Scribd Logo
Upload

Welcome to Scribd!

  • ISM Assignment 3 Shubham Mallick - 2185044

    Uploaded by

    Shubham
    21 views4 pages

    Original Title

    ISM Assignment 3 Shubham Mallick_2185044

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    21 views4 pages

    ISM Assignment 3 Shubham Mallick - 2185044

    Uploaded by

    Shubham

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    ISM Assignment 3

    Shubham Mallick
    2185044

    1. Provide examples of planned and unplanned downtime in


    the context of data centre operations.
    Ans- Planned downtime is a period where the IT department
    intentionally takes down the network to complete scheduled
    maintenance and upgrades. While the network is not useable at this
    time, planned downtime is essential to ensure that the network functions
    optimally in the long term.

    Unplanned downtime is another story. This is an unexpected network


    outage that can occur at any time due to unforeseen system failures.
    Unplanned downtime can occur as a result of many different failures,
    including hardware and software malfunctions, operator mistakes or
    even cyberattacks. This is the costliest type of downtime, as it can occur
    during business hours.

    2. How does clustering help to minimize RTO?


    Ans- Cluster: A group of servers and other necessary resources, coupled
    to operate as a single system. Clusters can ensure high availability and
    load balancing. Typically, in failover clusters, one server runs an
    application and updates
    the data, and another server is kept redundant to take over completely,
    as required. In more sophisticated clusters, multiple servers may access
    data, and typically one server performs coordination. RTOs and the
    recovery strategies to ensure data availability are:

    3. Explain RTP and RPO with diagrammatic representation.


    Ans - Recovery-Point Objective (RPO): This is the point in time to
    which systems and data must be recovered after an outage. It defines the
    amount of data loss that a business can endure. A large RPO signifies
    high tolerance to information loss in a business. Based on the RPO,
    organizations plan for the minimum frequency with which a backup or
    replica must be made.
    Recovery-Time Objective (RTO): The time within which systems,
    applications, or functions must be recovered after an outage. It defines
    the amount of downtime that a business can endure and survive.
    Businesses can optimize disaster recovery plans after defining the RTO
    for a given data centre or network.

    4. Elaborate Business Continuity (BC) Planning Lifecycle.


    Ans – Business continuity (BC) is an integrated and enterprise-wide
    process that includes all activities. BC entails preparing for, responding
    to, and recovering from a system outage that adversely affects business
    operations. It involves proactive measures, such as business impact
    analysis and risk assessments, data protection, and security, and reactive
    countermeasures, such as disaster recovery and restart, to be invoked in
    the event of a failure.
    Basically, the business continuity management lifecycle has six phases to
    it:

    Step 1: Since BCM is crucial, it should have the top management's nod.
    Therefore, the first step in any business continuity management lifecycle
    is to get the top management's commitment.
    Step 2: The next step in the business continuity management lifecycle is
    to communicate this policy to all key stakeholders including vendors and
    outsourced parties.
    Step 3: Identify a BCM sponsor who has the authority to implement
    business continuity management as per the policy. He can have a team
    and formulate a framework which covers activities identified under the
    BCM software's scope.
    Step 4: The next step to follow in the business continuity management
    lifecycle is to analyse the basic impact to identify critical functions under
    the scope of BCM and carry out a risk assessment of those critical
    functions.
    Step 5: After implementing all the above plans, create an exercise
    program to cover different plans in line with the plans' objectives, review
    the plans, and ascertain their limitations or gaps.
    Step 6: The next step in the business continuity management lifecycle is
    to carry out the plan-do-check-act cycle. This includes managing the
    program through periodic management review, internal audits and self-
    assessments; embedding the BCM culture; carrying out exercises; and
    carrying out preventive and corrective actions to show continual
    improvement

    5. Explain any 3 Back up topologies.


    Ans- Three basic topologies are used in a backup environment: direct
    attached backup, LAN based backup, and SAN based backup.

    i) In a direct-attached backup, a backup device is attached directly to


    the client. Only the metadata is sent to the backup server through the
    LAN. This configuration frees the LAN from backup traffic.

    ii) In LAN-based backup, all servers are connected to the LAN and all
    storage devices are directly attached to the storage node. The data to be
    backed up is transferred from the backup client (source), to the backup
    device (destination) over the LAN, which may affect network
    performance. Streaming across the LAN also affects network
    performance of all systems connected to the same segment as the backup
    server.

    iii) The SAN-based backup is also known as the LAN-free backup. The
    SAN-based backup topology is the most appropriate solution when a
    backup device needs to be shared among the clients. In this case the
    backup device and clients are attached to the SAN.

    6. Discuss the security concerns in backup environment.


    Ans- Security concerns in backup environment are:-
    i) Ignoring Encryption and Making Unencrypted Backups
    There have been a number of high-profile data breaches in recent
    years. These should serve as a warning for your business. The cloud is
    only as secure as you make it. If you do not encrypt your data and control
    access through two-factor authentication, your backups are at risk

    ii) Failing to Test and Monitor Backups


    The cloud takes away a great deal of overhead – but that doesn’t mean
    you can forget about your system completely and expect everything to
    run like clockwork. It is imperative that you monitor your cloud for
    potential problems, and regularly test backups to ensure all is still
    working as intended.

    iii) Not Planning for Disaster Situations and Disaster Recovery


    Cloud backups can be a great service and protect data in a lot of ways.
    But having a cloud backup system doesn’t mean that you can forget
    about potential pitfalls in disaster situations.

    iv) Focusing Only on Your Files


    If you are only backing up files and certain important folders, you are
    missing out on some vital data that helps reduce the damage of a
    compromise.
    Make sure to maintain backups of software, databases, and even logs, in
    addition to your important files. Any data that you are missing from a
    backup can potentially come back to haunt you. There may be a small
    missing ingredient from your backup that leaves an important
    configuration missing and can lead to reworking whole applications.

    You might also like