Plan?

Answer 21

1. Assess key risks
2. Identify mission-critical applications and data
3. Develop a plan for handling these applications
4. Determine responsibilities for parties involved in disaster recovery
5. Test the recovery plan

Question 22

What are the steps of a Business Impact Analysis (BIA)?

Answer 22

1, Establish the BIA approach
2. Identify critical resources
3. Define disruption impacts
4. Estimate losses
5. Establish recovery priorities
6. Create the BIA report
7. Implement BIA recommendations