Certified Incident Handler (CIH) Practice Ecam

What recovery approach did Jack adopt after the eradication of the AWS security incident?

• A. All-in-one backup
• B. Cold standby
• C. Pilot light
• D. Single-site recovery

The correct answer is: Pilot light

The pilot light recovery approach is suitable in scenarios where rapid restoration of critical systems and applications is necessary after a security incident like the one Jack experienced. With pilot light, essential services and components are maintained in a minimal state, allowing for faster scalability and full recovery when required. This method involves keeping a scaled-down version of a fully functional environment, which includes key application components and systems. In the event of an incident, these smaller elements can be quickly scaled up to full capacity, significantly reducing downtime compared to other recovery methods. This approach is especially beneficial for businesses that need to balance cost and recovery time, as it avoids the higher expenses associated with maintaining a fully operational standby environment. In contrast, all-in-one backup typically refers to a comprehensive backup of all data and systems, which may prolong recovery times due to the need for comprehensive restoration. Cold standby involves maintaining a complete dormant replica of the environment without real-time updates, creating a longer recovery period as systems must be reinstated from a completely separate instance. Single-site recovery focuses on recovering systems at a single site without redundancy, which may not provide the needed resiliency or speed for effective incident response. The pilot light method combines efficiency and effectiveness, making it the preferred choice in Jack's scenario post-erad