ISC2 - CC - Domain 2: Incident Response, Business Continuity, and Disaster Recovery Concepts
Disaster Recovery Plan (DRP)
The plan for the restoring of information technology and communications services and systems needed by the organization, both during disruption and restoration
Incident Response Plan
What are these the 4 components of? - Preparation - Detection & Analysis - Containment - Post-Incident Activity
Incident
an event that actually or potentially jeopardizes the CIA of an info system or the information the system processes, stores, or transmits
intrusion
an event where an external entity attempts to gain unauthorized access to an organization's IT environment
incident response team
during an incident, what team is responsible for assessing and scoping out any damage - The 4 primary responsibilities include: - Determining damage - assessing compromise - implementing recovery procedures - supervising security measures
breach
the loss of control, compromise, unauthorized acquisition, or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for other than an authorized purpose
Business Continuity Plan
the proactive development of procedures to restore business operations after a disaster or other significant disruption to the organization or continue the critical functions of the business' operations during a crisis perhaps even at reduced capacity... - Including: - team members with multiple contact methods - guidance for management and designation of authority for specific managers - Immediate response procedures and checklists - notification systems and call trees for alerting personnel - supply chain vendor contact numbers - vital for executives of the business to be involved - the first step is to call the appropriate individuals and start to activate the plan
Disaster Recovery Plan (DRP)
what plan guides the actions of emergency response personnel to get the business restored to last full-known reliable operations
red book
what serves as a hard copy backup of the Business Continuity Plan accessible outside the facility outlining procedures in case of a catastrophic disaster leaving electronic access unavailable
okay
Data backups are essential for disaster recovery, ensuring swift restoration of critical information post-disaster, mitigating risks, and maintaining operational continuity