Reference · Living document

Glossary

The shared vocabulary. Once a term is here, every lesson uses it the same way. Grows as we go.

RPO — Recovery Point Objective

The maximum data loss you can tolerate, measured in time. "RPO = 24h" means a disaster may cost you up to a day's changes. Set by backup frequency. Your homelab today: RPO = ∞ (no backups). In the field: written into every DR plan and SLA.

RTO — Recovery Time Objective

The maximum downtime you can tolerate — how fast you must be back. Set by your restore method and how rehearsed it is. Untested backups inflate RTO silently — a restore you've never run is a guess, not a number. Fix it with a fire drill.

3-2-1 rule

3 copies of data, on 2 different media, with 1 off-site. The minimum bar for surviving the realistic disasters (drive death, theft, fire, ransomware, your own mistake). Coined by photographer Peter Krogh, 2005. Modern variant 3-2-1-1-0 adds: 1 copy offline/immutable, 0 backup errors (i.e. verified restores).

Fire drill / Restore test

A deliberate, scheduled rehearsal of recovery — restore a backup to a throwaway target, confirm it boots, time it, tear it down — performed calm, not during an outage. The only thing that turns a backup into a proven recovery and an RTO into a real number. In the field: "when did you last test a restore?" is an audit and interview question. A true DR test restores onto different hardware. (GitLab, 2017: five backup methods, none restorable.)

DR / BCP — Disaster Recovery / Business Continuity

DR = the technical plan to restore systems after a failure. BCP = the wider plan to keep operating. The professional home of RPO, RTO, and 3-2-1.

Backup ≠ Redundancy

Redundancy (RAID, ZFS mirror) survives a hardware failure with no downtime — but faithfully replicates your mistakes and ransomware to both disks instantly. Backup is a point-in-time copy you can roll back to. You need both; they solve different problems.

vzdump

Proxmox's built-in backup tool. Produces a single archive per guest (config + all data). Modes: snapshot (live, minimal pause), suspend, stop. Schedulable as a job with retention.

Default-deny

A firewall posture where everything is blocked unless explicitly allowed (the opposite of default-allow). The foundation of every serious network policy. Your host firewall is currently disabled — neither deny nor allow is enforced.

Attack surface

The sum of all points an attacker could try — open ports, services, accounts, exposed APIs. Security work is largely shrinking it. Every listening port must earn its place.

Blast radius

How far the damage spreads when one component is compromised. You reduce it with isolation and least privilege, so one breached service can't take the whole host.

Least privilege

Every user, process, and container gets the minimum access it needs — nothing more. A privileged LXC maps container-root to host-root (escape = host compromise); an unprivileged one does not.

CVE / CVSS

A CVE is a catalogued public vulnerability (e.g. CVE-2024-xxxxx). CVSS is its 0–10 severity score. Patch cadence is how you stop known, already-fixed CVEs from being your breach.

Audit findings All lessons Mission