Chapter 7: Identifying Assets and Activities to be Protected
99.999, 5.25
five nines if equivilant to _________________ percent uptime, and equates to ______________ minutes of downtime in a year
value to the customers, value to the company, ensuring process stays up, protection of data
four considerations for automated methods are:
manual, automated
functions can be either ___________________________
software assets
include the operating system and applications
organization data
includes any internally used data which could include employee data, billing and financial data, system configuration data, system process data, vendor data
copyright
includes literary and artistic works such as books, films, paintings and drawings
customer data
includes the data holds on customers, could include name, address, phone numbers, email, historical purchases, accounts receivable data, credit card or banking data, account name and password, demographic data
disaster recovery plan
includes the details needed to recover a system from a disaster, provides the necessary details to respond immediately to a disaster, included as a part of the BCP
industrial property
industrial designs, trademarks, inventions and patents
asset replacement
insurance that is intended to replace any assets damaged in a disaster
product
insurance that protects the company if the customer becomes injured from use of the product
industrial property, copyright
intellectual property can be broken into two categories:
BCP
is defined as the documentation of a predetermined set of instructions or procedures that describe how an organizations mission/business processes will be sustained during and after a significant disruption
asset management
is used to manage all types of assets and includes more detailed data
inventory management
is used to manage hardware inventories and includes only basic data such as model and serial numbers
written records, knowledge process
manual processes have two primary asset values:
reconstitution phase
organization returns to normal operations
policies
organizations typically have _______________ in place to control hardware purchases
access controls
protect data from unauthorized disclosure and help protect the confidentiality of the data
backups
protect the data when it becomes corrupted or accidentally deleted
big data
refers to any set of data that is so large and complex that it is difficult to process with existing database tools
indirect costs
related to the loss of customer confidence
data warehouse
reorganizing the database into a ____________________ helps make it more efficient for data analysis and data mining
direct costs
the immediate loss of sales, or expenses related to recovering from the loss
use
the importance of a system is determined by its ____________
transform
the process of converting data into a common format needed for the data warehouses so that it is consistent
data warehousing
the process of gathering data from different databases and placing it in a central database that is a central storage area but not where the source data is modified
load
the process of loading the data into the data warehouse
extract
the process of retrieving data relevant for decision making from existing databases
hiring additional personnel, cross training, job rotation
the risk of a person becoming a single point of failure can be reduced by:
general, professional, product
three primary types of liability insurance are:
direct and indirect revenue, productivity
two measurements can be used to determine value:
general
type of insurance that protects them against injury claims and property damances
single point of failure
when any function or process depends on a single person, that person becomes a ____________________________
single
when setting up a failover cluster, the user appears to connect to a _________________ database server
mission critical system
any system that must continue to run to ensure your business continues to run
value
Determining which systems require 99.999% access/availability can be identified by the ____________ of the service provided
hardware assets
are the assets that you can touch with your hands, such as computers, servers, switches, firewalls, spam appliances and are usually tracked in a database
personnel assets
are the people you have working for you
recovery phase
assess the damage
notification activation phase
assessment teams are activated to respond to the emergency
private data
could be customer or employee data
proprietary data
could be financial data or data created from research and development
access controls, backups
data and information assets can be protected by _____________________ & ____________________-
intellectual property
data created by a person or organization, can include inventions, literary and artistic works, symbols, names and images
online transactional processing
databases are generally optimized as ________________________ databases which is very efficient for recording transactions
operating system
__________________ tracking should include hardware where its installed, the name, and the latest service pack installed.
application
___________________ specifics tracked should include the name, version number, service pack or update information if its available
extract, transform, load
________________________ is the process of moving data from a database to a data warehouse
RAID
a ______________ is often used to ensure that data isn't lost even if a drive fails
failover cluster
a __________________ provides fault tolerance for a server which includes at least two servers called nodes
business impact analysis
a _____________________ identifies the impact of a sudden loss of business functions, often quantified in cost
single point of failure
a _______________________ is any part of a system that can cause an entire system to fail
DRP
a defined as a written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities
business continuity plan
a document used to help a company plan for disaster or an emergency, the goal is to ensure that the critical operations of an organization continue to function, includes procedures and instructions to restore operations in the event of disaster
downtime
a failover cluster can allow maintenance to be performed without any ____________________-
data mining
a group of techniques used to retrieve relevant data from a data warehouse so that decision makers can view the data form different perspectives to help make decisions
service pack
a group of updates, patches and fixes that apply to a specific operating system
professional
an insurance that protects the company if an employee provides inaccurate advice
public data
any data that is accessible from public sources