CISSP · Question #1157
A security architect is reviewing plans for an application with a Recovery Point Objective (RPO) of 15 minutes. The current design has all of the application infrastructure located within one co- loca
The correct answer is A. Availability. The scenario describes evaluating whether a single-datacenter design can meet an RPO of 15 minutes, which is fundamentally an assessment of the system's availability posture and resilience to disruption.
Question
A security architect is reviewing plans for an application with a Recovery Point Objective (RPO) of 15 minutes. The current design has all of the application infrastructure located within one co- location data center. Which security principle is the architect currently assessing?
Options
- AAvailability
- BDisaster recovery (DR)
- CRedundancy
- DBusiness continuity (BC)
How the community answered
(58 responses)- A84% (49)
- B5% (3)
- C2% (1)
- D9% (5)
Why each option
The scenario describes evaluating whether a single-datacenter design can meet an RPO of 15 minutes, which is fundamentally an assessment of the system's availability posture and resilience to disruption.
Availability is the security principle concerned with ensuring systems and data are accessible when needed, including surviving failures or disasters. An RPO of 15 minutes defines how much data loss is tolerable during an outage, which directly measures the availability requirement of the system. The architect is assessing whether the single-datacenter design can maintain sufficient availability to meet that recovery objective.
Disaster Recovery is a set of processes and technologies used to restore systems after a disruption, not the overarching security principle being evaluated when reviewing RPO requirements against an infrastructure design.
Redundancy is a specific technical mechanism (duplicating components to prevent single points of failure) used to achieve availability, but it is not the broader security principle the architect is assessing at the design review level.
Business Continuity refers to the broader organizational capability to maintain essential functions during and after a disaster, which encompasses more than just the technical RPO metric being evaluated in this scenario.
Concept tested: Availability principle and RPO in security design
Source: https://learn.microsoft.com/en-us/azure/well-architected/reliability/metrics
Topics
Community Discussion
No community discussion yet for this question.