Security+ Guide to Network Security Fundamentals, Fourth Edition

Slides:



Advertisements
Similar presentations
RAID Oh yes Whats RAID? Redundant Array (of) Independent Disks. A scheme involving multiple disks which replicates data across multiple drives. Methods.
Advertisements

Business Plug-In B4 MIS Infrastructures.
Security+ Guide to Network Security Fundamentals, Third Edition
Chapter 13: Advanced Security and Beyond
Enhanced Availability With RAID CC5493/7493. RAID Redundant Array of Independent Disks RAID is implemented to improve: –IO throughput (speed) and –Availability.
Chapter 5: Server Hardware and Availability. Hardware Reliability and LAN The more reliable a component, the more expensive it is. Server hardware is.
REDUNDANT ARRAY OF INEXPENSIVE DISCS RAID. What is RAID ? RAID is an acronym for Redundant Array of Independent Drives (or Disks), also known as Redundant.
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
9 - 1 Computer-Based Information Systems Control.
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Processing Integrity and Availability Controls
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FIVE INFRASTRUCTURES: SUSTAINABLE TECHNOLOGIES CHAPTER.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
Processing Integrity and Availability Controls
Services Tailored Around You® Business Contingency Planning Overview July 2013.
November 2009 Network Disaster Recovery October 2014.
LAN / WAN Business Proposal. What is a LAN or WAN? A LAN is a Local Area Network it usually connects all computers in one building or several building.
Security+ All-In-One Edition Chapter 16 – Disaster Recovery and Business Continuity Brian E. Brzezicki.
Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.
ISA Topic 9: Operations Security ISA 562 Internet Security Theory & Practice.
Introduction to Computer Networks Introduction to Computer Networks.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Disaster Recovery, Business Continuity, and Organizational Policies.
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
Lesson 20. Fault Tolerance and Disaster Recovery.
IT Business Continuity Briefing March 3,  Incident Overview  Improving the power posture of the Primary Data Center  STAGEnet Redundancy  Telephone.
Business Continuity and Disaster Recovery Chapter 8 Part 2 Pages 914 to 945.
Concepts of Database Management Sixth Edition
IS 380.  Provides detailed procedures to keep the business running and minimize loss of life and money  Identifies emergency response procedures  Identifies.
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Guide to Linux Installation and Administration, 2e 1 Chapter 9 Preparing for Emergencies.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 13 Business Continuity.
Chapter 2: Non functional Attributes.  It infrastructure provides services to applications  Many of these services can be defined as functions such.
David N. Wozei Systems Administrator, IT Auditor.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
Business Continuity & Disaster recovery
Co-location Sites for Business Continuity and Disaster Recovery Peter Lesser (212) Peter Lesser (212) Kraft.
© CCI Learning Solutions Inc. 1 Lesson 5: Basic Troubleshooting Techniques Computer performance Care of the computer Working with hardware Basic maintenance.
By Srosh Abdali.  Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure.
©2006 Merge eMed. All Rights Reserved. Energize Your Workflow 2006 User Group Meeting May 7-9, 2006 Disaster Recovery Michael Leonard.
Module 9 Planning a Disaster Recovery Solution. Module Overview Planning for Disaster Mitigation Planning Exchange Server Backup Planning Exchange Server.
Mark A. Magumba Storage Management. What is storage An electronic place where computer may store data and instructions for retrieval The objective of.
Ensuring Network Security Making Networks Secure Maintaining a Healthy Network Environment Avoiding Data Loss 1.
Disaster Recovery and Business Continuity Planning.
"1"1 Introduction to Managing Data " Describe problems associated with managing large numbers of disks " List requirements for easily managing large amounts.
The concept of RAID in Databases By Junaid Ali Siddiqui.
Chapter 5 Processing Crime and Incident Scenes Guide to Computer Forensics and Investigations Fourth Edition.
Group 2 Bernard Smith Thomas Laborde Hannah Prather Fault Tolerance Environment Power Topology and Connectivity Servers Hurricane Preparedness Network.
Fault Tolerance and Disaster Recovery. Topics Using Antivirus software Fault tolerance –Power –Redundancy –Storage –Services Disaster Recovery –Backup/Restore.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 13 Business Continuity.
Install, configure and test ICT Networks
Teknologi Pusat Data 12 Data Center Site Infrastructure Tier Standard: Topology Ida Nurhaida, ST., MT. FASILKOM Teknik Informatika.
High Availability Environments cs5493/7493. High Availability Requirements Achieving high availability Redundancy of systems Maintenance Backup & Restore.
Hands-On Microsoft Windows Server 2008 Chapter 7 Configuring and Managing Data Storage.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Network-Attached Storage. Network-attached storage devices Attached to a local area network, generally an Ethernet-based network environment.
Information Systems Security
Chapter 12: Disaster Recovery and Incident Response
CompTIA Security+ Study Guide (SY0-401)
Processing Integrity and Availability Controls
CompTIA Security+ Study Guide (SY0-501)
Business Contingency Planning
Business Continuity Technology
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 13 Business Continuity

Objectives Define environmental controls Describe the components of redundancy planning List disaster recovery procedures Describe incident response procedures Security+ Guide to Network Security Fundamentals, Fourth Edition

What Is Business Continuity? Organization’s ability to maintain operations after a disruptive event Examples of disruptive events Power outage Hurricane Tsunami Business continuity planning and testing steps Identify exposure to threats Create preventative and recovery procedures Test procedures to determine if they are sufficient Security+ Guide to Network Security Fundamentals, Fourth Edition

What Is Business Continuity? (cont’d.) Succession planning Determining in advance who is authorized to take over if key employees die or are incapacitated Business impact analysis (BIA) Analyzes most important business functions and quantifies impact of their loss Identifies threats through risk assessment Determines impact if threats are realized Security+ Guide to Network Security Fundamentals, Fourth Edition

What Is Business Continuity? (cont’d.) Questionnaires used to prompt thinking about impact of a disaster In-person interviews held Discuss different disaster scenarios BIA interview form helps organize information obtained from the interview Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-1 BIA interview form Security+ Guide to Network Security Fundamentals, Fourth Edition

Disaster Recovery Subset of business continuity planning and testing Also known as contingency planning Focuses on protecting and restoring information technology functions Mean time to restore (MMTR) Measures average time needed to reestablish services Disaster recovery activities Create, implement, and test disaster recovery plans Security+ Guide to Network Security Fundamentals, Fourth Edition

Disaster Recovery Plan Written document detailing process for restoring IT resources: Following a disruptive event Comprehensive in scope Updated regularly Example of disaster planning approach Define different risk levels for organization’s operations based on disaster severity Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-2 Sample educational DRP approach Security+ Guide to Network Security Fundamentals, Fourth Edition

Disaster Recovery Plan (cont’d.) Common features of most disaster recovery plans Definition of plan purpose and scope Definition of recovery team and their responsibilities List of risks and procedures and safeguards that reduce risk Outline of emergency procedures Detailed restoration procedures DRP should contain sufficient level of detail Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-1 Sample excerpt from a DRP © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Disaster Recovery Plan (cont’d.) DRP must be adaptable Backout/contingency option Component of a DRP If plan response is not working properly, technology is rolled back to starting point Different approach taken Disaster exercises Designed to test DRP’s effectiveness Security+ Guide to Network Security Fundamentals, Fourth Edition

Disaster Recovery Plan (cont’d.) Disaster exercise objectives Test efficiency of interdepartmental planning and coordination in managing a disaster Test current DRP procedures Determine response strengths and weaknesses Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance Single point of failure Component or entity which will disable the entire system if it no longer functions Remove single point of failure Primary mechanism to ensure business continuity Results in high availability Expressed as a percentage uptime in a year Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-3 Percentages and downtimes Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Way to address single point of failure Building excess capacity to protect against failures Redundancy planning Applies to servers, storage, networks, power, sites Servers Play a key role in network infrastructure Failure can have significant business impact Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Some organizations stockpile spare parts for servers Or have redundant servers Server cluster Multiple servers that appear as a single server Connected through public and private cluster connections Types of server clusters Asymmetric Symmetric Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Asymmetric servers perform no function except to be ready if needed Used for databases, messaging systems, file and print services All servers do useful work in a symmetric server cluster If one server fails, remaining servers take on failed server’s work More cost effective than asymmetric clusters Used for Web, media, and VPN servers Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-2 Server cluster © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Hard drives Often first components to fail Some organizations keep spare hard drives on hand Mean time between failures (MTBF) Measures average time until a component fails and must be replaced Can be used to determine number of spare hard drives an organization should keep Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Redundant Array of Independent Devices (RAID) Uses multiple hard disk drives to increase reliability and performance Can be implemented through software or hardware Several levels of RAID exist RAID Level 0 (striped disk array without fault tolerance) Striping partitions hard drive into smaller sections Data written to the stripes is alternated across the drives If one drive fails, all data on that drive is lost Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-3 RAID Level 0 © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) RAID Level 1 (mirroring) Disk mirroring used to connect multiple drives to the same disk controller card Action on primary drive is duplicated on other drive Primary drive can fail and data will not be lost Disk duplexing Variation of RAID Level 1 Separate cards used for each disk Protects against controller card failures Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-4 RAID Level 1 © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) RAID Level 5 (independent disks with distributed parity) Distributes parity (error checking) across all drives Data stored on one drive and its parity information stored on another drive RAID 0+1 (high data transfer) Nested-level RAID Mirrored array whose segments are RAID 0 arrays Can achieve high data transfer rates Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-5 RAID Level 5 © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-6 RAID Level 0+1 © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-4 Common RAID levels (continues) Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-4 Common RAID levels (cont’d.) Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Redundant networks May be necessary due to critical nature of connectivity today Wait in the background during normal operations Use a replication scheme to keep live network information current Launches automatically in the event of a disaster Hardware components are duplicated Some organizations contract with a second Internet service provider as a backup Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Uninterruptible power supply (UPS) Maintains power to equipment in the event of an interruption in primary electrical power source Offline UPS Least expensive, simplest solution Charged by main power supply Begins supplying power quickly when primary power is interrupted Switches back to standby mode when primary power is restored Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Online UPS Always running off its battery while main power runs battery charger Not affected by dips or sags in voltage Can serve as a surge protector Can communicate with the network operating system to ensure orderly shutdown occurs Can only supply power for a limited time Backup generator Powered by diesel, natural gas, or propane Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Sites Backup sites may be necessary if flood, hurricane, or other major disaster damages buildings Three types of redundant sites: hot, cold, and warm Hot site Run by a commercial disaster recovery service Duplicate of the production site Has all needed equipment Data backups can be moved quickly to the hot site Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Cold site Provides office space Customer must provide and install all equipment needed to continue operations No backups immediately available Less expensive than a hot site Takes longer to resume full operation Warm site All equipment is installed No active Internet or telecommunications facilities Security+ Guide to Network Security Fundamentals, Fourth Edition

Redundancy and Fault Tolerance (cont’d.) Warm site (cont’d.) No current data backups Less expensive than a hot site Time to turn on connections and install backups can be half a day or more Security+ Guide to Network Security Fundamentals, Fourth Edition

Data Backups Essential element in any DRP Copying information to a different medium and storing offsite to be used in event of disaster Questions to ask when creating a data backup What information should be backed up? How often should it be backed up? What media should be used? Where should the backup be stored? What hardware or software should be used? Security+ Guide to Network Security Fundamentals, Fourth Edition

Data Backups (cont’d.) Backup software Types of backups Can internally designate which files have already been backed up Archive bit set to 0 in file properties If file contents change, archive bit is changed to 1 Types of backups Full backup Differential backup Incremental backup Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-7 Archive bit © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-5 Types of data backups Security+ Guide to Network Security Fundamentals, Fourth Edition

Data Backups (cont’d.) Recovery point objective (RPO) Maximum length of time organization can tolerate between backups Recovery time objective (RTO) Length of time it will take to recover backed up data Magnetic tape backups have been standard for over 40 years Can store up to 800GB of data Relatively inexpensive Security+ Guide to Network Security Fundamentals, Fourth Edition

Data Backups (cont’d.) Disadvantages of magnetic tape backups Slow backup speed High failure rates Data not encrypted on tape Disk to disk Large hard drive or RAID configuration Better RPO and RTO than magnetic tape May be subject to failure or data corruption Security+ Guide to Network Security Fundamentals, Fourth Edition

Data Backups (cont’d.) Disk to disk to tape Continuous data protection Uses magnetic disk as a temporary storage area Server does not need to be offline for an extended time period Data later transferred to magnetic tape Continuous data protection Performs data backups that can be restored immediately Maintains historical record of all changes made to data Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-6 Continuous data protection types Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-7 Data backup technologies Security+ Guide to Network Security Fundamentals, Fourth Edition

Environmental Controls Methods to prevent disruption through environmental controls Fire suppression Proper shielding Configuring HVAC systems Security+ Guide to Network Security Fundamentals, Fourth Edition

Fire Suppression Requirements for a fire to occur Fuel or combustible material Oxygen to sustain combustion Heat to raise material to its ignition temperature Chemical reaction: fire itself Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-8 Fire triangle © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-8 Using incorrect fire suppression systems Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-9 Fire types Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-10 Stationary fire suppression systems (continues) Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-10 Stationary fire suppression systems (cont’d.) Security+ Guide to Network Security Fundamentals, Fourth Edition

Electromagnetic Interference (EMI) Shielding Attackers could pick up electromagnetic fields and read data Faraday cage Metal enclosure that prevents entry or escape of electromagnetic fields Often used for testing in electronic labs Security+ Guide to Network Security Fundamentals, Fourth Edition

HVAC Data centers have special cooling requirements More cooling necessary due to large number of systems generating heat in confined area Precise cooling needed Heating, ventilating, and air conditioning (HVAC) systems Maintain temperature and relative humidity at required levels Controlling environmental factors can reduce electrostatic discharge Security+ Guide to Network Security Fundamentals, Fourth Edition

HVAC (cont’d.) Hot aisle/cold aisle layout Used to reduce heat by managing air flow Servers lined up in alternating rows with cold air intakes facing one direction and hot air exhausts facing other direction Location of computer data center an important consideration Placing a wireless access point in a plenum can be a hazard Security+ Guide to Network Security Fundamentals, Fourth Edition

Incident Response Procedures When unauthorized incident occurs: Response is required Incident response procedures Can include using basic forensics procedures Security+ Guide to Network Security Fundamentals, Fourth Edition

What Is Forensics? Applying science to legal questions Analyzing evidence Computer forensics Uses technology to search for computer evidence of a crime Reasons for importance of computer forensics Amount of digital evidence Increased scrutiny by the legal profession Higher level of computer skill by criminals Security+ Guide to Network Security Fundamentals, Fourth Edition

Basic Forensics Procedures Four basic steps are followed Secure the crime scene Collect the evidence Establish a chain of custody Examine for evidence Goal: preserve the evidence Damage control steps taken to minimize loss of evidence Security+ Guide to Network Security Fundamentals, Fourth Edition

Basic Forensics Procedures (cont’d.) Secure the crime scene (cont’d.) First responders contacted Physical surroundings documented Photographs taken before anything is touched Computer cables labeled Team takes custody of entire computer Team interviews witnesses Security+ Guide to Network Security Fundamentals, Fourth Edition

Basic Forensics Procedures (cont’d.) Preserve the evidence Digital evidence is very fragile Can be easily altered or destroyed Computer forensics team captures volatile data Examples: contents of RAM, current network connections Order of volatility must be followed to preserve most fragile data first Capture entire system image Mirror image backup of the hard drive Meets evidence standards Security+ Guide to Network Security Fundamentals, Fourth Edition

Table 13-11 Order of volatility Security+ Guide to Network Security Fundamentals, Fourth Edition

Basic Forensics Procedures (cont’d.) Establish the chain of custody Evidence maintained under strict control at all times No unauthorized person given opportunity to corrupt the evidence Examine for evidence Computer forensics expert searches documents Windows page files can provide valuable investigative leads Slack and metadata are additional sources of hidden data Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-10 RAM slack © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Figure 13-11 Drive file slack © Cengage Learning 2012 Security+ Guide to Network Security Fundamentals, Fourth Edition

Summary Business continuity is an organization’s ability to maintain its operations after a disruptive event Disaster recovery A subset of business continuity planning Focuses on restoring information technology functions Disaster recovery plan details restoration process A server cluster combines two or more servers that are interconnected to appear as one RAID uses multiple hard disk drives for redundancy Security+ Guide to Network Security Fundamentals, Fourth Edition

Summary (cont’d.) Network components can be duplicated to provide a redundant network Data backup Copying information to a different medium and storing (preferably offsite) for use in event of a disaster Recovery point objective and recovery time objective help an organization determine backup frequency Fire suppression systems include water, dry chemical, and clean agent systems Security+ Guide to Network Security Fundamentals, Fourth Edition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.