Disaster Recovery and Continuity of Operations Concepts

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
33 hours 23 minutes
Difficulty
Beginner
CEU/CPE
33
Video Transcription
00:00
Hello and welcome back to Sai Berries. 2019 Comp Tia Security Plus Certification Preparation course.
00:10
We can continue our discussion of marginal five.
00:13
In fact, this is domain fire, and the top of discussion will be risk management.
00:20
We have a brand new learning objective, which is 5.6, where we have to specifically explain disaster recovery and continuity of operations. Concepts.
00:32
Here again are the sub topics, which encompasses this particular learning objective ranging firm recovery sites and turns a hot site, warm site, cold site
00:43
as well as the order or restoration.
00:47
The first item on our agenda is a pre assessment quiz, and it reads as follows. Which of cover site is the easiest to test? Is it a a warm site?
00:58
Be a cold site C ah hot site or D a medium site
01:04
if you select to see you, absolutely quit because the hot site contains all of the Alta computers and telecommunication equipment needed in a disaster test In this environment is quite simple.
01:18
This brings us to our first Adam is recovery sites
01:22
now based on the bins requirements, it might be necessary to have a location when overdoses can reload the following his *** recovery. This location is known as a recovery or backup site. The first woman take a look. It's called a hot site. Now Hot Backup site is a duplicate of the organization current data center,
01:40
all systems configured with near complete backup of user data.
01:45
Typically, real time synchronization is used between sites during sure the data is current. While a hot side is the most expensive option, it enables an organization to restore normal operations and to show this time with the minimum laws after the disaster.
02:00
Then we come to a warm site.
02:02
A warm site contains all to acquire hardware and connectivity to restore services is reasonably duplicate of the organization. Current data center high over data has to be restored at the disaster. For example, the last backup from the offsite storage facility must be delivered and bare metal restoration must be completed.
02:23
The last type will cover site We have is a cold site. Ah, cold side is they sent me a empty operational space with basic facilities. Everything required restore services must be procured
02:36
and delivered to the site before with curry can't begin. While, of course, I is the least expensive. The delay of becoming fully operational can be substantial.
02:46
This brings us to the order A restoration. Now this is a process dictating what type of system to prioritize doing a disaster recovery,
02:55
since staff and resource a limit during recovery when planning for disaster cover. It's important for organization to determine the order in which systems should be brought online from the critical system that should be restored first to the least critical system that should be restored last. The older they shoot prerogative, review the order or restoration this
03:15
as new system were brought online and legacy systems are
03:19
decommission.
03:20
Not all system are equal to the organization.
03:23
One component, maybe more crucial to the business than the another. In other words, you must treat us the damage done.
03:30
You can customize the order to fit your business needs. Example. Cloud storage, whose data center and office areas were flooded,
03:38
was still other words. You want to restore clean, dry condition to data center.
03:43
You wanna store power to that data center again? This is an example. If you have a cloud storage
03:49
company where the data set office were flooded, number three you want a story Internal Data Center In terms of the networking
03:54
number four, you want to restore their data sort of storage and processing server.
03:59
Step number five with store inbound and outbound network connectivity to your data center. Step number six Restore clean, dry conditions of general office area
04:08
Stepping in the cellar. You want to restore your workstations functionality and last, but I certainly will restore your desk and cubicle environments.
04:17
Now, this brings us to a brand new again topics which encompasses the 5.6 objective which were initially
04:26
test upon in the beginning of this particular video.
04:29
In fact, we have to explain his *** recovery and the continuity of operations concepts, some sub topics We're gonna be highlight here is called the term called Backup Concepts in terms off determine what to do between a differential incremental snapshot and a full
04:46
So the 1st 1 want to take a let's call a full backup. Now, when you planning for data center restoration of the disaster and over the *** choose to appropriate back up type that meets its business requirements.
04:59
A full backup is complete copy of the data. A full backup provides a simplest method for recovery, since the entire data could be easily restore using a simple recovery set, however, many organizations use them on a periodic basis only because they are time consuming to make, and they require large amount of backup storage.
05:21
Then we come to incremental, incremental backup copies on Lee. The data has changed since the previous backup, regardless of whether the backup was full or incremental. In other words, an incremental backup advice a fastest back of time and requires the smallest amount of backup storage. However,
05:40
an incremental backup has a slow recovery time,
05:44
since all incremental backups must be was stored.
05:46
Then we have differential
05:48
a differential backup in terms of copies on Lee, the data has changed since the previous four. Backup is considered a clear motive. Incremental backup, a differential backup device, a fast of a store time and requires less backup stores than an incremental backup. However,
06:08
a differential backup across more time to create, then
06:11
an incremental backup.
06:14
This brings us to our backup concepts.
06:16
Now it's a snapshot. Is a state of your system at a particular point in time
06:26
continuing in this particular discussion of this particular objective in terms of explaining device recovery and continuity of operations. Now we want to turn towards some additional subcategory that fall within this particular an objective. We don't take a look at geographical locations, discuss offsite backup distance.
06:45
No cases selection,
06:46
legal implications as well as data sovereign tree.
06:53
So we look it geographic considerations. It's imperative for donors Ace to include your a graphical diversity when planning for business continuity in his ***. Recovery
07:01
While implemented, backups ensure with doneness of data hosting the backup in an off site location. Insurers redundant data does not have a single juror got for a point of failure.
07:13
We have to also look a distance. Basically, an organization should include enough distance between the primary and secondary site to minimize the potential for disaster that affects both sites simultaneously. So, in this case, backup consideration on the back of me that must be secured but still accessible
07:29
on site store used for most recent backup, you're offside stores use for your long term backups in terms of implications, off site backups, backup stored in a short, this is a way for make it quick and easy to restore operation.
07:44
On the other hand, maybe it's a substitute, same with as your primary site. Example, your entire geographical region. Maybe so. Substitute hurricane damage. Offsite backup may need to be geographically dispersed
07:57
now. There are so obviously some challenges involved in different municipalities.
08:01
State counties and reason have their own laws and regulations they may need to adjust the data retention prescription policies.
08:09
Data Sovereignty is a nation's social political outlook concerning information technology. The notion may not may not respect data. Privacy
08:18
Nation may disapprove of certain content. Nation may be suspicious of what we call security measures like encryption, research, foreign culture as well as the laws as well. So these are obvious some considerations that we have to take an account.
08:35
This brings us to again disaster cover in a country of operations.
08:39
We're going Take a look again, terms up some sub categories.
08:43
Why it's important for us, obviously, to conduct exercise or we called tabletop exercises. We also have at the action reports alright, down toe alternate business practices.
08:54
So when we look at the content of operations planning, we have Walt Dude workshops and orientation. Seven hours. Basically, they do. They provide basic awareness and training for your recovery personnel it describes the contents of your business continuity plan. That's what's disaster covered plan and other plans. It describes the Rose as well as responsibly of those plans
09:13
in terms of tabletop exercises.
09:16
Basic recovered team members discuss their roles in emergencies. Recovery team members discuss their responses in certain situations.
09:24
Then we have our function exercises, which is an action based section where personnel validate plans.
09:31
We also have personnel actively respond to simulate a scenario, particularly, you engage what we call function exercises. You actually have your personnel active respond to similar scenarios. We also have full scale exercises. Now. These are action based sessions that reflect riel situations.
09:48
They're here on site and you you actually use real personnel for this particular
09:52
type of exercise and more often conducted by public agencies.
09:58
Continuing discussion country of operations
10:01
We have a term call fell overnight. This is a technique that ensures were done in assets came quickly, in effect, vexed recently. In other words, take over for feel assets
10:11
alternate processing site. It is a site that allows all mission critical or business essential functions to be restored if there is a disruption
10:20
to the primary process in sight.
10:24
We have alternate business practices. It might be necessary for organization to implement an ultimate set of business practices after disruption.
10:33
At this point in time, we have our post assessment quiz,
10:37
and it reads as follows. Which of the following backup concept is the quickest back up, but the slowest restore? Is it a incremental
10:46
be differential?
10:48
C four or D snapshots?
10:52
If you said that day your absolute great, because incremental backup other quickest backup method, but the slowest method to restore incremental backup backup. All new files and any files have changed since the last backup or incremental backup do store from incremental backups. You need need the full backup and every incremental backup in order.
11:13
At this point in time, we have a key takeaways from this particular video presentation. We learned that Ah hot backup site is a duplicate of an organization current data center, all system configured with near complete
11:26
backup of uses data.
11:28
We also learned that that that a snapshot is a state of a system at a particular point in time.
11:35
We also learned it a difference. A backup copy on Lee, the data that's changed since the previous full backup is considered a clue. Motive, incremental backup
11:46
and our upcoming video. We pretend it'll take a look at a brand new loon objective, which is 5.7 not doing this particular objective. We literally going to compare and contrast various types of controls, and again, I look forward to seeing the very next video.
Up Next
CompTIA Security+

Interested in the cybersecurity industry? The CompTIA Security+ is the gold standard for those looking to enter the cybersecurity industry. Join thousands of professionals who have gained this certification through this course and launched their careers in information security.

Instructed By