Shared Flashcard Set

Details

CompTIA Sec+ 5.6
Disaster recovery and continuity of operation
26
Computer Science
Professional
12/01/2018

Additional Computer Science Flashcards

 


 

Cards

Term
Recovery sites
Definition
• Recovery sites
- Hot site
- Warm site
- Cold site
Term
Order of restoration
Definition
-List of applications that have priority.
-Part of Disaster Recovery plan
-Organization management determines priority
-Can change depending on time of year, or new business requirements
Term
Hot site
Definition
-Duplicate of primary site
-Constantly updated with current information
-Can pick up operations very quickly
Term
Warm site
Definition
Site with hardware available but requires you to load software. Possibly OS as well as apps.
Term
Cold site
Definition
-A site that typically has no computer hardware
-Typically it is just a site that you can use to build a new facility from scratch.
Term
Backup concepts
Definition
- Differential
- Incremental
- Snapshots
- Full
Term
Geographic considerations
Definition
- Off-site backups
- Distance
- Location selection
- Legal implications
- Data sovereignty
Term
Continuity of operation planning
Definition
- Exercises/tabletop
- After-action reports
- Failover
- Alternate processing sites
- Alternate business practices
Term
Exercises/tabletop
Definition
-A type of disaster drill that steps through the process with everyone in the room and talk about exactly what happens at what time
-Scope must be determined first
-Necessary members must be there
-Find out where the gaps are
Term
After-action reports
Definition
-Explanation of exercise, scope, and objectives
-details about the things that worked very well
-information about the things that didn’t work well at all.
Term
Failover
Definition
Switching over business processes to the back up site
Term
Alternate processing sites
Definition
-Continuity of Operations Plan
-capabilities to sustain an organization's essential, strategic functions for upto 30 days
Term
Alternate business practices
Definition
-Operations procedures for using alternate sites
Term
Location selection
Definition
-fixed site
-time and expense to move personnel
-trade off between maintenance, expense vs startup time
-geographic position of site not likely to be impacted by the same disaster
Term
Legal implications
Definition
-Alternate Site requirements to be in same country
-Disaster Declaration
-Site Availability
-Site Guarantee
-Security Requirements
-Contract change or mod process
-Contract agreement termination
-Cost fee structure: occupance, administration, maintenance, testing, transportation costs, expense allocation
-Where is offsite storage of data allowed to occur
Term
Data sovereignty
Definition
-The concept that information which has been converted and stored in binary digital form is subject to the laws of the country in which it is located.
-Who owns the data
Term
Vaulting
Definition
-Sending backup media to off site storage
Term
e-vaulting
Definition
Sending backups offsite electronically
Term
NIST 800-34
Definition
Contingency Planning Guide
for Information Technology
Systems
Term
System Development Life Cycle
Definition
Initiation
Development/Acquisition
Implementation
Operation/Maintenance
Disposal
Term
RPO
Definition
Recovery Point Objective
-Restoration of a database back to what point in time? 5 minutes prior to failure or maybe 1 minute, or maybe 15 minutes prior to failure.
Term
RTO
Definition
Recovery Time Objective
-The maximum amount of time it can take to restore a system after an outage
Term
ALE
Definition
Annual Loss Expectancy
Term
BIA Business Impact Analysis
Definition
Life
Property
Safety
Finance
Reputation
Term
Privacy Threshold Analysis - PTA
Definition
-the first step to help determine what type of privacy requirements may be associated with a particular kind of data
-determine if PIA is needed
-identify which of those business processes have some type of privacy-sensitive component
Term
PIA - privacy impact assessment
Definition
-Makes sure that the systems and the processes that you have in place are compliant with the existing laws and regulations.

-Must determine what type of personally identifiable information is being gathered, and how that information is being used
Supporting users have an ad free experience!