Business Continuity Planning (BCP) and Disaster Recovery (DR) Phases

Questions and Answers

What is the primary objective of Phase I in the DR phases?

Recover critical business functions

Move operations to the DR Backup Site within 24hrs (correct)

Return data processing activities to the primary facilities

Assess the level of impact of the disaster

What is the main purpose of offsite alternatives in Business Continuity?

To declare an emergency over

To provide a roadmap for disaster recovery

To notify stakeholders of the disaster

To ensure continuity of operations during a disaster (correct)

What is the process of restoring the plaintext from the ciphertext called?

Decryption (correct)

Ciphertext

Encryption

Plaintext

What is the primary purpose of a hash function?

To confirm message identity and integrity

What is the term used to describe the activities required to keep an organization running during a disaster?

Business Continuity

What is the piece of information used in the encryption and decryption process called?

Key

What is the primary purpose of a Digital Certificate?

To associate a public key with a subject's identity

What is the first step in the security function process?

Identify the assets you must secure and their associated risks

What is the primary focus of Physical Security?

Securing physical assets and resources

What is a critical area to consider when implementing Physical Security?

Wiring closets and server rooms

What is a common threat to Physical Security?

Fire, HVAC issues, and power outages

What is a key aspect of Physical Security implementation?

Designing and implementing countermeasures and controls

What is the primary purpose of a Fail-Safe Lock?

To automatically release the lock in case of a power outage

What is the primary function of ID cards and badges?

To serve as authentication and authorization controls

What is the term for when an unauthorized individual follows an authorized user through a barrier control?

Tailgating

What type of lock requires a combination to gain access?

Combination lock

What is the primary function of a Fail-Secure Lock?

To maintain security in case of a power outage

What type of lock uses a fingerprint scanner or retinal scanner for access control?

Biometric lock

What is a top security problem involving unauthorized connections?

Network spoofing including fake wireless access points

What is a mitigation technique to protect against data loss in case a device is lost or stolen?

Remote wipe and remote lock

What is a mobile device management recommendation to prevent unauthorized access to company data?

Disallowing rooting or jailbreaking of the device

What is a feature of Apple's built-in mechanism to find and erase lost phones?

GPS location services

What is a benefit of using a secure, encrypted 'container' on a device?

Protecting organizational access and data

What is a feature of Absolute Software's CompuTrace?

Periodic reporting of the device's electronic serial number

What is the primary role of a data controller?

To determine the purposes and means of processing personal data

What is personally identifiable information (PII) used for?

To commit identity theft

Why must organizations be transparent about monitoring employee communications?

To respect employee privacy expectations

What is the primary concern related to intellectual property breaches?

Software piracy

What is the main purpose of privacy laws?

To give citizens control over their personal data

What is addressed in Article 21 of the UAE Federal Law 5 of 2012?

Invasion of privacy through computer networks

Study Notes

Business Continuity (BC)

• BC refers to the activities required to keep an organization running during a period of disruption or interruption of normal operations
• Offsite alternatives must be present to ensure BC
• BCP Implementation during a disaster involves:
  • Assessing the level of impact
  • Beginning continuity operations
  • Notifying stakeholders
  • Following the roadmap
  • Declaring the emergency over

Disaster Recovery (DR) Phases

• Phase I: Move operations to the DR Backup Site (within 24 hours)
• Phase II: Recover critical business functions
• Phase III: Return data processing activities to the primary facilities

Cryptography

• Plaintext: The original message
• Ciphertext: The coded message
• Enciphering/Encryption: The process of converting from plaintext to ciphertext
• Deciphering/Decryption: Restoring the plaintext from the ciphertext
• Key: A piece of information used in the encryption and decryption process
• Cryptography: The study of encryption

Hash Functions

• One-way mathematical algorithms that generate a digest to confirm message identity and integrity
• Have many uses, including saving passwords and verifying the integrity of digital files

Security Functions

• Identify: Assets to be secured and their associated risks
• Protect: Assets through controls and safeguards
• Detect: Security events that can compromise assets
• Respond: To security events to contain them
• Recover: From security events and return to normal operations

Physical Security

• Refers to the security of physical assets and resources
• Examples: Infrastructure, equipment, facilities, and people located in physical locations
• Physical security addresses design, implementation, and maintenance of countermeasures to protect physical resources
• Includes safeguards and controls to protect assets, mechanisms to detect incidents, and plans for responding and recovering from incidents

Physical Security Implementation

• Includes power, environmental control, windows, and fire prevention
• Critical areas to consider: Wiring closets, server rooms, media storage facilities, and evidence storage

Physical Security Threats & Countermeasures

• Threats: Fire, HVAC issues, power issues, water issues, structural issues, and locks and keys
• Countermeasures: Locks, including mechanical and electromechanical locks, and alternative procedures for controlling access

ID Cards & Badges

• Tie physical security with information access control
• Serve as authentication and authorization controls
• In some instances, biometric measures substitute or complement ID cards

Mobile Device Vulnerability Mitigation

• Both Android and Apple use sandboxing to compartmentalize the OS and apps
• Mitigation techniques and recommendations include:
  • Mobile device management
  • Remote wipe, lock, and GPS location services
  • Anti-malware and endpoint protection
  • Secure connection (VPN) to the workplace
  • Strong authentication
  • Digitally signed third-party software
  • Separating personal data from work data
  • Protection from theft and data loss
  • Protection of the data and company network in case the device is lost or stolen
  • Disallowing rooting/jailbreaking of the device
  • Not installing apps from unknown or untrusted sources
  • Recording the electronic serial number (ESN) of the device
  • Keeping the number handy in case the device is reported stolen

Mobile Device Management Recommendations

• Device provisioning in enterprise, including enrollment and authentication
• Remote device lock or wipe
• Account management
• Turn on/off device features
• GPS, Wi-Fi, and cellular device location
• Remote software deployment
• OS/application/firmware updates
• Application management
• Secure backup and information archiving
• Secure, encrypted "container" on device to segregate organizational access and data
• Jailbreak or root access protection

Physical Security of Mobile and Portable Systems

• Many devices can be configured to send their location if reported lost or stolen, wipe themselves of all user data, or disable themselves completely
• Examples: Apple's built-in mechanism to find and erase lost phones, Absolute Software's CompuTrace installed on laptops

Privacy Implications

• Personally Identifiable Information (PII): information about a person's history, background, and attributes that can be used to commit identity theft
• Loss of privacy may lead to Identity Theft: the act of impersonating a victim for illegal or unethical purposes

Employee Privacy

• Employees have an expectation of privacy in certain communications, such as with their doctors or banks
• Organizations must be transparent and clear about what they monitor
• Organizations must ensure they clearly outline the expectations of the employee in terms of privacy when it comes to employee-owned devices or employees using organizational equipment for personal use

Compromises to Intellectual Property (IP)

• Intellectual property (IP) is defined as the ownership of ideas and control over the tangible or virtual representation of those ideas
• The most common IP breaches involve software piracy
• Two watchdog organizations investigate software abuse: Software & Information Industry Association (SIIA) and Business Software Alliance (BSA)

Privacy Laws

• Most governments have privacy laws in place
• Laws provide citizens with more control over how PII is gathered, used, stored, and disseminated

Privacy in the UAE

• Article 21 of the UAE Federal Law 5 of 2012 addresses privacy

Description

This quiz assesses understanding of Business Continuity Planning and Disaster Recovery phases, including moving operations to a backup site, recovering critical business functions, and returning to primary facilities. Test your knowledge of offsite alternatives and BCP implementation during disasters.