Certified Disaster Recovery Engineer

Transcription

1 Cyber Security Training & Consulting Certified Disaster COURSE OVERVIEW 4 Days 32 CPE Credits $2,500 When a business is hit by a natural disaster, cyber crime or any other disruptive tragedy, how should it react? What if the office IT infrastructure is taken down? Will the business be able to continue operations? How much will it cost if the business is down during repairs? The answer lies in the training of the Certified Disaster course. Disaster recovery and business continuity planning is the process of having a professional work with a business to prepare processes, policies and procedures to follow in the event of a disruption. The goal is to keep a businesses critical operations running, which today heavily relies on its IT infrastructure. Students who take this course will be prepared to work with businesses to create and implement disaster recovery and business continuity plans. UPON COMPLETION Students will: Understand the principles of business continuity and disaster recovery planning. Have a first draft of their own business continuity and disaster recovery plan. Be ready to sit for the C)DRE exam. C)DRE TRACK Professional Roles: Business Continuity Disaster System Admin Prerequisites: C)SS: Security Sentinel Or equivalent experience C)DRE Exam: 2 Hours 100 Questions $300 USD Purchase on mile2.com CNSS Accreditation: CNSSI-4016: National Information Assurance Training Standards for Risk Analysis COURSE CONTENT Module 1: Introduction Module 2: Business Impact Analysis Module 3: Threat & Risk Analysis Module 4: BDP Strategies Module 5: IT Strategies Module 6: Implementation Phase Module 7: Testing and Exercise Module 8: Maintenance and Updating Module 9: Execution Phase Module 10: Module 11: Pandemics Review & Exam ACCREDITORS COMMITTEE ON NATIONAL SECURITY SYSTEMS NATIONAL INITIATIVE FOR CYBER SECURITY CAREERS AND STUDIES NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

2 Page No. 2 ABOUT THE AUTHOR John Glover - CISSP, CISA, CISSO, CMC, I.T.C.P. John has been a certified management consultant (CMC) since 1985 working with national and international consulting firms. From 1985 to 1992 John was a senior consultant with DMR Group Ltd. executing assignments across North America. Most of these assignments were related to the design and development of telecommunications networks and delivery services. In 1992 John left DMR for a two-year assignment in Manila, Philippines on a Canadian International Development Agency (CIDA) and World Bank Telecommunications deployment project for the Philippine government. Upon his return to Canada in 1995 John specialized in the design, development and implementation of voice and data networks to support enterprise-wide business systems in the public and private sectors of British Columbia. Recent projects have included migration from legacy systems to client/server environments, major retrofitting of corporate telecommunications and systems infrastructures and deployment of corporate information security systems for a BC Insurance provider. Since 1999, John has provided Lead Instructor learning services to a variety of organizations and government departments. To date, from 1999 through 2013 John has been delivered over 250 Common Body of Knowledge (CBK) review seminars throughout North America (including Mexico), Australia, Asia and Europe. These seminar sessions, of between 5 8 days duration, provided guidance and mentoring support for an average of candidates in support of their certification process. EXAM INFORMATION The Certified Disaster exam is taken online through Mile2 s Assessment and Certification System ( MACS ), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. The cost is $300 USD and must be purchased from Mile2.com.

3 Page No. 3 DETAILED MODULE DESCRIPTION Module 1 - Welcome to Disaster mile2 Class Training - Overview mile2 Course Road Map mile2 Brochure CDRE Agenda Schedule The CDRE Exam Introductions Introduction to Business Continuity Planning What is a Disaster? What is a Critical Business Function? Business Continuity Planning (BCP) Importance of BCP Disaster Planning (DRP) Emergency Response BC/DR Trends Purpose of BC/DR Program BCP Overview Challenges to Effective BCP Where does Project Initiation fit into the Process? Project Initiation Phase BC/DR Program Life Cycle Module 2 Business Impact Analysis What is a BIA? BIA Scope, Goal, and Objectives BIA Terminology Maximum Tolerable Downtime Point Objective Time Objective Time Examples BIA Process BIA Process- Disaster Mode Staffing BIA Process - Capacity & Performance Objectives BIA Tools Kick off Meeting Preparing for the BIA Interviews Conducting the Interviews Notes on Data Collection Identify Dependencies Finalize Data Analysis BIA Report Presentation to Senior Management Module 3 - Risk Analysis Where does the Risk Analysis fit into the Process? Functional Requirements Threats to Business Process Causes of Unplanned Downtime Risk Examples Risk Analysis Terminology Risk Analysis Activities Exposure Inventory Business Process Inventory Business Process Documentation Statement of Risk ALE Annualized Loss Expectancy Statement of Risk Risk Control Definition Identifying Existing Controls Physical Controls Risk Analysis Risk Assessment Report Compiling a Risk Assessment Report Risk Analysis Module 4 - & Development Phase Where does BCP Strategies fit into the Process? Strategy Process BCP Strategies Design & Development Phase Emergency Response & Operations Emergency Response Components Develop ER Procedures ER Sources for Assistance Alternate Site Selecting Vendors for DR/BC Services Site & Resumption Restoration of Primary Site Return to Primary Site Continuity Strategy - Insurance Evaluate Insurance Terms

4 Page No. 4 Module 5 - IT Strategies Where does IT Strategy fit into the Process? IT Strategy Process IT Strategies Examples of IT Tape Vault Facilities Disk Backups Replicated Disk Backups Deduplicated & Replicated Backups Backups Replicated & Deduplicated Data Archiving Systems Replication Application Redundancy Telecommunications Strategies Alternate Sites Internal or Vendor BC/DR Services Selecting Vendors for BC/DR Services Evaluating Vendors of DR/BC Resources Critical Factors IT Strategies Assessment IT Strategies DR Plan Development DRP Design DR Plan Development Module 6 - Implementation Phase Where does Implementation fit into the Process? Implementation of BCP Responsibility for BCP Implementation Determine Cost Estimates Management Approval and Funding Install & Configure Detailed Documentation Implement Operational Changes Procure Facilities & Services Awareness & Training Awareness Programs Training Programs Module 7 - Testing and Exercise Where does Testing and Drills fit into the Process? Testing & Exercise Phase Testing & Drills Progression of Testing Types Testing Participants Test Script Example Testing Post-Mortem Module 8 - Maintenance and Updating Where does Maintenance fit into the Process? Maintenance Policies and Procedures Plan Maintenance Maintenance & Schedule Budgets Software Tools for Maintenance Input Criteria for Plan Maintenance Plan Distribution & Security Module 9 - Execution Phase Where does the Execution Phase fit into the Process? Execution Phase Escalation Procedures Disaster Declaration Procedures Public Relations/Spokesperson Role Typical Audiences Audience Messages Sources of Information Incident Command Centre (ICC) ICC Chain of Command ICC Organization Be Prepared to Work with Public Authorities Executing the Plan Module 10 - Computer Crime & Cyber Attack Scenarios Northeast Cyber Attack Scenario Economic Impact of Malicious Code Attacks Including in Definitions of Terrorism Domestic and International Terrorism Department of Homeland Security Key Assets Cyberspace Security Strategies Expectations of

5 Page No. 5 Information Warfare Considerations for Developing Information Warfare Protection Against Evolving Privacy Laws How Computer Systems are Attacked Types of Computer Attacks Developing Procedure in the wake of a Security Breach Developing Procedures for Working with Law Enforcement Developing Procedures to Determine Economic Losses Developing Procedures to Ease IT Types of Systems and Networks of Small Computer Systems of Large Computer Systems Network Establishing a Computer Incident Response Team Module 11 Pandemics What is Pandemic Influenza? Pandemics Quick Facts Why use BCP/DRP for Pandemic Influenza? Planning Approach Critical Services Additional Impacts of Pandemic Areas to Plan for Pandemics Planning Issues per Stage Stage 4 Communications HR Policies Stage 3 HR Travel Policies Stage 3 Government Relations Stage 3 Physical Resources Stage 3 & 4 Physical Resources Stage 4 Physical Resources Pandemics Work from Home