Incident Response, Backup and Recovery Strategies, and Documentation

WHAT YOU WILL LEARN

• 

  discover the key concepts covered in this course
  

  describe common disaster types, including natural disasters and malicious human actions
  

  discuss options for handling incident investigations and recognize tools to put in place
  

  describe steps to properly prepare for incident response
  

  discuss how business continuity planning (BCP) can be used to prepare for potential network problems
  

  recognize concepts commonly used in business continuity planning
  

  outline business continuity planning (BCP) and disaster recovery planning (DRP) requirements
  

  provide an overview of prevention, detective, and corrective controls
  

  outline the focus of a disaster recovery plan (DRP)
  

  outline who should be in charge of the BCP and DRP
  

  list common goals of a disaster recovery plan
  

  describe how sufficient time, effort, and reasoning is required for disaster recovery planning
  

  outline common content to include in a disaster recovery plan
  

  discuss individual roles and responsibilities within the organization and their influence
  

  understand the importance of identifying priorities during disaster recovery planning
  

  outline how recovery strategies can help restoration and recovery efforts
  

  consider elements of a business process recovery during disaster planning
  

  outline items to include in facility and supply recovery planning
  

  discuss the importance of planning for user recovery
  

  describe how operational recovery planning can help ensure businesses can resume day to day operations in a timely manner
  

  discuss how backup technologies and strategies can help recover from disasters
• 

  list alternatives for data backups including electronic vaulting, remote journaling, and database shadowing
  

  list the advantages and disadvantages of on-site and off-site backups
  

  discuss concepts relating to periodic backups
  

  perform a backup using the 3,2,1 backup strategy
  

  provide an overview of Redundant Array of Independent Disks (RAID)
  

  differentiate between electronic vaulting, remote journaling, and database shadowing
  

  provide an overview of software escrow and the areas it focuses on
  

  recognize the benefits of having an alternate processing plan
  

  outline recovery cost and time factors when planning for recovery
  

  recognize which controls which could help prevent or recover from an outage
  

  discuss how and why primary site changes should be duplicated in an environment
  

  recognize the importance of documentation as it relates to security strategy
  

  list other recovery documentation to maintain including contracts, manuals, forms, and contact details
  

  describe the importance of testing disaster recovery plans
  

  discuss how often you should test BCP/DRP plans in place
  

  recognize the importance of preparing for incident responses and differentiate between external and internal investigations
  

  discuss legal considerations when dealing with an incident including geographical complications
  

  outline essential skills and tools required for incident response situations
  

  discuss decisions and factors when determining whether or not to report a cybercrime to authorities
  

  recognize incidents in which cyberlaw mandates that crimes be reported, including privacy violations and loss of personally identifiable information