Business Continuity & Disaster Recovery — Trade-off Decisions
SY0-701 Obj 5.4 · Business Continuity Planning
A ransomware attack has encrypted Acme Corp's primary data center. The CISO must invoke the DR plan.
The company has strict constraints: annual IT budget of $2M, a contractual SLA requiring systems restore within 4 hours, and the last verified backup is from 6 hours ago.
You must: (1) order the 8 DR activation steps correctly, (2) select the appropriate RTO/RPO targets and DR site tier, and (3) answer the cost vs. recovery trade-off questions.
SLA Requirement
4 hrs
Max downtime (RTO)
Last Backup Age
6 hrs
Data loss window (RPO)
Annual IT Budget
$2M
Total IT spend
Attack Type
Ransomware
Primary site encrypted
Part 1 — Drag the 8 DR steps into correct activation order (1 = first)
🗃️ DR Steps — drag to order
📋 DR Activation Order (1 = first action)
Part 2 — Select the correct DR targets given the constraints above
⏱️ Recovery Targets
Recovery Time Objective (RTO)
Max acceptable downtime for this SLA
Recovery Point Objective (RPO)
Max acceptable data loss
Backup frequency needed to meet RPO
How often must backups run going forward?
🏢 DR Site Selection
Appropriate DR site tier given 4-hour RTO + $2M budget
Hot = always-on mirror | Warm = partially ready | Cold = empty shell
Why NOT a hot site for Acme Corp?
Select the most accurate reason
⚖️ Part 3 — Cost vs. Recovery Trade-offs
Q1. After the ransomware incident, the CISO wants to pay the ransom to recover faster. The security team recommends against it. What is the primary security reason?
Q2. The 6-hour-old backup means up to 6 hours of transaction data is lost. What technology, if implemented beforehand, would have reduced the RPO to near-zero?
Q3. Before restoring from backup, what is the most critical step to prevent immediate re-infection?