1. [10 points] Compare and contrast "high availability" and "disaster recovery" for IT systems. Are they both possible at the same time
b. If our company owned 100 of these systems, how many would we expect to repair every year?
c. Is it valid to say that a single system with an MTBF of 40,000 hours should last roughly 4.5 years between repairs? Why or why not?
3. [10 points] How are recovery time objective (RTO) and recovery point objective (RPO) related in disaster recovery? Why are written and agreed to SLAs so critical?
4. [10 points] Describe the Zachmann framework for enterprise architecture. What do the rows represent? What do the columns represent? How does enterprise architecture support business continuity and disaster recovery?
5. [5 points] In two to three paragraphs of prose (i.e. sentences, not bullet lists) using APA style citations as needed, summarize and interact with the content that was covered for this week using the learning outcomes listed above for reference. In your summary, you should highlight the major topics, theories, practices, and knowledge that were covered. Your summary should also interact with the material through personal observations, reflections, and applications to the field of study. In particular, highlight what surprised, confused, enlightened, or otherwise engaged you. In other words, you should think and write critically not just about what was presented but also what you have learned through the session. Feel free to ask questions in this as well since it will be returned to you with answers.
6. [10 points] How is the system model stack related to the concept of security "defense in depth?" Why are layers of security better?
The system model stack (see figure) shows the sets of dependencies in an information system architecture. At each stage in the system model stack, a different set of controls can be applied for the purposes of protecting the availability of the service. For example, everything depends on the physical environment in which the hardware resides. A disaster in the physical environment will affect all levels above it. Thus, a defense in depth strategy would have appropriate controls for the physical environment (i.e. uninterruptable power supplies, generators, fire suppression, cooling equipment, etc.) as the first line of defense for availability. As you move up the stack, different controls (i.e. disk and power supply redundancy at the hardware level, heartbeat monitors at the OS level, clustering at the middleware and application level, etc) that are further controls on risks to availability. The overall goal is to have no single points of failure, which is analogous to a defense in depth security strategy and why a layered security architecture is more secure.
Recently Asked Questions
- It is the identification of drugs and medicines by their scientifically and internationally recognized active ingredient as determined by the Bureau of Food
- Which of the following relationship has a very limited usefulness especially in construction projects ?
- The determination of conformance with scope requirements is called ____ ?