| Lesson 2 | Prerequisites |
| Objective | Verify that you have the correct background for this course. |
Disaster Recovery Prerequisites (Windows Server Skills and Background Required)
In order to get the most out of this course, you should have the following skills or experience:
If you don't have the skills listed here, consider taking the first, second, third, or fourth course in this series. In the next lesson, you will learn what you need to take this course.
- AZ-800 (Administering Windows Server Hybrid Core Infrastructure) or AZ-801 (Configuring Windows Server Hybrid Advanced Services), or equivalent knowledge and experience with Windows Server administration
- A thorough understanding of DHCP, DNS, and Internet Protocol (IP) subnetting and routing. Modern Windows Server environments use DNS and DNSSEC for name resolution; legacy environments may still use WINS, which this course addresses in the context of migration.
- A thorough understanding of Active Directory, Group Policy, and managing file resources
- Experience supporting networks and end users
If you don't have the skills listed here, consider taking the first, second, third, or fourth course in this series. In the next lesson, you will learn what you need to take this course.
Disaster Recovery Prerequisites for Windows Server 2022/2025
For a Windows Server administrator, disaster recovery (DR) builds on solid foundational skills across server management, high availability, backup and restore, virtualization, and networking. DR focuses on minimizing downtime and data loss after events such as hardware failures, ransomware attacks, natural disasters, or site outages. It involves planning around RTO and RPO targets, configuring replication, implementing failover and failback procedures, regular testing, and integrating hybrid and cloud options. This lesson establishes the knowledge baseline required before proceeding to the technical content of the course.
Core Knowledge Prerequisites
Windows Server Administration
Strong hands-on experience with Windows Server 2016, 2019, 2022, or 2025 is the foundation of this course. You should be comfortable installing and configuring server roles and features in both Desktop Experience and Server Core modes, applying cumulative updates and security patches, and troubleshooting common server failures. Server Core installations are increasingly common in enterprise environments because they reduce the attack surface and patching overhead — DR procedures for Core servers differ from GUI-based servers in several important ways, particularly around PowerShell-based recovery automation. Candidates who hold or are working toward AZ-800 or AZ-801 certifications have the appropriate administrative depth for this course.
Networking Fundamentals — TCP/IP, DNS, DHCP
Disaster recovery operations frequently depend on network connectivity between primary and secondary sites, between on-premises infrastructure and Azure, and between domain controllers during forest recovery. You must have a thorough understanding of TCP/IP addressing and subnetting, DNS zone types and replication, DHCP scope management and failover, VPN configurations, and firewall rules for replication traffic. DNS is the critical dependency — Active Directory replication, Hyper-V Replica, Storage Replica, and Azure Site Recovery all require DNS to be functional before recovery can proceed. Legacy environments may include WINS (Windows Internet Name Service), which was deprecated in Windows Server 2008 R2 and should be migrated to DNS-based name resolution. DNSSEC (Domain Name System Security Extensions) is the current standard for securing DNS query responses and is covered in this course in the context of securing the recovery infrastructure.
Active Directory Domain Services
Active Directory Domain Services (AD DS) is the identity backbone of Windows Server environments, and forest recovery is one of the most complex DR scenarios you will encounter. You must understand domain controller roles (including FSMO roles), Active Directory replication topology, and the distinction between authoritative and non-authoritative restores. An authoritative restore is required when you need to recover deleted objects — such as accidentally deleted Organizational Units or user accounts — and must be performed before the restored domain controller replicates with other DCs. A non-authoritative restore recovers the DC's database to a consistent state and then allows normal replication to bring it current. Group Policy is also a DR concern — recovery of corrupted or deleted GPOs requires familiarity with the Group Policy Management Console and SYSVOL replication via DFSR.
PowerShell Scripting for Automation
PowerShell is the primary automation tool for Windows Server DR procedures. You should be comfortable writing and running scripts for backup jobs, replication configuration, failover testing, and recovery tasks. In Core installations — where there is no GUI — PowerShell is the only administration interface, making scripting proficiency non-negotiable. Key modules include
ServerManager for role management, Hyper-V for VM operations, StorageReplica for replication configuration, and ActiveDirectory for identity recovery. Azure PowerShell and the Az module are required for hybrid DR operations involving Azure Site Recovery and Azure Backup. Repeatable, documented PowerShell runbooks are the difference between a DR plan that works under pressure and one that fails at the worst moment.
Virtualization and High Availability
Hyper-V Fundamentals
Windows Server Hyper-V is the virtualization platform underlying most Windows Server DR architectures. You must be able to install and manage the Hyper-V role, create and configure virtual machines, manage virtual networking (internal, external, and private switches), and administer virtual storage (VHD, VHDX, pass-through disks). VM snapshots — called checkpoints in Hyper-V — are useful in development and test environments but carry significant caveats in production: checkpoints consume storage, can degrade performance, and complicate backup procedures. Production VMs should use Hyper-V Replica or Azure Site Recovery for DR rather than checkpoint-based recovery. Export and import operations are relevant for offline migration of VMs between hosts during a recovery event.
Failover Clustering
Failover Clustering provides high availability within a single site by allowing workloads to automatically move between cluster nodes when a node fails. You should understand cluster quorum configuration, cluster shared volumes (CSV), and the distinction between HA (protecting against node failure within a site) and DR (protecting against site-level failure). Stretched clusters — where cluster nodes span two physical sites — combine HA and DR but require low-latency, high-bandwidth connectivity between sites and synchronous storage replication. For most organizations, Failover Clustering handles within-site HA while Hyper-V Replica or Storage Replica handles cross-site DR.
Storage Management — Storage Spaces and Storage Replica
Storage Spaces provides software-defined storage that abstracts physical disks into resilient virtual disks with mirroring or parity. Storage Replica is a Windows Server feature that provides synchronous or asynchronous block-level replication of volumes between servers or clusters — it is the native Windows Server solution for zero-data-loss site-to-site DR. Synchronous replication guarantees that every write is committed to both the source and the destination before acknowledging success to the application, making RPO = 0 achievable at the cost of write latency. Asynchronous replication allows the source to acknowledge writes before the destination confirms receipt, reducing latency at the cost of a small RPO window. Storage Replica is available in Windows Server 2022 Datacenter edition. You should also be familiar with iSCSI and Fibre Channel for shared storage in cluster configurations.
Backup and Recovery Concepts
Backup Strategies — The 3-2-1-1-0 Rule
The 3-2-1 backup rule — three copies of data, on two different storage media types, with one copy offsite — has been the industry standard for decades. Modern ransomware threats have extended this to the 3-2-1-1-0 rule: three copies, two media types, one offsite copy, one immutable copy (air-gapped or WORM storage that ransomware cannot encrypt or delete), and zero unverified backups (every backup must be tested for restorability). An untested backup is not a backup — it is an assumption. Regular restore tests, documented in a recovery runbook, are the only way to verify that backup data is actually recoverable under time pressure during a real incident.
Windows Server Backup (WSB)
Windows Server Backup is the built-in backup feature available on all Windows Server editions at no additional license cost. It supports scheduled backups of individual volumes, system state, specific files and folders, Hyper-V virtual machines, and bare-metal recovery images. System state backups capture the components required to restore a server to a functional state — including the Active Directory database, SYSVOL, registry, and boot files — and are the standard mechanism for domain controller recovery. Bare-metal recovery creates a complete disk image that can restore a server to dissimilar hardware. WSB writes to local volumes, external disks, or network shares; it does not natively write to Azure, which requires the Microsoft Azure Backup agent (MARS) or the Azure Backup service.
Hyper-V Replica
Hyper-V Replica provides asynchronous replication of virtual machines to a secondary host or site at configurable intervals (30 seconds, 5 minutes, or 15 minutes). It is an affordable DR option for organizations that cannot justify the cost of synchronous storage replication — the RPO is bounded by the replication interval rather than zero, but the cost and network bandwidth requirements are significantly lower. Hyper-V Replica supports planned failovers (for scheduled maintenance or migration) and unplanned failovers (for emergency recovery). After an unplanned failover, the replica VM starts on the secondary host in an isolated state; the administrator then performs a failback once the primary site is restored. Hyper-V Replica is built into Windows Server Hyper-V and requires no additional licensing.
Disaster Recovery Planning
RTO and RPO — Defining Recovery Objectives
Two metrics define the boundaries of any DR plan. The Recovery Time Objective (RTO) is the maximum acceptable duration of downtime — the time from a failure event to the restoration of normal service. If a business defines its RTO as four hours, the DR plan must be capable of restoring service within four hours under the most adverse realistic conditions. The Recovery Point Objective (RPO) is the maximum acceptable data loss measured in time — the age of the data that must be recovered. An RPO of one hour means the business can tolerate losing up to one hour of transactions or changes. A concrete example: RTO = 4 hours, RPO = 1 hour means that after a site failure at 2:00 PM, service must be restored by 6:00 PM and the recovered data must reflect the state of the system no earlier than 1:00 PM. These two metrics drive every technology decision in the DR plan — synchronous versus asynchronous replication, backup frequency, failover automation, and recovery runbook complexity.
Business Impact Analysis
A Business Impact Analysis (BIA) identifies which systems and services are most critical to business operations and quantifies the cost of their unavailability. The BIA produces the RTO and RPO targets for each system by working backward from business requirements rather than forward from available technology. A payroll system that runs once per month has a very different RTO/RPO profile than an e-commerce platform that processes transactions continuously. Risk assessments identify the threats most likely to trigger a DR event — hardware failure, ransomware, power outage, flood, or regional disaster — and inform the design of the DR architecture. Regular DR plan testing — tabletop exercises, simulated failovers, and full failover drills — validates that the plan works before a real event occurs.
DR Plan Testing — Tabletop to Full Failover
DR plans that are never tested are disaster plans in name only. Testing occurs at three levels of increasing cost and confidence. Tabletop exercises are discussion-based walkthroughs of the DR plan — the team reviews the runbook, identifies gaps, and updates procedures without touching production systems. Simulated failovers test specific components of the DR plan in an isolated environment — for example, failing over a Hyper-V Replica VM to the secondary host in a test network to verify that the application starts correctly and that DNS and Active Directory are reachable. Full failover drills involve actually executing the complete DR plan, including failing production workloads to the secondary site and verifying that users can access systems normally. Microsoft recommends at least one full DR drill per year, with tabletop exercises quarterly. DR licensing under Microsoft's Software Assurance program allows passive failover replicas to be licensed at no additional cost, which is relevant for full DR drills that involve starting replica VMs.
Azure Hybrid DR Integration
Azure Site Recovery (ASR)
Azure Site Recovery is Microsoft's cloud-based DR orchestration service that replicates on-premises workloads — Hyper-V VMs, VMware VMs, and physical servers — to Azure or to a secondary on-premises site. ASR manages replication, failover, and failback through the Azure portal and provides recovery plans that automate the sequence of steps required to bring up a complete application stack after a failure. For Windows Server environments using Hyper-V, ASR integrates directly with the Hyper-V Replica mechanism and adds cloud-based orchestration, monitoring, and compliance reporting. ASR is now the standard DR architecture for Windows Server environments that require offsite protection without the capital cost of a secondary data center.
Azure Backup
Azure Backup provides cloud-based backup for Windows Server files, folders, system state, SQL Server databases, and Azure VMs. The Microsoft Azure Recovery Services (MARS) agent runs on Windows Server and backs up directly to an Azure Recovery Services vault without requiring Azure infrastructure. Azure Backup vaults support immutable storage — backups written to an immutable vault cannot be deleted or modified for the configured retention period, making them ransomware-resistant. Azure Backup integrates with Windows Server Backup for system state and bare-metal recovery scenarios, and with Azure Site Recovery for VM-level DR.
On-Premises to Azure Replication
Hybrid DR — combining on-premises primary infrastructure with Azure as the DR target — is now the standard architecture for Windows Server environments of all sizes. It eliminates the capital cost and operational overhead of maintaining a secondary data center, provides geographic separation without the complexity of multi-site networking, and scales storage and compute on demand during a DR event. The key consideration is network connectivity: Azure ExpressRoute provides dedicated private connectivity between on-premises and Azure for consistent replication performance; site-to-site VPN provides a lower-cost alternative for smaller environments. Active Directory must be extended to Azure — either through Azure AD DS or by running domain controller VMs in Azure — before any Windows Server workloads can be recovered there.
Recommended Learning Path
For administrators who need to build or strengthen the prerequisite skills before proceeding with this course:
- Solidify Windows Server 2022/2025 administration — Active Directory, Hyper-V, networking, and storage — through hands-on lab work and study toward AZ-800 or AZ-801.
- Build hands-on experience with Windows Server Backup and Hyper-V Replica in a lab environment before applying them to production systems.
- Explore Storage Replica and Failover Clustering in a two-node lab to understand synchronous replication and cluster quorum behavior.
- Move to hybrid scenarios — configure the MARS agent for Azure Backup and evaluate Azure Site Recovery for a small Hyper-V workload.
- Practice full DR drills: fail over a test workload, verify application functionality on the replica, and document the failback procedure before running the drill in production.
Experience level for this course: intermediate to advanced. The course assumes comfort with Windows Server administration and focuses on DR architecture, technology configuration, and operational procedures. Third-party tools such as Veeam, Commvault, and Acronis are widely used in enterprise environments and are referenced where they complement or extend the native Windows Server DR capabilities covered here. Always test your recoveries — backups are useless if they cannot be restored.
In the next lesson, you will review what specific knowledge and tools you need to complete this course successfully.