Olá pessoal,

Esse artigo é um resumo de todas as terminologias que anotei sobre o Domínio Business Continuity and Disaster Recovery Planning durante o meu preparatório para a certificação do CISSP. Acredito que será bastante útil para quem esta estudando para o exame.

Para receber os próximos domínios assine a Newsletter!

Bom estudo!!!

Hot Site Contains everything needed tobecome operationalin the shortest amount of time. Computers, climate control, cables and peripherals, butdoes not include data.
Hot Site Advantages Ready within hours for operation;
Highly available;
Usually used for short-term solutions, but available for longer stays;
Annual testing available.
Hot Site Disadvantages Very expensive;
Limited on hardware and software choices.
Warm Site Hassome basic equipmentor in some case almost all of the equipment but it is not sufficientto be operational.
Cold Site Has basically power, HVAC, basic cabling, but no or little as far as processing equipment is concerned.
Warm and Cold Site Advantages Less expensive;
Available for longer timeframes because of the reduced costs;
Pratical for proprietary hardware or software use;
Warm and Cold Site Disadvantages Not immediately available;
Operational testing not usually available;
Resources for operations not immediately available.
Redundant Sites Are owned by the company and are mirrors of the original production environment.
Disaster Recovery Manager Should also be amember of the team that assisted in the development of theDisaster Recovery Plan.
Reciprocal Agreement Is where two or more organizationsmutually agree to provide facilities to the other if a disaster occurs.
Transaction Redundancy Implementation Electronic vaulting, remote journaling and database shadowing.
Electronic Vaulting Is the process of transfering backup data to off-site location through communication lines. Takes place in batches and moves the entire filethat has been updated.
Remote Journaling Refers to the parallel processing of transactions to an alternate site. Takes place in real time and transmits only thefile deltas.
Database Shadowing Uses the live processing of remote journaling, but creates even more redundancy by duplicating the database sets to multiple servers.
Data Clustering Refers to the classification of data into groups (clusters).
RPO (Recovery Point Objective) Describes the age of the data you want the ability to restore in the event of a disaster. Point to which application data must be recovered to resume business transactions.
RTO (Recovery Time Objective) Is a period of time within which business and / or technology capabilities must be restored following anunplanned event or disaster. RTO is one of the results of BIA.
ACV (Actual Cash Value) The ACV is the default valuation clause for commercial property insurance. Value of item on the date of loss.
RCV (Replacement Cost Value) RCV is the maximum amount yourinsurance companywillpay you for damageto covered property before deducting for depreciation.
MTD (Maximum Tolerable Downtime) It is maximum delay businesses can tolerate and still remain viable.
Nonessential 30 days.
Normal 7 days.
Important 72 hours.
Urgent 24 hours.
Critical Minutes to hours.
Salvage Team Should be responsible for starting the recoveryof the original site.
BIA (Business Impact Analysis) As part of a disaster recovery plan, BIA is likely to identify costs linked to failures. One of the first stepsof a BIA is to evaluate an organization’s business functions and associated systems, applications, and technology to determine how critical those functions are to the organization.
Parity Information Is created using a hamming code that detects errors andestablishes which partof which drive is in error.
Diverse Routing As it routes traffic through split cable facilities orduplicate cable facilities.
DRP (Disaster Recovery Plan) DRP refers to an IT-focused plan designed to restore operability of the target system, application, or computer facility at an alternate site after an emergency.
BCP (Business Continuity Plan) The BCPfocuses on sustaining an organization’s businessfunctions during and after a disruption.
BRP (Business Recovery Plan) The BRP addresses the restoration of business processes after an emergency.
Restoration Team Should be responsible for getting the alternative site into a working and functioning environment.
Incident Response Plan Focuses on information security responses to incidents affecting systems and/or networks.
OEP (Occupant Emergency Plan) Provides the response procedures for occupants of a facility in the event of a situation posing a potential threat to the health and safety of personnel, the environment, orproperty.
RA (Risk Assessment) Is designed to evaluate existing exposures from the organization’s environment.
BIA (Business Impact Analysis) Assesses potential loss that could be caused by a disaster.
MTBF (Mean-Time-Between Failure) Is the average length of time the hardware is functional without failure.
MTTR (Mean-Time-To-Repair) Is the amount of time it takes to repair and resume normal operation after afailure has occurred
Parallel Test Is a full testof therecovery plan, utilizing all personnel.
Full-Interruption Test Activates the total disaster recovery plan. This testis costly and could disrupt normal operations.
Checklist Test Is onlyconsidered a preliminary step to a real test.
Structured Walk-Through Test Business unit management representatives meet towalk through the plan, ensuring it accurately reflects the organization’s ability to recover successfully, at least on paper.
Dual Data Center Strategy also called redunded siteor alternate site would be employed for applications, which cannot accept any downtimewithout impacting business.
Peril Policy is often a good choice for thosebusiness ownerswhose business is located in an area frequently hit by natural disasterssuch as hurricanes, tornados, or floods. Such apolicy spells outthe specific eventsfor which you are covered.
All-Risk Policy covers your business from damages caused by any type of disasterwith the exception of those specifically excludedin the policy. Floods and earthquakes are two events that aretypically excluded, but coverage for thesetypes of disasters can beadded to the policyfor an additional fee.
Criticality Survey Isimplemented through a standard questionnaire to gather input from the most knowledgeable people.
Nondisaster Is a disruption in service due to a device malfunction or failure.
Disaster Is an event that causes the entire facility to be unusable for a day orlonger.
Catastrophe Is a major disruption that destroys the facility altogether.
Software escrow Third party holds the source code, backups of the compiled code, manuals, and other supporting materials.
Full Backup All data are backed up. The archive bitis cleared, which means that it is set to 0.
Differential Backup Backup the files that have been modified since the last Full Backup. Thearchive bit does not change. Take more time backup phase and take less time to restore.
Incremental Backup Backup all the files that have changed since the last Full Backup orIncremental Backup and sets the archive bit to 0. Take less time backup phase and take more time to restore.
Tape Vaulting The data are sent over a serial line to abackup tape system at the offsite facility.
Corrective control BCP are designed to minimize the damage done by the event, and facilitate rapid restorationof the organization to its full operational capacity. They are for use after the fact, thus are examples of Corrective controls.
Recovery Team Is responsible for restoring critical business functions at an alternate site in the event of disruption.
Damage Assessment Team Is responsible for assessing the damage at the primary site when a disaster occurs.
RAID 0 (Striping) Data striped over several drives. No redundancyor parity is involved. If one volume fails, the entire volume is unusable. It is used for performance only.
RAID 1 (Mirroring) Mirroring of drives. Data is writtento two drives at once. If one drive fails, the other drive has the exact same data available.
RAID 3 (Byte-level parity) Data striping over all drivesand parity data heldon one drive. If a drive fails, it can be reconstructed from parity drive. Is implemented at the byte level.
RAID 4 (Block-level parity) Same as level 3, except parity iscreated at the block level instead of the byte level.
RAID 5 (Interleave parity) Data is written in disk sectorunits to all drives. Parity is writtento all drives also, which ensures that there is no single point of failure.
RAID 6 (Second parity data or double parity) Similar to level 5, but with added fault tolerance, which is asecond set of parity data written to all drivers.
RAID 10 (Striping and mirroring) Data are simultaneously mirrored and striped across several driversand can support multiple drive failures.
RAID 15 Is created by combining RAID Level 1and Level 5.

Luciano Lima
[CISSP]-[MVP Enterprise Security]-[MCSA Security]-[MCSE Security]

Você gostou do artigo?
Compartilhe com seus amigos.
Receba a Newsletter por e-mail

One comment on “CISSP Domain: Business Continuity and Disaster Recovery Planning

Deixe uma resposta