Fundamentals of Information Systems Security Chapter 8
-
Upload
ahmed-al-zaidy-msis -
Category
Education
-
view
42 -
download
1
Transcript of Fundamentals of Information Systems Security Chapter 8
![Page 1: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/1.jpg)
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Fundamentals of Information
Systems Security
Lesson 8
Risk, Response, and Recovery
![Page 2: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/2.jpg)
Page 2Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 2Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Learning Objective(s)
Describe the principles of risk
management, common response
techniques, and issues related to recovery
of IT systems.
![Page 3: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/3.jpg)
Page 3Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 3Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Key Concepts
Quantitative and qualitative risk assessment
approaches
Business impact analysis (BIA)
Business continuity plan (BCP)
Incident handling
Disaster recovery plan (DRP)
![Page 4: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/4.jpg)
Page 4Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 4Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Risk Management and Information
Security
Seek a balance between the utility and cost of various risk management options
• Don’t spend more to protect an asset than it is worth
• A countermeasure without a corresponding risk is a solution seeking a problem; difficult to justify the cost
![Page 5: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/5.jpg)
Page 5Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 5Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Risk Terminology
• Something (generally bad) that might happen
Threat
• Any exposure that could allow a threat to be realized
Vulnerability
• The likelihood that a particular threat will be realized against a specific vulnerability
Risk
• The amount of harm a threat exploiting a vulnerability can cause
Impact
![Page 6: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/6.jpg)
Page 6Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 6Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Risk Terminology (cont.)
• A measurable occurrence that has an impact on the business
Event
• Any event that violates or threatens to violate your security policy
Incident
• Includes both safeguards and countermeasures
Control
• Addresses gaps or weaknesses in controls that could lead to a realized threat
Safeguard
• Counters or addresses a specific threat
Countermeasure
![Page 7: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/7.jpg)
Page 7Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 7Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Elements of Risk
Assets
Vulnerabilities
Threats
![Page 8: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/8.jpg)
Page 8Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 8Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Purpose of Risk Management
Identify risks
• Before they lead to an incident
• In time to enable you to plan and begin risk-handling activities (controls and countermeasures)
• On a continuous basis across the life of the product, system, or project
![Page 9: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/9.jpg)
Page 9Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 9Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The Risk Management Process
![Page 10: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/10.jpg)
Page 10Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 10Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Identify Risks
Develop scenarios for each threat to assess
the threats
Popular risk identification methods include:
• Brainstorming
• Surveys
• Interviews
• Working groups
• Checklists
• Historical information
![Page 11: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/11.jpg)
Page 11Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 11Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Risk Register
A description of the risk
Expected impact if the event occurs
The probability of the event occurring
Steps to mitigate the risk
Steps to take should the event occur
Rank of the risk
![Page 12: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/12.jpg)
Page 12Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 12Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Emerging Threats
New technology
Changes in culture of organization/environment
Unauthorized use of technology
Changes in regulations and laws
Changes in business practices
![Page 13: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/13.jpg)
Page 13Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 13Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Static Environments
Supervisory Control and Data Acquisition (SCADA)
Embedded systems
Mobile devices (Android, iOS, Windows)
Mainframes
Gaming consoles
Vehicle systems
![Page 14: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/14.jpg)
Page 14Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 14Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Assess Risks
Quantitative—Attempts to describe risk in
financial terms and put a dollar value on each risk
Qualitative—Ranks risks based on their
probability of occurrence and impact on business
operations
![Page 15: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/15.jpg)
Page 15Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 15Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Calculating Quantified Risk
Determine annualized loss expectancy (ALE)
Determine how often a loss is likely to occur every year
Calculate the single loss expectancy (SLE)
Calculate the exposure factor (EF)
Calculate the asset value (AV)
![Page 16: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/16.jpg)
Page 16Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 16Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Determining Quantified Risk
Calculation Formula
Single loss expectancy (SLE) AV × EF = SLE
Annualized rate of occurrence
(ARO)
ARO = Number of incidents
per year
Annualized loss expectancy
(ALE)
SLE × ARO = ALE
![Page 17: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/17.jpg)
Page 17Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 17Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Qualitative Risk Analysis
Probability or
likelihood
Impact
![Page 18: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/18.jpg)
Page 18Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 18Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Plan a Risk Response
• Reduce (reduction/mitigation)
• Transfer (transference/assignment)
• Accept (acceptance)
• Avoid (avoidance)
Negative risks
• Exploit (exploitation)
• Share (sharing)
• Enhance (enhancement)
• Accept (acceptance)
Positive risks
![Page 19: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/19.jpg)
Page 19Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 19Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Acceptable Range of Risk
![Page 20: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/20.jpg)
Page 20Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 20Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Total Risk and Residual Risk
![Page 21: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/21.jpg)
Page 21Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 21Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Implement the Risk Response Plan
Administrative controls
• Manage the activity phase of security—the things
people do
Activity phase controls
• Either administrative or technical
• Correspond to the life cycle of a security program
- Detective controls
- Preventive controls
- Corrective controls
- Deterrent controls
- Compensating controls
![Page 22: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/22.jpg)
Page 22Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 22Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Protecting Physical Security
HVACFire
suppressionEMI
shielding
Lighting SignsVideo
surveillance
Access lists Safety plan
![Page 23: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/23.jpg)
Page 23Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 23Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Selecting Countermeasures
Fix known exploitable software flaws
Develop and enforce operational
procedures and access controls (data and
system)
Provide encryption capability
Improve physical security
Disconnect unreliable networks
![Page 24: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/24.jpg)
Page 24Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 24Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Monitor and Control Risk Response
What problem is this countermeasure
designed to solve?
Does this countermeasure solve this problem?
• Countermeasures might pose new risk to the
organization
• Perform certification and accreditation of
countermeasure programs
• Follow best practices and exercise due
diligence
![Page 25: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/25.jpg)
Page 25Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 25Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Business Continuity Management
(BCM)
Business continuity plan (BCP)
• Contains the actions needed to keep critical business
processes running after a disruption
Disaster recovery plan (DRP)
• Details the steps to recover from a disruption and
restore the infrastructure necessary for normal
business operations
Disruptions include extreme weather, criminal activity,
civil unrest/terrorist acts, operational, and application
failure disruptions
![Page 26: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/26.jpg)
Page 26Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 26Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Terminology
Business impact analysis (BIA)
Critical business function (CBF)
Maximum tolerable downtime (MTD)
Recovery time objective (RTO)
Recovery point objective (RPO)
Emergency operations center (EOC)
![Page 27: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/27.jpg)
Page 27Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 27Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Assessing Maximum Tolerable
Downtime (MTD)
![Page 28: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/28.jpg)
Page 28Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 28Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Business Impact Analysis
Security pro should ask two questions:
• What can affect the business?
• How will it affect the business?
Conduct a BIA for these reasons:
• Set value of each business unit or resource as it
relates to how the entire organization operates
• Identify critical needs to develop a business recovery
plan
• Set order or priority for restoring the organization’s
functions after a disruption
![Page 29: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/29.jpg)
Page 29Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 29Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Critical Dependencies
Information processing
Personnel Communications
Equipment FacilitiesOther
organizational functions
Vendors Suppliers
![Page 30: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/30.jpg)
Page 30Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 30Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Assessing the Impact of Downtime
PropertyDataSystemsPeople
![Page 31: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/31.jpg)
Page 31Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 31Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Review and Test the Plan
Important to review and update BCP
regularly
Tests for a BCP and DRP
• Checklist
• Structured walk-through
• Simulation
• Parallel
• Full interruption
![Page 32: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/32.jpg)
Page 32Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 32Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Backing Up Data and Applications
Plans must include dealing with:
• Backup storage media
• Location
• Access
Backups provide extra copies of needed resources, such as:
• Data
• Documentation
• Equipment
![Page 33: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/33.jpg)
Page 33Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 33Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Types of Backups
Full
Differential
Incremental
![Page 34: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/34.jpg)
Page 34Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 34Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Incident Handling
Documentation and reporting
Recovery and followup
Response
Notification
Identification
Preparation
![Page 35: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/35.jpg)
Page 35Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 35Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Recovery from a Disaster
A disaster recovery plan (DRP):
• Establishes an emergency operations
center (EOC) as an alternate location from
which the BCP/DRP will be coordinated and
implemented
• Names an EOC manager
• Determines when that manager should
declare an incident a disaster
![Page 36: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/36.jpg)
Page 36Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 36Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Activating the Disaster Recovery
Plan
Restore business operations
Return operations to their original state
before the disaster
![Page 37: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/37.jpg)
Page 37Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 37Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Operating in a Reduced/Modified
Environment
Suspend normal processes
Identify minimum recovery resources as
part of the recovery needs
Combine services that were on different
hardware platforms onto common servers
Continue to make backups of data and
systems
![Page 38: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/38.jpg)
Page 38Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 38Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Primary Steps to Disaster Recovery
Ensure the safety of individuals
Contain the damage
Assess damage and begin recovery
operations according to the DRP and BCP
![Page 39: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/39.jpg)
Page 39Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 39Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Restoring Damaged Systems
Know where to get configuration charts, inventory lists,
and backup applications and data
Have access control lists to make sure that the system
allows only legitimate users on it
Update the operating systems and applications with the
most current patches
Make sure the operating systems and applications are
current and secure
Activate the access control rules, directories, and remote
access systems to permit users to get on the new systems
![Page 40: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/40.jpg)
Page 40Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 40Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Recovery Alternatives
A dedicated site operated by the business, such as a secondary
processing center
A commercially leased facility, such as a hot site or mobile facility
An agreement with an internal or external facility
![Page 41: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/41.jpg)
Page 41Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 41Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Comparing Common Recovery Site
OptionsFeature Hot
Site
Warm
Site
Cold
Site
Multiple
Sites
Cost High Medium Low No direct
costs
Computer
equipped
Yes Yes No Yes
Connectivity
equipped
Yes Yes No Yes
Data equipped Yes No No Yes
Staffed Yes No No Yes
Typical lead time
to readiness
Minutes
to hours
Hours to
days
Days to
weeks
Moments to
minutes
![Page 42: Fundamentals of Information Systems Security Chapter 8](https://reader033.fdocuments.in/reader033/viewer/2022051123/5a649f377f8b9a27568b7a2f/html5/thumbnails/42.jpg)
Page 42Fundamentals of Information Systems Security© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.Page 42Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Summary
Quantitative and qualitative risk assessment
approaches
Business impact analysis (BIA)
Business continuity plan (BCP)
Incident handling
Disaster recovery plan (DRP)