Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-501)

Published byTheodore Allison Modified over 5 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-501)"— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-501)
Chapter 12: Disaster Recovery and Incident Response

2 Chapter 12: Disaster Recovery and Incident Response
Explain penetration testing concepts Explain vulnerability scanning concepts Given a scenario, follow incident response procedures Summarize basic concepts of forensics Explain disaster recovery and continuity of operation concepts

3 Penetration Testing Penetration testing Steps in penetration testing
Goal: to simulate an attack and look for holes that exist in order to be able to fix them Steps in penetration testing Verify a threat exists Bypass security controls Actively test security controls

4 Vulnerability Scanning
Involves looking for weaknesses in networks, computers, or even applications Five major tasks Passively testing security controls Interpreting results Identifying vulnerability Identifying lack of security controls Identifying common misconfigurations

5 Business Continuity Business continuity planning (BCP)
The process of implementing policies, controls and procedures to counteract the effects of losses, outages, or failures of critical business processes Critical business functions (CBFs) Two key components of BCP Business impact analysis (BIA) Risk assessment

6 Storage Mechanisms Working copy backups On-site storage
Are partial or full backups that are kept at the computer center for immediate recovery purposes On-site storage Usually refers to a location on the site of the computer center that is used to store information locally

7 Chapter 12: Disaster Recovery and Incident Response
The ability to recover system operations after a disaster Backups Are duplicate copies of key information, ideally stored in a location other than the one where the information is currently stored

8 Backup Plan Issues A disaster-recovery plan
Helps an organization respond effectively when a disaster occurs Understanding backup plan issues Database systems User files Applications

9 Knowing Backup Types Full backup
A complete, comprehensive backup of all files on a disk or server Incremental backup A partial backup that stores only the information that has been changed since the last full or the last incremental backup Differential backup Backs up any files that have been altered since the last full backup; it makes duplicate copies of files that haven’t changed since the last differential backup

10 Developing a Backup Plan
Grandfather, Father, Son method Based on the philosophy that a full backup should occur at regular intervals, such as monthly or weekly Full Archival method Works on the assumption that any information created on any system is stored forever Backup Server method Establishes a server with large amounts of disk space whose sole purpose is to back up data

11 Chapter 12: Disaster Recovery and Incident Response
Recovering a system Backout vs. backup Alternate or backup sites Hot site Warm site

12 Chapter 12: Disaster Recovery and Incident Response
Incident response plan (IRP) Outlines what steps are needed and who is responsible for deciding how to handle a situation Incident Is the occurrence of any event that endangers a system or network Incident response Encompasses forensics and refers to the process of identifying, investigating, repairing, documenting, and adjusting procedures to prevent another incident

13 Incident Response Process
Step 1: Identifying the incident Step 2: Investigating the incident Step 3: Repairing the damage Step 4: Documenting and reporting the response Step 5: Adjusting procedures

14 Forensics from the Security+ Perspective
Act in order of volatility Capture system image Document network traffic and logs Capture video Record time offset Take hashes Capture screenshots Talk to witnesses Track man-hours and expenses

15 Chapter 12: Disaster Recovery and Incident Response
Table-top exercises Simulate disaster

Download ppt "CompTIA Security+ Study Guide (SY0-501)"

Similar presentations

Information Technology Disaster Recovery Awareness Program.

Information Technology Disaster Recovery Awareness Program.
Case Study: Business Continuity Planning for Site- Level Disaster Kimberley A. Pyles Northrop Grumman Corporation

Case Study: Business Continuity Planning for Site- Level Disaster Kimberley A. Pyles Northrop Grumman Corporation
Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.

Backup and Disaster Recovery (BDR) A LOGICAL Alternative to costly Hosted BDR ELLEGENT SYSTEMS, Inc.
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
TEL382 Greene Chapter 11. 10/27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.

TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Advanced Databases DBA: Backups 1. Advanced Databases Agenda Define backup Discuss Backup Terminology Explain various backup and restore options in Oracle.

Advanced Databases DBA: Backups 1. Advanced Databases Agenda Define backup Discuss Backup Terminology Explain various backup and restore options in Oracle.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter 10 10-1.

Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
Processing Integrity and Availability Controls

Processing Integrity and Availability Controls
Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.

Chapter 10 Information Systems Controls for System Reliability—Part 3: Processing Integrity and Availability Copyright © 2012 Pearson Education, Inc.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Services Tailored Around You® Business Contingency Planning Overview July 2013.

Services Tailored Around You® Business Contingency Planning Overview July 2013.
1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.

1 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Reducing your Risk Profile MIDWEST DATA RECOVERY INC.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Security audits. Today’s talk  Security audits  Penetration testing as a component of Security auditing  Different types of information systems security.

Security audits. Today’s talk  Security audits  Penetration testing as a component of Security auditing  Different types of information systems security.

Similar presentations

Ads by Google