Presentation is loading. Please wait.

Presentation is loading. Please wait.

Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.

Published byEmily Walton Modified over 9 years ago

Similar presentations

Presentation on theme: "Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC."— Presentation transcript:

1

2 Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC

3 Security+ Chapter 8 – Preparing for and Preventing Disasters Brian E. Brzezicki

4 Disaster Recovery (372) Disaster Recovery is a part of Business Continuity Planning that attempts to ensure that a business can continue to operate in the event of a disaster. DR planning is mainly concerned with Availability however in DR planning and organization should also ensure that confidentiality and integrity is not violated in the event of a disaster.

5 Disaster Types (372) Disaster can be of many types including Natural disasters Fires Physical Attacks Hacking Attacks Personnel loss Hardware loss Unexpected data destruction

6 Disaster Recovery (373) Any disaster recovery plan should include controls that allow for BOTH Redundancy Backups These are NOT the same thing, and both are necessary.

7 Basic Steps for DR planning (373) Identify critical business functions Identify resources that are necessary for the critical functions Identify threats to assets Identify preventative controls Identify recovery controls Develop a disaster plan Test the plan

8 Redundancy One important concern in DR planning is to determine resources that are a single point of failure which could halt your critical business functions. Storage resources Important Servers Network Connections

9 Storage Redundancy

10 RAID 0 - 376 Raid 0 – striping (see visual) Fast access No redundancy Actually increases probability of failure

11 RAID 1 - 377 Raid 1 – mirroring (see visual) – Identical copies of data – Expensive – Faster than a single disk for reading – Can lose a disk – What is disk duplexing

12 Normal RAID 1 - 377

13 RAID 1 - Disk Duplexing (n/b)

14 RAID 5 377 RAID 5 – Striped sets with parity – At least 3 disks – Capacity of one disk “lost” / more disks less waste – Fast reads – Writes can be slower, especially small writes – Can lose single disk – If disk lost you are in “critical mode” Another disk, total failure Slow operation while in critical mode

15 RAID 5 (377)

16 Server Redundancy

17 Servers are a critical component in information systems. If the important are unavailable for any reason, even for a short time that could be a disaster and cause significant loss or damages. A goal of server availability is often stated as 5 nines. Which is 99.999% availability. When designing important systems you need to understand your desired availability and engineer your systems to provide that level of service.

18 SAN

19 Clustering (Active/Passive)

20 Clustering (Active/Active)

21 Spare Parts (379) When preparing your DRP, you should always consider the possibility that some equipment will be destroyed (maybe even RAID etc). You should understand the Mean Time To Replacement (MTTR) and how long replacement equipment or fixes will take, and if necessary stockpile spare parts! Especially if you have legacy equipment.

22 Legacy Equipment

23 Site Redundancy

24 Alternate sites (383) Types of sites are provided by a “service bureau” Hot site – fully configured ready for operation in a few hours – Fully stocked with common hardware and software – Can be used for DRP testing – Expensive Warm site – Only partially configured with some hardware and software, expected that you will bring much of your own equipment – Cannot really be used for DRP testing – Less Expensive Cold site – Just basic environment (space, AC, power etc) – No equipment – Cannot be used for DRP testing – Cheapest option

25 Alternate Site An important concept to understand is that after the disaster has been handled, you will eventually want to return processing to the original site (or an permanent replacement). When moving services back, you should always move the least critical services first.

26 Alternate sites (n/b) Rather than having a “subscription service” the company may own it’s own redundant sites Mirror sites Multiple data processing sites

27 Power Protection

28 Power systems are critical to any operation. It is important you understand some of the different types of power equipment. Line Conditioners UPS Generators

29 Data Backups

30 Backups (387) Backups are a critical component in not only DRP but also “normal operation”. You need to understand the traditional type of backups discussed on the next few slides Full Backups Incremental Backup Differential Backup

31 Backup types First thing we need to talk about is the “archive bit” – what is it? Type of backups (next slides) Full Incremental Differential

32 Full (387) All data everyday! Clear archive bit after backups

33 Incremental (389) Only files that changed since last full or last incr Reset the archive bit

34 Differential (388) Only files changed since last full or diff DO NOT reset the archive bit

35 Restores Understand the process for restoring Full Backups Incremental backups Differential backups

36 Testing Backups (391) Data created by an organization is critical to it’s success. A simple hard drive crash can be a catastrophic disaster of it’s own if proper backup measures are not religiously practiced. Just because you perform backups is not enough you also need to ensure Tests restores are regularly performed to ensure the backups are working correctly Job rotation occurs so that more than one staff member can restore a system in an emergency All important data is backed up Backup and restore procedures are documented Backups are stored both onsite and offsite if possible Backups are archived for long term storage

37 Protecting Backups (392) Leakage of the backups can result in loss of confidentiality, thus you should take care to ensure that backups are protected onsite and offsite and that the people who perform backups are not using that privilege to access information they are not allowed to normally access. Dual control, auditing and encryption are a few controls you can implement to protect confidentiality in backups.

38 Environmental Controls

39 Fire Suppression (393) It is important that you have a basic understanding of fire suppression as even computer systems are vulnerable to fires. To put out a fire, you must remove either Heat Oxygen Fuel Disrupt the chemical process of combustion

40 Fire Suppression (393) There are different fire suppression types based on class of fires which will be discussed in the next few slides A B C D

41 Fire Suppression (394) A – Common Combustibles Use for: Wood, paper, laminates Uses water, foam or dry powder as suppression agent B – Liquid Use for: gas or oil fires Use: Gas (CO2), foam, dry powders

42 Fire Suppression (394) C – Electrical Use on: electrical equipment and wires Uses: Gas, CO2, dry powder D – Combustible materials Use on: combustible chemicals (sodium, potassium) Uses: dry powder

43 Halon and CO2 CO2 can be used to extinguish a fire. Halon removes the oxygen which is required for combustion. However CO2 will also suffocate people so should not be used except for the most specific situations and special steps must be taken to protect human life in the event of a CO2 release. Halon was also used to extinguish fires by interrupting combustion. It is not deadly to humans but depletes the ozone layer and was banned by the Montreal protocol

44 HVAC A basic understanding of some HVAC concepts are required especially when building data centers. HVAC systems should immediately be shutdown in the case of a fire HVAC systems should provide positive pressure pushing contaminants out of a room Humidity must be properly balanced. Too little humidity causes static electricity discharge, too much causes electronic equipment to rust.

45 Plenum (n/b) The space between the ceiling and the floor above is called the plenum. Cables are run through this area and any cables run need to be plenum cable which uses a special insulator that gives off less toxic fumes when burning compared to normal cabling.

46 Electrical Shielding Not related to disaster recovery, but important electrical equipment needs to be shielded both to stop RFI interference – Commonly caused by fluorescent lights EMI – Commonly caused by motors

47 TEMPEST (397) It is also possible for confidentiality violations due to emanations of electrical equipment. TEMPEST is a government program to protect against this. Some methods that TEMPEST employs are Faraday Cages White Noise Generators

Download ppt "Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC."

Similar presentations

Ch 9: Preparing for Business Continuity

Ch 9: Preparing for Business Continuity
Business Plug-In B4 MIS Infrastructures.

Business Plug-In B4 MIS Infrastructures.
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.

Backup Strategy. An Exam question will ask you to describe a backup strategy. Be able to explain: Safe, secure place in different location. Why? – For.
Chapter 5: Server Hardware and Availability. Hardware Reliability and LAN The more reliable a component, the more expensive it is. Server hardware is.

Chapter 5: Server Hardware and Availability. Hardware Reliability and LAN The more reliable a component, the more expensive it is. Server hardware is.
Everything your business needs to know but probably doesn’t.

Everything your business needs to know but probably doesn’t.
Backups Rob Limbaugh March 2, 2010. www.dacs.org Agenda  Explain of a Backup and purpose  Habits  Discuss Types  Risk/Scope  Disasters and Recovery.

Backups Rob Limbaugh March 2, Agenda  Explain of a Backup and purpose  Habits  Discuss Types  Risk/Scope  Disasters and Recovery.
Understand Database Backups and Restore 98-364 Database Administration Fundamentals LESSON 5.2.

Understand Database Backups and Restore Database Administration Fundamentals LESSON 5.2.
1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

1 Pertemuan 23 Contingency Planning Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.

Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.
Stephen S. Yau CSE465-591, Fall 2006 1 Contingency and Disaster Recovery Planning.

Stephen S. Yau CSE , Fall Contingency and Disaster Recovery Planning.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FIVE INFRASTRUCTURES: SUSTAINABLE TECHNOLOGIES CHAPTER.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FIVE INFRASTRUCTURES: SUSTAINABLE TECHNOLOGIES CHAPTER.
Fire Safety & Fire Extinguisher Use. OBJECTIVES Understand the combustion process and different fire classes Understand fire extinguisher types, operating.

Fire Safety & Fire Extinguisher Use. OBJECTIVES Understand the combustion process and different fire classes Understand fire extinguisher types, operating.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
1. Preventing Disasters Chapter 11 covers the processes to take to prevent a disaster. The most prudent actions include Implement redundant hardware Implement.

1. Preventing Disasters Chapter 11 covers the processes to take to prevent a disaster. The most prudent actions include Implement redundant hardware Implement.
John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.
Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter 10 10-1.

Copyright © 2015 Pearson Education, Inc. Processing Integrity and Availability Controls Chapter
Processing Integrity and Availability Controls

Processing Integrity and Availability Controls

Similar presentations

Ads by Google