Unit 2a Flashcards
Processes of backup and restoral
Contingency
Formal policy provides authority and guidance necessary to develop effective plan
Develop Contingency Planning Policy Statement
Helps identify and prioritize info systems and components critical to supporting organization’s mission/business processes
Conduct Business Impact Analysis (BIA)
Measures taken to reduce effects of system disruptions can increase system availability and reduce contingency life cycle costs
Identify Preventive Controls
Thorough recovery strategies ensure system can be recovered quickly and effectively following disruption
Create Contingency Strategies
Plan should contain detailed guidance and procedures for restoring damaged system unique to system’s security impact level and recovery requirements
Develop Information System Contingency Plan
Exercising plan identifies planning gaps; combined, activities improve plan effectiveness and overall organization preparedness
Ensure Plan Testing, Training, and Exercises
Plan is a living document and should be updated regularly to remain current with system enhancements and organizational changes
Ensure Plan Maintenance
Preserves authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information
Confidentiality
Guards against improper information modification or destruction, and
includes ensuring information nonrepudiation and authenticity
Integrity
Ensures timely and reliable access to and use of information
Availability
Provide means to restore local IT operations quickly and effectively following service disruption
Recovery Strategies
Focuses on restoring an organization’s mission essential functions (MEF) at an alternate site and performing those functions for up to 30 days before returning to normal operations at original location
COOP (Continuity of Operations)
Continuity of Operations Plan must include strategy to recover and perform system operations at alternate facility for extended period
Alternate Sites
Consist of facility with adequate space/infrastructure to support IT
Cold Sites
Partially equipped office spaces containing some or all system hardware, software, telecommunications, and power sources
Warm Sites
Office spaces appropriately sized to support system requirements and fully configured and ready to operate within a few hours
Hot Sites
One site equipped and configured exactly like primary site
Mirrored Sites
Back of large truck or trailer turned into data processing or working area
Mobile Hot Sites
Normally applies to mission/business itself. It is concerned with ability to continue critical functions and processes during and after an emergency event.
Continuity Planning
Normally applies to information systems and provides steps needed to recover operation of all or part of designated information systems at existing or new location in an emergency.
Contingency Planning
Provides procedures for sustaining mission/business operations while recovering from significant disruption
Business Continuity Plan
Provides key information needed for system recovery including roles and responsibilities, inventory information, assessment procedures, detailed recovery procedures, and testing of system
Information System Contingency Plan
Provides procedures for mitigating and correcting from cyber-attack (virus, worm, or Trojan horse)
Cyber Incident Response Plan
Provides procedures for relocating information systems operations to alternate location
Disaster Recovery Plan
Provides coordinated procedures for minimizing loss of life or injury and protecting property damage in response to physical threat
Occupant Emergency Plan
Prioritizing recovery strategies, network administrator may make more informed, tailored decisions regarding contingency resource allocations and expenditures thereby saving time, effort, and costs ensuring an organization’s mission continues without delay
Priority Systems
Certain network system devices are of primary consideration in contingency backup and restoration plan, which are they?
E-mail servers, DHCP servers, Domain Controllers, File servers containing mission critical information, Web servers, Specialized systems necessary in war zone environment
Copy of data or program files created for archiving or safekeeping
Data Backup
To ensure lost data, no matter how it got lost, can be recovered quickly, efficiently and as completely as possible
Data Backup Strategy
File attribute that can be checked (set to “on”) or unchecked (set to “off”) to indicate whether file must be archived
Archive Bit
Starting point for all other backups, containing all data in folders and files regardless of whether data is new or has changed
Full Data Backup
Backups all selected files and folders changed during the day
Daily Data Backup
Processes only files that are new or have changed since last full or incremental backup, unchecks archive bit
Incremental Data Backup
Processes only selected files and folders that have changed since last full backup, does not uncheck archive bit
Differential Data Backup
Refers to location away from computer center where paper copies and backup media kept
Offsite Storage Facility
Distance from organization and probability of storage site being affected by same disaster as organization
Geographic Area
Length of time necessary to retrieve data from storage and storage facility’s operating hours
Accessibility
Security capabilities of storage facility and employee confidentiality which must meet data’s sensitivity and security requirements
Security
Structural and environmental conditions of the storage facility
Environment
Unscheduled network, equipment, or application outages or degradations caused by such things as environmental problems (e.g., fire, flood, loss of power, loss of air conditioning), equipment malfunctions, system crashes, etc.
Unscheduled Service Interruptions (USI)
Picks up load after power failure much quicker than standby UPS but at higher cost, uses AC line voltage to charge bank of batteries
Online UPS
Inactive until power grid fails
Standby UPS