ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
During a disaster recovery test, the team restores the organization's ERP servers at the alternate site within the eight-hour recovery time objective defined in the DRP, but the restored database is missing the last 18 hours of transactions. Which DRP metric requires revision?
The scenario shows that system functionality was brought back within the required recovery time objective (RTO), so the time to become operational is acceptable. However, the amount of data lost (18 hours) exceeds what the business can tolerate. The metric that limits acceptable data loss is the Recovery Point Objective (RPO), which specifies the maximum age of data that must be recoverable after an outage. Revising the RPO-by increasing backup frequency, enabling continuous replication, or employing journaling-would reduce potential data loss in future disasters. The maximum tolerable downtime (MTD) and mean time to repair (MTTR) address overall service disruption and repair efficiency, not data recency. Therefore, the RPO is the metric that needs adjustment.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between RPO and RTO?
Open an interactive chat with Bash
How can an organization improve its RPO?
Open an interactive chat with Bash
What role does Maximum Tolerable Downtime (MTD) play in disaster recovery planning?
Open an interactive chat with Bash
What is the Recovery Point Objective (RPO)?
Open an interactive chat with Bash
How is RPO different from Recovery Time Objective (RTO)?
Open an interactive chat with Bash
What strategies can help reduce data loss and improve RPO?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)