| 🏠 Back to Exam Syllabus | 📺 RooCloud on YouTube | 🌐 RooCloud Practice Exams |
CISSP 18.2 - Understand System Resilience, High Availability, & Fault Tolerance
This episode of the ISC2 Certified Information Systems Security Professional (CISSP) exam prep series digs into the technical controls in Domain 7 that keep systems running when parts of them break. It covers how to design so that when a component dies, and one always eventually does, the service simply keeps going while the broken piece is quietly swapped, honoring the availability promise made to the business.
What this episode covers
- Three related concepts — resilience, fault tolerance, and high availability, all aimed at the single point of failure.
- Measuring the nines — availability as uptime percentage, with each extra nine costing dramatically more to reach.
- RAID arrays — striping, mirroring, and parity to survive disk failure, and why a RAID is never a backup.
- Failover clusters — a standby server assuming the load instantly, paired with a load balancer for scale.
- Power protection — battery backups bridging the gap to a generator, and locking in a fuel contract early.
- Trusted recovery — staying as secure after a crash as before, rebooting nonprivileged, fail-secure or fail-open.
- Quality of service — managing bandwidth, latency, and jitter, and prioritizing the traffic that matters most.
Watch the full episode above for the worked examples and detailed explanations of each concept.
Frequently Asked Questions
What do resilience, fault tolerance, and high availability really mean?
They all attack one enemy, the single point of failure, which is any component whose failure sinks the whole system. Fault tolerance means the system suffers a fault but keeps operating, achieved by adding redundant parts. Resilience means the system holds an acceptable service level during trouble and can return to its earlier state afterward. High availability layers on redundant components like load balancing and failover so a system bounces back fast, much like a plane with multiple engines that still flies after losing one.
How do you measure availability, and why do the nines matter?
You measure it as the percentage of time a system is up. Three nines means 99.9% availability, which still allows less than forty-four minutes of downtime across a thirty-day month. Push to five nines, and you have squeezed that budget down to roughly twenty-six seconds a month. Every extra nine costs dramatically more to achieve, because it demands stacking fault tolerance, resilience, and high availability together, so set the target to the business need rather than to a vanity number.
How do you protect the disks that hold your data?
The workhorse is a RAID array, which combines two or more disks so the system survives a disk failure. Striping alone speeds things up but gives no protection, mirroring keeps a full duplicate on a second disk, and striping with parity spreads recovery information so a lost disk can be mathematically rebuilt, with a dual-parity variant surviving two failed disks. Never confuse this with a backup, because if a catastrophe destroys the whole array or someone deletes a file, only a real backup brings the data back.
How do you keep servers and power from becoming a single failure?
For servers, you use a failover cluster where a standby server automatically assumes the load the instant the active one dies, and pairing that with a load balancer spreading traffic across several web servers gives you both scale and fault tolerance. In the cloud, providers offer this as a managed service across regions. For power, a battery backup carries you through the brief gap, just long enough to shut down safely or spin up a generator, so lock in a fuel contract before a widespread disaster drains the local supply.
What does trusted recovery guarantee, and how does quality of service help?
Trusted recovery guarantees a system is just as secure after a failure as it was before one, rebooting into a limited, nonprivileged state, with a fail-secure system locking down and a fail-open system granting access, decided in advance. The formal model defines four grades from manual up through automated recovery. Quality of service manages bandwidth, latency, jitter, packet loss, and interference, and its real power is prioritization, pushing mission-critical traffic ahead of the merely nice-to-have and even enforcing security rules like required encryption.
📚 Master the ISC2 CISSP Exam!
Ready to test your knowledge? Access chapter-specific Multiple Choice Questions (MCQs) and full-length practice exams for the ISC2 CISSP certification at RooCloud.com. Solve the chapter-wise questions to reinforce this lesson before moving to the next episode.
Reference: This article is based on concepts discussed in CISSP 18.2 - Understand System Resilience, High Availability, & Fault Tolerance.