Basic elements:

· Documented recovery plan

· Power protection

· Fire suppression

· Redundancy

· Fault-tolerant data storage

o Hardware-based solution

o Built-in tools

§ If you lose one drive in a mirror set or a RAID-5 set, you are not fault tolerant

· Understand tasks

· Perform drills

Redundancy:

· Clusters: one server picks up the load for another when it goes offline

· Network load balancing

· Hot spare server

· Offsite live backup

· Offsite tape storage

· Redundancy is expensive so:

o Pick level of tolerance

o Create document

Actions:

1- Using Data Recovery Agent (DRA) in Encrypting File System (EFS) by making .CER file by cipher Command line and add it in Local Security Policy -> Public Key Policies-> Encrypting File System

a. For disabling the EFS in Domain from GPEdit.msc-> Computer Config->Windows Settings-> Security Settings-> Public Key Policies-> right-click on Encrypting File System->all Tasks-> Delete Policy

2- Using redundancy and Fault Tolerant storage like Raid -1 (mirror) and RAID-5 (stripe sets with parity)

3- Use of shadow copies feature that works on NTFS volumes for Shared files only (installed by default(not enabled) for win 2k3 but for XP we need install it by twclient.msi from 2k3 CD and for other OSs like win98 download shadowcopyclient.msi and win NT doesn’t support this feature ) we need enable the feature for volume, if we understand that shadow copies are big amount we can appoint an especial Volume for it from Volume Properties (right-click on e.g.: c:\ and select properties) -> Shadow copy Tab -> settings

a. We have access on previous Tab on properties window for copy or restore previous version of changed file or changed folder (changed folder means deleted a file) just from network address. E.g.: in case we changed a text file accidentally in c:\share folder\myfile.doc which its share name is \\hppc\share\myfile.doc we don’t have access previous tab on the properties on the local address and we must get access from previous version <- Properties <- myfile.doc from \\hppc\share\myfile.doc

4- Automated System recovery (ASR)

a. Create backup set of: 1- system state 2- OS files 3- configuration

Note: Doesn’t include data or application besides it is not a replacement for nightly data backups

5- Back up in an alternative media:

Note: always use switch /UM for ntbackup command which it doesn’t stop backup process for changing Tape in drive and writes to whatever media is there.

a. Volume shadow copy

b. Backup system State includes:

i. Registry

ii. AD

iii. Sysvol