Read this whole guide offline with no ads, for a low price!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)

Previous Topic/Section
5.9.7  Destruction
Previous Page
Pages in Current Topic/Section
1
2
345
Next Page
5.11  Success Questions
Next Topic/Section

5.10  Summary
(Page 2 of 5)

Disaster Recovery



You explored the subject of disaster recovery, which is the process of planning and implementing policies to enable your business to continue after experiencing some critical event. A key component of disaster recovery planning involves implementing a backup policy, including regular backups and off-site storage of backup media (which protects your backups from disasters affecting the immediate area of your network operations center). You might also consider encrypting backups, since that way, someone who can access your backup media still wouldn’t be able to access the data on it. You learned about different backup techniques, which include:

  • Full backup (everything on the system is backed up).

  • Differential backup (all files changed since the last full backup are backed up).

  • Incremental backup (all files changed since the last backup of any type, are backed up).

Two popular strategies for organizing which tapes are used for which day’s backups are the Towers of Hanoi and the Grandfather-Father-Son methods.

Alternate Sites

When planning the disaster recovery process, it can be useful to arrange for alternate facilities to be used in the event that the disaster affects your network operations center. A copy of all information needed for business continuation, or access to copies of this information, such as vital employee records and backups, should be available at the alternate site. Types of alternate sites include:

  • Cold Sites, equipped with power, air conditioning and space in which equipment can be delivered and installed for operations if required.

  • Warm Sites, with the facilities of a cold site, plus possibly some pre-configured hardware and additional facilities like network connectivity arrangements and telephone service.

  • Hot Sites, fully equipped with utilities and equipment sufficient to run required processing; this could be a branch office or perhaps even a site at another company with whom you have a reciprocal agreement; it could also be a site at a shared disaster recovery facility managed by a third party; generally copies of your applications and possibly backups are “ready to go” on site, should they be needed.

When using alternate sites, you would typically deploy the most business critical functionality first, and work toward getting other functionality up and running on an as-needed, prioritized basis. Similarly, when you can return to your main facility, you should focus on moving functionality back to your main site based on the cost of continuing operations at the alternate site, moving the applications most costly to maintain at the alternate site first.

You learned about disaster recovery plans, which specify who is responsible for each activity, what is needed to accomplish each activity, the order in which disaster recovery steps are performed, where additional resources (such as duplicate systems) can be obtained and how quickly this can happen, as well as estimated costs and financial justification for the plan.

Business Continuity

You discovered that when planning for business continuity (allowing critical business functions to continue without interruption or major change), you need to consider several areas:

  • Utilities: Do you have backup power via UPS’s or even generators? What about backup telephone lines and data connections?

  • High availability / fault tolerance systems, which support high availability or provide fault tolerance can cost more than their less-resilient siblings, but in calculating whether the risk is worth it, consider the dollar amount it will cost your organization to do without that functionality for a certain amount of time)

  • Backups. Things happen; having good backups, and testing those backups regularly to ensure that your backup procedure still works as intended, will eventually be a lifesaver.

Previous Topic/Section
5.9.7  Destruction
Previous Page
Pages in Current Topic/Section
1
2
345
Next Page
5.11  Success Questions
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.