Welcome to Cyber Aires. Video Siris on the Comedy of Security plus 5 +01 Certification and Exam.
I'm Your Instructor Round Warner, please visit cyber ery dot i t. For more information on this and other certifications
for section 5.6 of the risk management domain, you need to explain disaster recovery and continuity of operations concepts. This is also known as disaster recovery and business Continuity Planning or D R B c. P
in section 5.2. Business Impact Analysis.
We talked about the importance of contingency planning for disaster recovery and operational continuity.
Please review that video on that topic. For more information about a B I A. And how it fits into D are planning.
Put simply, organizations need to be prepared for disasters so that they can continue operating and recover as quickly, easily and cost effective as possible.
I t Contingency planning is designed to sustain recover critical I t service's and systems following an event, disaster or incident.
It's a broad plan that includes organizational and business process, continuity and recovery planning. In addition to information technology,
let's dive into D r B, c p.
Business continuity plans, B C P and continuity of operation plans. C o p. Ensure the restoration of organizational functions in the shortest time possible,
even if service's need to resume at a reduced level of effectiveness for availability.
Disaster recovery plans extend this process to ensure a full recovery of operational capacity
following a disaster natural or man made.
This video covers the following concept,
backup and recovery
order of restoration
Geographic considerations. When you're considering alternative sites and continuity of operations planning,
there are two primary planning documents you need to know not only for Security plus but as a security professional.
The first BCP Business Continuity plan.
If the plan that ensures the restoration of organizational functions in the shortest possible time,
it's somewhere to that c 00 P. So it's taking into account any type of impact to the business.
While a disaster recovery plan is looking at what happens during the time of a major incident that causes an outage such as a natural or manmade disaster,
each of the plants need to be determined and written well ahead of when an incident could occur, and they need to be kept up to date as well.
A restoration plan should also include contingency planning. For example,
where should you resume your operations? What systems do you
use? How do you restore ET cetera, all common parts of D. R and B C. P.
There are three common types of recovery sites that you will see out in the business world.
One being the hot site. This is a site where everything is already available. You already have the servers, network infrastructure, telecommunications, everything you need to recover very quickly.
This is also the most expensive option.
Second type of recovery site you'll see, is that warm site. You have some function. Some service is or servers available,
but not all.
Last type is a cold site. Basically, it could be just a room, maybe with some fundamental capabilities, like power utilities, plumbing, et cetera. But doesn't have the telecommunications network ER servers available, It will need to bring those in and restore them.
Cold site is the least expensive of these three options.
When determining what you should restore
should look at this order of restoration, it's the plan, probably already part of your business impact analysis. B I A.
What? Server service's come up 1st 2nd 3rd you can't restore everything all at once, so you need tohave the plan as to what comes online in what order?
It's that prioritized restore sequence with the most critical system. Say email or your servers, Web servers, et cetera, restored first.
That way you can cover your business as quickly and easily as possible.
Two terms from section 5.2 just to recall, because they fit with this rto recovery time objective and R P o Recovery point Objective
C section 5.2. For more information on those two terms.
Four year Comedy of Security Plus Certification exam You should be aware of these four different types of backups.
1st 1 is a full backup. Basically, you're backing up everything. All of the operating system, all of the configuration files and all of the data files.
This is a very expensive and very time consuming, consuming endeavor,
but it's the most complete.
The second type is that incremental.
You require that full backup.
What you're doing is you capture what has changed since the last incremental. She'll have a full incremental, incremental, incremental choirs, each incremental backup along with that full for complete restoration, so go backwards than incremental incremental, incremental full to get that full restoration
differential saves that data. That's changed just since that last full backup
similar to incremental. But it's your full than your differential is what you're backing up.
The last type is one that's stored on the system or server. It's a copy or a backup. Maybe you're automatically copying certain files right on that hard drive.
Microsoft does this with their operating systems, where they take a snapshot in time. So if your system becomes corrupted, you can go back to the last snapshot
course. There's risks associated with that in that hard disk or hardware failed failure. Then you may lose that copier snapshot.
Be aware of these types of backups.
A common backup strategy you may see out in the business world is this Grandfather, Father son, back up,
where there are three cents of backups
and basically what happens is you replace one with the other through time. So
just like in real life, the sun will become the father and eventually become a grandfather. Same idea, with your backup son goes back in time. You will have other generations than come after
one other things to consider when you're looking at a backup facility or where to recover, you need to keep in mind geographical considerations.
Where will you recover? Barrel that location B.
Is there going to be a site that's potentially in a different state?
How far away? Different time zone, different utilities, etcetera. So keep in mind power and electricity. Internet connectivity, et cetera. You want your recovery site to be far enough away. That way, if there's an electrical issue in your area, won't be affected.
Won't affect your recovery site.
Keep in mind the proximity as well. Maybe it needs to be close enough for personnel to be able to get to.
You. Need people to be able to recover the systems and continue operations right
when they may need to be able to get to that recovery location.
Legal implications. This comes and warm to play with backups. Where are your backups? Be extorted, for You're using ST Cloud Service provider. If it's in a different country,
is there a legal consideration with your backups? Something to consider
in The last use of cloud service is
Maur and Maur. Organizations are using Cloud service is for there
recovery and backup and restoration
The last concept for this section is continuity of operations planning or c 00 P.
I need to make sure you develop these policies and procedures associated with it recalled. The session had earlier on policies and procedures
that should ensure that the organization can recover from a potentially destructive event, an incident and resume operations as quickly as possible.
Sure systems, data and personnel involved availability. So again, it's a documented plan on how to continue your operations
work with the business side. This is not necessarily a security document. This is a business document
you will need to include, though fail over or system redundancy.
Are you gonna automate your fail over so server goes down, you have a second server already toe to run. If there is an issue
availability of the alternate processing work sites and facilities,
what are some other business practices you may need to do as an alternative?
If you're having an issue with your main site, for example, your headquarters goes down. You need to operate from a remote facility.
How will that business operate? Consider access control and other security implications from that alternate site
moon. Lastly, testing, training and exercises. If you recall from Section 54 Incident response. We should be testing your plans, training on your plans with the different business units who may be involved and then conducting tabletop exercises or even really live exercises
to make sure
your c o p D r and B C P R robust and ready. That way you're prepared. In case of that inevitable incident
in section 5.6, we discussed disaster recovery and continuity of operations concepts.
Be ready to explain these as you prepare for your life. It's a security professional in case there's a question on this area in your security. Plus example,
let's practice with a quiz question.
Here's a sample quiz question on disaster Recovering Business Continuity Planning This is the step where you prioritize the systems and service is to be recovered in a disaster event, with the most critical systems coming online. First,
the answer is
order of restoration. It's prioritized list.
This concludes section 5.6 on disaster recovery and business continuity Planning.
Please refer to your training material for more information on these concepts.