Security+ Disaster Recovery

I was recently asked for some clarification on Security+ disaster recovery and Security+ redundancy. Some people think they are the same, but they aren’t.

If you’re planning to take the Security+ exam, you should know the difference between the two.

Check out this post for information on Security+ redundancy.

Security+ Disaster Recovery

Disaster recovery is a part of an overall business continuity plan. Often the organization will use the business impact analysis to identify the critical systems and components and then develop disaster recovery strategies and disaster recovery plans (DRPs) to address the systems hosting these functions.

In some cases, an organization will have multiple DRPs within a BCP, and in other cases, the organization will have a single DRP. For example, it’s possible to have individual DRPs that identify the steps to recover individual critical servers, and other DRPs that detail the recovery steps after different types of disasters such as hurricanes or tornadoes. A smaller organization may have a single DRP that simply identifies all the steps used to respond to any disruption.

A DRP or a BCP will include a hierarchical list of critical systems. This list identifies what systems to restore after a disaster and in what order. For example, should a server hosting an online web site be restored first, or a server hosting an internal application? The answer is dependent on how the organization values and uses these servers. In some cases, systems have interdependencies requiring systems to be restored in a certain order.

If the DRP doesn’t prioritize the systems, individuals restoring the systems will use their own judgment, which may not meet the overall needs of the organization. For example, Nicky New Guy (or even Homer) may not realize that a web server is generating $5,000 an hour in revenue but does know that he’s responsible for keeping a generic file server operational. Without an ordered list of critical systems, he may spend his time restoring the file server and not the web server.

This hierarchical list is valuable when using alternate sites such as warm or cold sites, too. When the organization needs to move operations to an alternate site, the organization will want the most important systems and functions restored first.

Similarly, the DRP often prioritizes the services to restore after an outage. As a rule, critical business functions and security services are restored first. Support services are restored last.

The different phases of a disaster recovery process typically include the following steps:

• Activate the disaster recovery plan. Some disasters, such as earthquakes or tornadoes, occur without much warning, and a disaster recovery plan is activated after the disaster. Other disasters, such as hurricanes, provide a warning, and the plan is activated when the disaster is imminent.
• Implement contingencies. If the recovery plan requires implementation of an alternate site, critical functions are moved to these sites. If the disaster destroyed on-site backups, this step retrieves the off-site backups from the off-site location.
• Recover critical systems. After the disaster has passed, the organization begins recovering critical systems. The DRP documents which systems to recover and includes detailed steps on how to recover them. This also includes reviewing change management documentation to ensure that recovered systems include approved changes.
• Test recovered systems. Before bringing systems online, administrators test and verify them. This may include comparing the restored system with a performance baseline to verify functionality.
• Document and review. The final phase of disaster recovery includes a review of the disaster, sometimes called an after-action review. This often includes a lessons-learned review to identify what went right and what went wrong. The organization often updates the plan after a disaster to incorporate any lessons learned.

Check out these posts for information on Security+ redundancy and Adding Redundancy.

Or check out this post for some free practice test questions on Security+ disaster recovery.

Security+ Full Access Package

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. They can also be used to help ensure you’re ready no matter what study guide you’re using.

This exam is expensive.

Make sure you’re ready before exam day. 

Here’s what you’ll get:

• All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. See a demo here. All questions have full explanations so you’ll know why the correct answers are correct and why the incorrect answers are incorrect.
• Realistic SY0-601 Security+ Practice Test Questions
• Performance-based questions.
• All of the flashcards from the study guide. View them in any Web browser. See demo here
• All of the audio from the study guide.
• Access to a free discount code for 10% off your Security+ voucher.

Buy The Full Access Study Package Today

60 Days Access

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

This blog post was derived from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide, which has helped thousands of people pass the Security+ exam the first time they took it. It can help you too.