ISC2 - CC - Domain 2: Incident Response, Business Continuity, and Disaster Recovery Concepts

Disaster Recovery Plan (DRP)

The plan for the restoring of information technology and communications services and systems needed by the organization, both during disruption and restoration

Incident Response Plan

What are these the 4 components of? - Preparation - Detection & Analysis - Containment - Post-Incident Activity

Incident

an event that actually or potentially jeopardizes the CIA of an info system or the information the system processes, stores, or transmits

intrusion

an event where an external entity attempts to gain unauthorized access to an organization's IT environment

incident response team

during an incident, what team is responsible for assessing and scoping out any damage - The 4 primary responsibilities include: - Determining damage - assessing compromise - implementing recovery procedures - supervising security measures

breach

the loss of control, compromise, unauthorized acquisition, or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose

Business Continuity Plan

the proactive development of procedures to restore business operations after a disaster or other significant disruption to the organization or continue the critical functions of the business' operations during a crisis perhaps even at reduced capacity... - Including: - team members with multiple contact methods - guidance for management and designation of authority for specific managers - Immediate response procedures and checklists - notification systems and call trees for alerting personnel - supply chain vendor contact numbers - vital for executives of the business to be involved - the first step is to call the appropriate individuals and start to activate the plan

Disaster Recovery Plan (DRP)

what plan guides the actions of emergency response personnel to get the business restored to last full-known reliable operations

red book

what serves as a hard copy backup of the Business Continuity Plan accessible outside the facility outlining procedures in case of a catastrophic disaster leaving electronic access unavailable

okay

Data backups are essential for disaster recovery, ensuring swift restoration of critical information post-disaster, mitigating risks, and maintaining operational continuity