Page 1339 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1339

Exam Essentials


               Know the common types of natural disasters that may
               threaten an organization. Natural disasters that commonly
               threaten organizations include earthquakes, floods, storms, fires,

               tsunamis, and volcanic eruptions.

               Know the common types of man-made disasters that may
               threaten an organization. Explosions, electrical fires, terrorist
               acts, power outages, other utility failures, infrastructure failures,
               hardware/software failures, labor difficulties, theft, and vandalism are
               all common man-made disasters.


               Be familiar with the common types of recovery facilities. The
               common types of recovery facilities are cold sites, warm sites, hot sites,
               mobile sites, service bureaus, and multiple sites. Be sure you
               understand the benefits and drawbacks for each such facility.

               Explain the potential benefits behind mutual assistance
               agreements as well as the reasons they are not commonly
               implemented in businesses today. Mutual assistance agreements

               (MAAs) provide an inexpensive alternative to disaster recovery sites,
               but they are not commonly used because they are difficult to enforce.
               Organizations participating in an MAA may also be shut down by the
               same disaster, and MAAs raise confidentiality concerns.

               Understand the technologies that may assist with database
               backup. Databases benefit from three backup technologies.
               Electronic vaulting is used to transfer database backups to a remote

               site as part of a bulk transfer. In remote journaling, data transfers
               occur on a more frequent basis. With remote mirroring technology,
               database transactions are mirrored at the backup site in real time.

               Know the five types of disaster recovery plan tests and the
               impact each has on normal business operations. The five types
               of disaster recovery plan tests are read-through tests, structured walk-
               throughs, simulation tests, parallel tests, and full-interruption tests.

               Checklist tests are purely paperwork exercises, whereas structured
               walk-throughs involve a project team meeting. Neither has an impact
   1334   1335   1336   1337   1338   1339   1340   1341   1342   1343   1344