S

AU
hy
ak
R

Rakhy Praveen
 Learning Objectives
By the end of this chapter, you will be able to:
 know and understand the different types of network, their characteristics and uses, and
their advantages and disadvantages
 know and understand the role and operation of different components in a network

S
 know and understand the different types of network server, their role and operations in a
network

AU
 know and understand the characteristics, uses and advantages and disadvantages of cloud
computing for a given scenario
 know and understand about data transmission across networks; speed of transmission;

hy
bandwidth and bit rate; and data streaming
 know and understand different methods of routing data over a network, including packet

ak
switching, circuit switching and message switching, and the purpose and use of network
 addressing systems
R
 know and understand the definition of a network protocol and the purpose and use of
protocols in the preparation, addressing, sending and receiving of data across a network,
including the internet
 know and understand about the management of network traffic; static and dynamic
routing; the function of routing protocols; and the use of layers in protocols
Rakhy Praveen
 Learning Objectives
By the end of this chapter, you will be able to:
 know and understand about data transmission methods; the properties, features and
characteristic of different transmission methods; typical applications of each transmission
method; and the advantage and disadvantages of each method

S
 know and understand the methods, uses and operation, and advantages and disadvantages
of different methods of wireless data transmission technology

AU
 know and understand about mobile communication systems, including cellular networks
and how satellite communication systems are used for transferring data
 know and understand a range of network security threats to stored data and files, the

hy
impact of network security threats on individuals and organisations, and a range of
prevention methods of network security issues, including the advantages and

ak
disadvantages of each method
 know and understand how threats and risks are identified in disaster recovery
R
management, how to control threats and about the strategies to minimise risks.

Rakhy Praveen
 S
AU
Disaster Recovery Management

hy
ak
R

Rakhy Praveen
 Disaster Recovery Management
 Sometimes disasters occur, such as a power
cut, flood, fire, theft of data, malware,
corruption of data, loss of network admin

S
password or loss of the network manager.

AU
When this happens it is necessary to
recover from the disaster.

hy
 A disaster recovery plan (DRP) is needed for
such events so that recovery can be

ak
completed as quickly and effectively as
R
possible, minimising disruption to the
organisation

Rakhy Praveen
 S
AU
hy
ak
R

Rakhy Praveen
Risk assessment
 Risk assessment involves identifying the potential risks to an
organisation, analysing the potential impact to the
organisation and the likelihood of each risk occurring. This is

S
often carried out alongside a systematic process known as

AU
business impact analysis (BIA), which quantifies the impact of
a disaster in terms of financial and non-financial costs.
 A risk assessment will identify a number of potential hazards

hy
including:

ak
 Fire | flood | malware | power cut
 theft of data |corruption of data
R
 loss of key personnel |unauthorised access to data
 denial of access to premises

Rakhy Praveen
Risk assessment
 Some of these risks involve people who could deliberately cause problems. These
people are known as perpetrators. Each risk will then be quantified in terms of its
likelihood on a scale from 0.0 to 1.0, where 0.0 represents it never happening to 1.0

S
which represents it as being almost inevitable.

AU
 Within an organisation, there will be a number of business activities that are carried
out. Each business activity will need to be identified.
 The impact of that business activity not being able to take place then needs to be

hy
analysed. The impact for each activity not being able to take place will be measured

ak
on a scale from 0.0 to 1.0 where 0.0 means that there is no impact to 1.0 meaning
that the impact is absolutely critical to the aims of the organisation.
R
 Impacts could include:
 loss of revenue | damage to organisation’s image
 penalty fees | cost of recovery | effect on other business activities.

Rakhy Praveen
Risk assessment
 Analysis of the impacts should also cover how the impact changes over different time
periods, for example in the first hour, 24 hours, 48 hours, week etc.
 The overall risk to an organisation of each potential disaster/risk can now be

S
quantified by multiplying the likelihood by the impact:

AU
Risk = Likelihood x Impact
 This will now show which risks are the most important to guard against and ensure
that recovery plans are robust. This can be done for each risk, for each business

hy
activity or for a combination of each.

ak
Task
R
Search the web for risk analysis templates and investigate the sorts of risks
to which organisations are susceptible.
Rakhy Praveen
Securing the risk
 Once the risks have been identified and prioritised, measures need to be put into
place to protect against those risks.
 Most of these measures have been discussed, including access rights and passwords,

S
biometric methods, firewalls, backups, encryption, malware security and physical

AU
security methods.
 One of the risks that hasn’t been discussed previously is the potential to lose key
personnel. If a person leaves, is suddenly ill, dies or has to be dismissed, then the

hy
organisation loses all of that person’s knowledge which has not been documented. It

ak
is therefore important to guard against personnel loss by requiring key personnel to
document procedures that they follow.
R
 It’s also wise to have at least two people who know the main system administration
password or to have a copy of it written down in a sealed envelope in a safe that has
limited access.

Rakhy Praveen
Recovery management
 Procedures need to be put into place to plan for recovery after a disaster has occurred.
This can
include planning for:

S
 restoration of backups

AU
 replacement of hardware
 reinstallation of software
 emergency replacement of

hy
key personnel

ak
 emergency office accommodation.
 When planning for these situations, any resources in terms of personnel, technology,
R
data, supplies and premises
 that are required to recover from the disaster must be identified and planned for. The
recovery point objective (RPO) must also be identified. The RPO is the point in time
prior to the disruption to which data must be recovered.
Rakhy Praveen
Recovery management
 It is important to plan how long each recovery process will take. There will be some parts
of recovery where the time is fixed, but other parts where if more resources are allocated
then the recovery can be quicker. When planning for the recovery time, two key

S
measurements should be considered:

AU
 maximum tolerable downtime (MTD): this is the maximum time that each business
activity could tolerate not having access to their essential system functionality
 recovery time objective (RTO): this is the estimated maximum amount of time that the

hy
organisation or

ak
business activity has in which to recover
its systems and resume operations.
R
 Priorities will be identified based on the MTD for each
business activity, therefore ensuring that activities with
the lowest MTD are functioning again the soonest.

Rakhy Praveen
Recovery testing
 Plans are important, and a plan is better than no plan, but plans don’t always work. It is
therefore important to test disaster recovery plans. This is particularly applicable to
restoring data and systems.

S
 Backed up data should be tested daily to ensure that the backup process has succeeded

AU
and that the backup data is accessible.
 Full system restorations should be tested periodically by attempting to restore whole
server backups onto a clean server and testing their success.

hy
ak
Task Questions
Back up your personal data from
R • Identify three risks that should be
your school network. considered during disaster recovery
Now recover it to your home planning.
computer and test whether you • Explain why it is important to test
are able to open the files. recovery procedures.
Rakhy Praveen
Past Paper Qs

A bank has strategies in place to safeguard its information

technology (IT) services. You have been asked to check
and update the strategies that are designed to try and

S
prevent IT disasters from happening, the strategy for

AU
disaster recovery management and the strict password
policy.
(a) Describe how you would use risk analysis to check the

hy
strategy for disaster recovery
management. [4]

ak
(b) Explain the precautions that you would take to try and
R
prevent a disaster happening to the data used by the IT
services. [6]

Rakhy Praveen
Four from: Six from:

Qualitative risk analysis to prioritise risks for analysis Backups made and sent off-site at regular intervals
Quantitative risk analysis Backups made on-site and automatically copied to off-site disk

...of likelihood of occurrence/probabilities Backups made directly to off-site/remote/’cloud’ servers

...of consequences of occurrence Local mirrors of systems and/or data and use of disk
protection technology such as RAID

S
To identify effect/cost of risks caused by e.g.
Surge protectors to minimize the effect of power surges on

AU
...loss of access to premises
computer systems
...loss of data
Using uninterruptible power supply (UPS) and/or backup
...loss of it function generator to protect against a power failure

hy
...loss of skills Use of fire prevention/mitigation systems such as alarms and

ak
Produce a computer simulation of the disaster fire extinguishers

Produce a report of the risks. Use of anti-virus software to protect data against
R corruption/loss/deletion
Use of firewalls to prevent unauthorised/control access
Use of physical security measures to control access by
personnel
Important passwords/codes should be held by more Rakhy
thanPraveen
one
person/in secure conditions, but accessible in an emergency.
Explain how perpetrator analysis could be used when planning for disaster recovery. [6]

Six from:
Perpetrators are the attackers and include e.g. script kiddies, crackers,
hackers, terrorists, business competitors, (foreign) governments who carry

S
out the crimes / intrusions

AU
Each type of perpetrator has different skills / aims that can be identified by
an analysis
.. the higher the skill, the higher the risk of crime being perpetrated
Analysis of their actions is carried out by the company / victim agents /

hy
representatives who design / implement the plan for disaster recovery
Allocation of resources to disaster recovery from cyber threats depends on

ak
likelihood of perpetrators succeeding / wishing to / probability of attack on
the company R
Analysis will define / determine the type of resource allocated e.g. firewalls /
antivirus / antispyware software
Intrusion detection systems can be deployed to combat the type of
perpetrator identified by the analysis
Resources can be targeted at the type of intruder / risk identified by the
analysis of who / what is likely to be of concern. Rakhy Praveen