Certified Cybersecurity Technician Business Continuity & Disaster Recovery PDF
Document Details
Uploaded by barrejamesteacher
EC-Council
Tags
Summary
This document discusses business continuity and disaster recovery concepts, including prevention, response, resumption, recovery, and restoration activities. It's part of a larger module focusing on certified cybersecurity technician training.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Module Flow Understanding Business Continuity (BC) and...
Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Module Flow Understanding Business Continuity (BC) and Disaster Recovery (DR) Concepts Discuss BC/DR Activities Understanding Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) & Discuss BC/DR Activities The objective of this section is to discuss the prevention, response, resumption, recovery, and restoration activities carried out as part of the BC and DR operations. Module 21 Page 2324 Certified Cybersecurity Technician Copyright © by EG-Gouncil EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery Business Continuity and Disaster Recovery Activities [ B O The prevention activity of BC Q In this process, a set of activities QO QO Resumption refers to the involves actions taken to prevent a are implemented after a disaster recommencement of business natural phenomenon or potential in order to assess business needs | operations after a disruptive hazard from harming organizations and reduce and limit the negative incident ).. impacts of the disaster i O Example of preventive actions: P - 0@ Arobust organizational O Example of response actions: infrastructure is crucial to the Imposing restrictions on certain.. s. execution of activities pertaining processes. For example, it restrict Evacuating personnel or shutting N ti. organizations from spending capital down systems ii to0 resumption resumption on items on not listed items not listed in the DRP in the or BCP DRP or BCP. Oa Example of Example of Resumption actions: Resumption actions:. G Continuing operations at a primary G @& or an alternate operating location = ey YeN s. —_ ii (an alternate site is used in case the M 5‘@, i primary primary location location is inaccessible or j 5‘% , I unusable due to some reason) Copyright pyrig ©© brbyY Copyright L ANl [3 AN Rights P Reserved. Reproduction Reserved, Reproduction StrictlyY Prohibited is Strictly Business Continuity and Disaster Recovery Activities (Cont’d) Recovery Restoration QO Recovery includes actions taken to resume OQO Restoration is the process of repairing the services dependent on critical business old site affected by a disaster or setting up applications a completely new alternate site to resume Q Example of Recovery actions: business operations Establishing a program to restore the QO This phase is concerned with restoring disaster site disaster site and and the the damaged damaged materials to materials to ~ #—___ business operations business operations to to normalcy, normalcy, and and itit a stable and usable condition a often involves the migration of business functions from the recovery site to the long-term site =—. —- ‘ O Restoration is based on the assumption QO — 2 that the migration of the most critical business processes from a remote location precedes the migration of the less critical ] functions AL g TN R o~ ST Y Copyright © by | ved. ReproductionIS Strictly Prohibited Business Continuity and Disaster Recovery Activities The main BC and DR activities are prevention, response, resumption, recovery, and restoration. = Prevention This activity involves actions taken to prevent a natural phenomenon or potential hazard from harming organizations. A preventive action is implemented concurrently and continuously along with certain proposed measures. It aims to reduce the likelihood Module 21 Page 2325 Certified Cybersecurity Technician Copyright © by EG-Council EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery and impact of a disruptive event and calls for deterrent and preventive control strategies. A deterrent control strategy minimizes the occurrence of threats, and a preventive control strategy protects critical business areas and mitigates the impact of a threat. In an effective prevention plan, prevention mechanisms do not allow unauthorized access or cause any availability problem. For example, these mechanisms restrict a company from spending money on certain processes not listed in the BCP and DRP. * Response In this process, a set of activities are implemented after a disaster in order to assess business needs and reduce and limit the negative impacts of the disaster. For example, response actions include evacuating personnel or shutting down systems. An initial response includes the following: o Generating notifications o Activating the business continuity team (BCT) o Activating the business unit’s personnel o Presenting an initial briefing to the BCT o Reviewing the recovery strategies for implementation o Implementing the BCP = Resumption Resumption refers to the recommencement of business operations after a disruptive incident. A robust organizational infrastructure is crucial for executing the set of activities pertaining to resumption. An example of a resumption activity is continuing operations at a primary or an alternate operating location (an alternate site is used in case the primary location is inaccessible or unusable due to some reason). Resumption involves the activation of alternative infrastructure resources for facilitating smooth operations. Although resumption activates the time-sensitive business processes after a disruption, it cannot resume the activities in the case of large-scale destruction. In such cases, after consulting with their emergency operations center, organizations consider whether to invoke the BCP. The first decision pertains to whether critical operations should be resumed at the primary operating location or shifted to an alternate site. If the normal site is damaged or access to that site is denied, then operations are shifted to an alternate site. * Recovery Recovery includes actions taken to resume services dependent on critical business applications. An example of a recovery activity is establishing a program to restore both the disaster site and the damaged materials to the pre-disaster levels. It is a predetermined procedure of providing partial and temporary services to the unit Module 21 Page 2326 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Business Continuity and Disaster Recovery affected by a disruption. Specifically, recovery focuses on a unit whose stakeholders are impacted by an interruption in the resumption of activities and a long restoration time. A recovery includes the following activities: o Implementing recovery strategies o Assessing damages in the primary facility o Mobilizing the tactical teams for recovery o Monitoring the recovery status o Initiating the restoration process = Restoration Restoration is the process of repairing the old site affected by a disaster or setting up a completely new alternate site to resume business operations. This process is concerned with the repair and restoration of the primary site. This phase is initiated only in the case of a physical damage. This phase is concerned with restoring business operations to normalcy, and it often involves the migration of business functions from the recovery site to the long-term site. In this phase, a team assesses the physical damage, replaces damaged items, and refurbishes the premises, thereby restoring normalcy to the operations. Restoration is based on the assumption that the migration of the most critical business processes from a remote location precedes the migration of the less critical functions. Initially, the operations team implements a DRP/BCP at the alternate site. Subsequently, the technical team formulates the restoration plan. The operations team is divided into two groups— one group continuously implements the DRP/BCP, and the other group manages the restoration process at the primary site. Often, the team simultaneously executes the restoration plan and the DRP/BCP. Module 21 Page 2327 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.