WEBVTT 1 00:00:00.000 --> 00:00:01.260 In this lesson, 2 00:00:01.260 --> 00:00:04.140 we will learn about recovery strategies. 3 00:00:04.140 --> 00:00:06.131 Recovery strategies involve planning 4 00:00:06.131 --> 00:00:09.660 and implementing methods to restore systems 5 00:00:09.660 --> 00:00:12.390 and services to operational status 6 00:00:12.390 --> 00:00:14.820 after disruptions or failures. 7 00:00:14.820 --> 00:00:17.490 Recoverability methods include backups 8 00:00:17.490 --> 00:00:19.980 and failover mechanisms to ensure 9 00:00:19.980 --> 00:00:23.880 that systems can be quickly restored after disruption. 10 00:00:23.880 --> 00:00:27.510 Let's learn more about recoverability backups 11 00:00:27.510 --> 00:00:29.550 and failover mechanisms. 12 00:00:29.550 --> 00:00:31.560 In an enterprise environment, one 13 00:00:31.560 --> 00:00:34.950 of our top priorities is ensuring the recoverability 14 00:00:34.950 --> 00:00:38.980 of critical systems and data in the event of a disaster. 15 00:00:38.980 --> 00:00:42.581 Recoverability refers to the organization's ability 16 00:00:42.581 --> 00:00:45.909 to restore normal operations as quickly 17 00:00:45.909 --> 00:00:49.950 and effectively as possible after an incident. 18 00:00:49.950 --> 00:00:53.491 To achieve this, we develop disaster recovery plans 19 00:00:53.491 --> 00:00:57.060 that clearly outline the step by step-by-step procedures 20 00:00:57.060 --> 00:01:01.440 for recovering systems, applications, and data. 21 00:01:01.440 --> 00:01:05.550 For example, if a company's domain controller goes down 22 00:01:05.550 --> 00:01:07.112 due to a cyber attack, 23 00:01:07.112 --> 00:01:11.310 the disaster recovery plan outlines the exact steps 24 00:01:11.310 --> 00:01:15.060 to switch to backups and restore operations. 25 00:01:15.060 --> 00:01:17.760 These plans should include roles 26 00:01:17.760 --> 00:01:21.851 and responsibilities as well as recovery time objectives 27 00:01:21.851 --> 00:01:26.040 or RTOs and recovery point objectives 28 00:01:26.040 --> 00:01:29.370 or RPOs, which set out how quickly we need 29 00:01:29.370 --> 00:01:30.872 to restore critical systems 30 00:01:30.872 --> 00:01:35.250 and how much data loss is acceptable during a disaster. 31 00:01:35.250 --> 00:01:37.620 A key aspect of recovery planning 32 00:01:37.620 --> 00:01:40.200 involves having a backup strategy. 33 00:01:40.200 --> 00:01:43.032 For instance, in the case of a ransomware attack, 34 00:01:43.032 --> 00:01:47.340 having backups ensures you don't lose critical data. 35 00:01:47.340 --> 00:01:49.821 There are several different types of backups. 36 00:01:49.821 --> 00:01:53.563 Full backups create a complete copy of all data, 37 00:01:53.563 --> 00:01:56.741 but take longer and use more storage. 38 00:01:56.741 --> 00:02:00.720 A full backup is like copying an entire hard drive. 39 00:02:00.720 --> 00:02:04.650 Incremental backups save changes since the last incremental 40 00:02:04.650 --> 00:02:06.180 or full backup. 41 00:02:06.180 --> 00:02:08.781 Incremental backups are quicker and more efficient, 42 00:02:08.781 --> 00:02:12.573 but involve restoring from multiple incremental backup files 43 00:02:12.573 --> 00:02:16.770 if a full recovery is needed, and that's complex. 44 00:02:16.770 --> 00:02:20.580 Meanwhile, differential backups capture all changes since 45 00:02:20.580 --> 00:02:24.020 the last full backup, making it easier to restore data 46 00:02:24.020 --> 00:02:27.570 because at most, only the last full backup 47 00:02:27.570 --> 00:02:30.592 and the most recent differential backup are required 48 00:02:30.592 --> 00:02:32.610 for a full recovery. 49 00:02:32.610 --> 00:02:37.320 Last, synthetic full backups administratively combined, full 50 00:02:37.320 --> 00:02:40.380 and incremental or differential backups 51 00:02:40.380 --> 00:02:43.740 to create a new complete backup without having 52 00:02:43.740 --> 00:02:46.860 to copy everything again from the system. 53 00:02:46.860 --> 00:02:49.560 Saving time and resources. 54 00:02:49.560 --> 00:02:50.760 Beyond backups. 55 00:02:50.760 --> 00:02:54.216 Failover mechanisms enable the continuance of operations 56 00:02:54.216 --> 00:02:56.285 during system failures. 57 00:02:56.285 --> 00:02:59.915 A practical example is a website staying online 58 00:02:59.915 --> 00:03:02.790 even if one server crashes. 59 00:03:02.790 --> 00:03:06.690 Thanks to failover mechanisms, there are two main types 60 00:03:06.690 --> 00:03:08.310 of failover mechanisms. 61 00:03:08.310 --> 00:03:12.870 Active-active failover, and active-standby failover. 62 00:03:12.870 --> 00:03:15.575 In an active-active system, both the primary 63 00:03:15.575 --> 00:03:18.747 and backup systems are running at the same time, 64 00:03:18.747 --> 00:03:23.010 so if one fails, the other takes over immediately. 65 00:03:23.010 --> 00:03:26.100 Conversely, in an active standby setup, 66 00:03:26.100 --> 00:03:29.760 one system is active while the other is in standby mode, 67 00:03:29.760 --> 00:03:32.760 ready to take over if the first one fails. 68 00:03:32.760 --> 00:03:36.420 Finally, to ensure all these strategies work effectively, 69 00:03:36.420 --> 00:03:40.140 regular disaster recovery tests are essential. 70 00:03:40.140 --> 00:03:43.917 Disaster recovery test types include tabletop testing, 71 00:03:43.917 --> 00:03:47.107 parallel testing, simulation testing, 72 00:03:47.107 --> 00:03:49.860 and full interruption testing. 73 00:03:49.860 --> 00:03:52.530 In tabletop testing, key team members 74 00:03:52.530 --> 00:03:55.920 review the disaster recovery plan step-by-step. 75 00:03:55.920 --> 00:03:59.250 In parallel testing, backup systems are activated 76 00:03:59.250 --> 00:04:00.884 alongside the main systems 77 00:04:00.884 --> 00:04:04.980 to ensure they work without causing production downtime. 78 00:04:04.980 --> 00:04:07.337 Simulation testing goes a step further 79 00:04:07.337 --> 00:04:10.470 by creating a mock disaster to test 80 00:04:10.470 --> 00:04:12.990 how well your team responds, still 81 00:04:12.990 --> 00:04:16.920 without shutting anything down on the production network. 82 00:04:16.920 --> 00:04:20.430 More advanced testing includes full interruption testing. 83 00:04:20.430 --> 00:04:23.907 In a full interruption test, systems are taken offline 84 00:04:23.907 --> 00:04:27.507 and backups take over, demonstrating failover 85 00:04:27.507 --> 00:04:32.460 and recovery from a real but inserted disaster. 86 00:04:32.460 --> 00:04:35.489 So remember in an enterprise environment, 87 00:04:35.489 --> 00:04:38.910 ensuring the recoverability of critical systems 88 00:04:38.910 --> 00:04:41.238 and data is a top priority. 89 00:04:41.238 --> 00:04:44.329 This involves creating disaster recovery plans 90 00:04:44.329 --> 00:04:47.580 that outline the steps for restoring systems 91 00:04:47.580 --> 00:04:50.070 and data after an incident. 92 00:04:50.070 --> 00:04:52.748 Disaster recovery plans require clear roles, 93 00:04:52.748 --> 00:04:56.490 responsibilities, and recovery objectives. 94 00:04:56.490 --> 00:04:58.500 Indirect support of recovery. 95 00:04:58.500 --> 00:05:00.939 A strong backup strategy is essential. 96 00:05:00.939 --> 00:05:04.411 Different types of backups, like full, incremental, 97 00:05:04.411 --> 00:05:07.680 differential, and synthetic, help ensure 98 00:05:07.680 --> 00:05:11.010 that data can be restored quickly and efficiently. 99 00:05:11.010 --> 00:05:15.000 Additionally, fail over mechanisms such as active-active, 100 00:05:15.000 --> 00:05:18.171 and active-standby systems allow operations 101 00:05:18.171 --> 00:05:21.780 to continue smoothly if a system fails, 102 00:05:21.780 --> 00:05:24.990 and finally, to make sure these strategies work. 103 00:05:24.990 --> 00:05:26.891 Regular disaster recovery tests, 104 00:05:26.891 --> 00:05:30.320 including tabletop, parallel, simulation, 105 00:05:30.320 --> 00:05:33.690 and full interruption testing are crucial 106 00:05:33.690 --> 00:05:36.483 for validating the plan's effectiveness.