02- Disaster Recovery and Risk Management Flashcards
Acceptance
the level of tolerance specified by an organization. When all security measures are taken to mitigate a risk, the remainder of impact will be accepted and tolerated as there is not a way to remove it 100 percent
Attack
occurs when a system is compromised based on a vulnerability by an unknown exploit
Avoidance
the risk is reduced to 0 or eliminated completely. It is almost impossible to achieve this level by taking security measures. The only way to do it is to remove the cause of the risk, i.e. if allowing access to social media is a threat, the only way to avoid it is by blocking access to social media for all the organization.
Business continuity plan (BCP)
decides which services are sensitive for the regular operations to continue
Cold site
a location owned by the organization but contains nothing. In case of disaster the organization will start to equip the cold site to perform the business operations. This process might take weeks or months to be done
DRP (Disaster Recovery Plan)
a policy that defines how an organization will recover from a disaster, whether it’s a natural or man-made disaster. The DRP should protect both people and assets of a given organization. It includes a list of responsible people who will perform the steps for recovery, inventory for the hardware and software, and steps to recover from a disaster.
Electronic vaulting
an alternate location to preserve backed up data. When the backup is complete, it is copied over to a different location. When a disaster occurs the electronic vault is used and the backup is ready to be restored.
hot site
an identical site of the primary one, equipped with systems and services just like the primary. Data is duplicated here
Human threats
insiders who have authorization to access systems, and hackers who use exploits to attack
Internal Users
employees or visitors who could introduce a threat by exploiting a vulnerable or weak point
Journaling
a less expensive solution to preserve the data as journaling captures only transactions. In case of a disaster the full backup tape is used and the journaling is used to write the transactions again that were not included in the full backup
Long term
some services can affect the daily routine of employees but not the production, for example a smoking area or cafeteria, this is to be considered as low damage or long-term recovery
Mid term
if part of the business is affected, the business should still be able to receive customer’s needs and requests through online services
Mitigation
using security controls to protect against a risk until the risk impact is reduced to a level that is tolerated by the organization
Natural threats
can be a flood causing areas to be waterlogged, or a hurricane or a tornado causing a lot of damage.; often impact the availability of systems