CompTIA Security+ Study Guide (SY0-401)

Slides:



Advertisements
Similar presentations
Information Technology Disaster Recovery Awareness Program.
Advertisements

Case Study: Business Continuity Planning for Site- Level Disaster Kimberley A. Pyles Northrop Grumman Corporation
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.
1 An Overview of Computer Security computer security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Computer Security: Principles and Practice
Backup & Restore The purpose of backup is to protect data from loss. The purpose of restore is to recover data that is temporarily unavailable due to some.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
1 Business Continuity. 2 Continuity strategy Business impact Incident response Disaster recovery Business continuity.
Planning for Continuity
November 2009 Network Disaster Recovery October 2014.
CISA REVIEW The material provided in this slide show came directly from Certified Information Systems Auditor (CISA) Review Material 2010 by ISACA.
Security+ All-In-One Edition Chapter 16 – Disaster Recovery and Business Continuity Brian E. Brzezicki.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies.
CIST 1601 Information Security Fundamentals
Business Continuity and Disaster Recovery Chapter 8 Part 2 Pages 914 to 945.
IS 380.  Provides detailed procedures to keep the business running and minimize loss of life and money  Identifies emergency response procedures  Identifies.
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
BACKUP & RESTORE The purpose of backup is to protect data from loss. The purpose of restore is to recover data that is temporarily unavailable due to some.
HBCU National Workshop June 24, 2011 Disaster Recovery Reggie Brinson Assoc. VP/Chief Information Officer Clark Atlanta University.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.
David N. Wozei Systems Administrator, IT Auditor.
Business Continuity & Disaster recovery
1 Availability Policy (slides from Clement Chen and Craig Lewis)
© 2001 by Prentice Hall11-1 Local Area Networks, 3rd Edition David A. Stamper Part 4: Installation and Management Chapter 11 LAN Administration: Backup.
IT Disaster Recovery CAUBO 2008 Information Systems and Technology.
The Handover Process P6.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Mark A. Magumba Storage Management. What is storage An electronic place where computer may store data and instructions for retrieval The objective of.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Appendix C: Designing an Operations Framework to Manage Security.
11 DISASTER RECOVERY Chapter 13. Chapter 13: DISASTER RECOVERY2 OVERVIEW  Back up server data using the Backup utility and the Ntbackup command  Restore.
Disaster Recovery and Business Continuity Planning.
BACKUP & RECOVERY Option 1: Transaction Processing Systems.
INFORMATION SECURITY MANAGEMENT L ECTURE 3: P LANNING FOR C ONTINGENCIES You got to be careful if you don’t know where you’re going, because you might.
Phases of BCP The BCP process can be divided into the following life cycle phases: Creation of a business continuity and disaster recovery policy. Business.
Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.
1 Chapter Overview Understanding Data Restoration Issues Understanding the Types of Database Backups Understanding the Restoration Process.
Policies and Procedures Security+ Guide to Network Security Fundamentals Chapter 11.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Erman Taşkın. Information security aspects of business continuity management Objective: To counteract interruptions to business activities and to protect.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Disaster Recovery Planning (DRP) DRP: The definition of business processes, their infrastructure supports and tolerances to interruptions, and formulation.
Information Security Crisis Management Daryl Goodwin.
Best Cyber Security Practices for Counties An introduction to cybersecurity framework.
Networking Objectives Understand what the following policies will contain – Disaster recovery – Backup – Archiving – Acceptable use – failover.
Information Systems Security
Local Area Networks, 3rd Edition David A. Stamper
Database recovery contd…
Chapter 12: Disaster Recovery and Incident Response
Planning for Application Recovery
CompTIA Security+ Study Guide (SY0-401)
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Processing Integrity and Availability Controls
Section 15.1 Section 15.2 Identify Webmastering tasks
CompTIA Security+ Study Guide (SY0-401)
CompTIA Security+ Study Guide (SY0-501)
CompTIA Security+ Study Guide (SY0-501)
Business Contingency Planning
DEPLOYING SECURITY CONFIGURATION
Chapter 13 Enterprise Computing
Presentation transcript:

CompTIA Security+ Study Guide (SY0-401) Chapter 12: Disaster Recovery and Incident Response

Chapter 12: Disaster Recovery and Incident Response Given a scenario, implement basic forensic procedures. Summarize common incident response procedures. Summarize risk management best practices. Explain the proper use of penetration testing versus vulnerability scanning.

Business Continuity Business continuity planning (BCP) is the process of implementing policies, controls and procedures to counteract the effects of losses, outages, or failures of critical business processes Critical business functions(CBF) Two key components of BCP: business impact analysis (BIA) risk assessment

Storage Mechanisms Working copy backups Onsite storage are partial or full backups that are kept at the computer center for immediate recovery purposes Onsite storage usually refers to a location on the site of the computer center that is used to store information locally

Chapter 12: Disaster Recovery and Incident Response is the ability to recover system operations after a disaster Backups are duplicate copies of key information, ideally stored in a location other than the one where the information is currently stored

Backup Plan Issues A disaster-recovery plan helps an organization respond effectively when a disaster occurs Understanding Backup Plan Issues Database Systems User Files Applications

Knowing Backup Types Full Backup is a complete, comprehensive backup of all files on a disk or server Incremental Backup is a partial backup that stores only the information that has been changed since the last full or the last incremental backup Differential Backup backs up any files that have been altered since the last full backup; it makes duplicate copies of files that haven’t changed since the last differential backup

Developing a Backup Plan Grandfather, Father, Son method Grandfather, Father, Son method is based on the philosophy that a full backup should occur at regular intervals, such as monthly or weekly Full Archival method works on the assumption that any information created on any system is stored forever Backup Server method establishes a server with large amounts of disk space whose sole purpose is to back up data

Chapter 12: Disaster Recovery and Incident Response Recovering a System Backout vs. Backup alternate or backup sites Hot Site Warm Site

Chapter 12: Disaster Recovery and Incident Response Incident response plan (IRP) outlines what steps are needed and who is responsible for deciding how to handle a situation Incident is the occurrence of any event that endangers a system or network Incident response encompasses forensics and refers to the process of identifying, investigating, repairing, documenting, and adjusting procedures to prevent another incident

Incident Response Process Step One: Identifying the Incident Incident identification Step Two: Investigating the Incident Step Three: Repairing the Damage Step Four: Documenting and Reporting the Response Step Five: Adjusting Procedures

Forensics from the Security+ Perspective Act in Order of Volatility Capture System Image Document Network Traffic and Logs Capture Video Record Time Offset Take Hashes Capture Screenshots Talk to Witnesses Track Man Hours and Expenses

Chapter 12: Disaster Recovery and Incident Response Succession planning outlines those internal to the organization who have the ability to step into positions when they open Tabletop Exercises Simulate disaster Reinforcing Vendor Support Software vendors and hardware vendors are necessary elements in the process of building systems and applications

Service-Level Agreements Service-level agreement (SLA) is an agreement between you or your company and a provider, typically a technical support provider Recovery Time Objectives (RTO) is the maximum amount of time that a process or service is allowed to be down and the consequences still considered acceptable Mean Time between Failures (MTBF) is the measure of the anticipated incidence of failure for a system or component Mean time to restore (MTTR) is the measurement of how long it takes to repair a system or component once a failure occurs

Code Escrow Agreements refers to the storage and conditions of release of source code provided by a vendor Example: a code escrow agreement would stipulate how source code would be made available to customers in the event of a vendor’s bankruptcy

Penetration Testing Penetration testing Steps in penetration testing: the goal of penetration testing is to simulate an attack and look for holes that exist in order to be able to fix them Steps in penetration testing: Verify a Threat Exists Bypass Security Controls Actively Test Security Controls

Ethical Hacking Black Box White Box Gray Box the administrator acts as if they have no prior knowledge of the network White Box occasionally referred to as full disclosure testing Gray Box also known as partial disclosure testing.

Vulnerability Scanning involves looking for weaknesses in networks, computers, or even applications Five major tasks: Passively Testing Security Controls Interpreting Results Identifying Vulnerability Identifying Lack of Security Controls Identifying Common Misconfigurations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.