Course Description

This course teaches you the methods in identifying vulnerabilities and takes appropriate countermeasures to prevent and mitigate failure risks for an organization. It also provides the networking professional with a foundation in disaster recovery principles, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies, and procedures, and understanding of the roles and relationships of various members of an organization, implementation of the plan, and recovering from a disaster. This course takes an enterprise-wide approach to developing a disaster recovery plan. Students will learn how to create a secure network by putting policies and procedures in place, and how to restore a network in the event of a disaster.


Who Should Attend
Network server administrators, firewall administrators, systems administrators, application developers, and IT security officers.

Duration:
3 days (9:00 – 5:00)

Certification
The e-Business certification exam 212-76 will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the CEA certification. 

Course Outline

Module 1: Introduction to Disaster Recovery

  • Developing Disaster Recovery Philosophy
  • The Basic Principles of Disaster Recovery Planning
  • Establishing Continuity and Recovery Function
  • Understanding the Steps of Disaster Recovery Planning
  • Step 1: Organizing the Disaster Recovery Planning Team
  • Step 2: Assessing Risks in the Enterprise
  • Step 3: Establishing Roles Across Departments and Organizations
  • Step 4: Developing Policies and Procedures
  • Step 5: Documenting Disaster Recovery Procedures
  • Step 6: Preparing to Handle Disasters
  • Step 7: Training, Testing and Rehearsal
  • Step 8: Ongoing Management
  • The Role of IT and Network Management in Disaster Recovery

 Module 2: Developing the Disaster Recovery Plans

  • Developing the Disaster Recovery Plan
  • The Need for Executive Support
  • Establishing Leadership for Disaster Recovery Planning
  • Organizing the Disaster Recovery Planning Team
  • The Role of IT Staff and Network Managers on the Team
  • Creating Interdepartmental Subcommittees
  • Organizing the Team at the Departmental Level
  • How IT Staff and Network Managers Should Work with Department Teams
  • Creating an Inventory of Planning Team Skills
  • Training the Disaster Recovery Planning Teams
  • Selecting Outside Help
  • Setting the Planning Team’s Schedule
  • Starting an Awareness Campaign
  • The Message Upper Management Should Convey to the Outside
  • What Upper Management Should Tell the Board and Investors
  • The Message to Take to the Media and the General Public
  • Budgeting for Disaster Recovery and Management
  • Salaries for Disaster Recovery Planning Staff
  • Budget Structure for a Centralized Office of Disaster Recovery Planning
  • Budget Structure for a Part-Time Disaster Recovery Coordinator
  • Coping with Standards and Regulatory Bodies
  • Assessing Progress and Preparing to Move Ahead

 Module 3: Assessing Risks in the Enterprise

  • Collecting Risk Assessment Data
  • Documenting Business Processes
  • Test 1: Do any legal requirements affect the classification of systems and functions?
  • Test 2: Do contractual requirements affect the classification of systems and functions?
  • Test 3: Do labor requirements affect the classification of systems and functions?
  • Test 4: Do competitive pressures affect the classification of systems and functions?
  • Test 5: Do financial pressures affect the classification of systems and functions?
  • Test 6: Do humanitarian or social expectations affect the classification of systems and functions?
  • Test 7: Do management requirements affect the classification of systems and functions?
  • Creating a Business Process Inventory
  • Identifying Threats and Vulnerabilities
  • Measuring and Quantifying Threats
  • Compiling Risk Assessment Reports
  • Assessing Progress and Preparing to Move Ahead

 Module 4: Prioritizing Systems and Functions for Recovery

  • Determining Critical Business Activities
  • Classifying Systems and Functions for Recovery Priority
  • IT Systems and Support Analysis Sheet
  • Computer Network Systems and Support Analysis Sheet
  • Facilities Management Systems and Support Analysis Sheet
  • Telecommunications Systems and Support Analysis Sheet
  • Human Resources System and Support Analysis Sheet
  • Corporate Security systems and Support Analysis Sheet
  • Shipping and Receiving System and Support Analysis Sheet
  • Developing Charts of Responsibilities
  • Facility Disaster Recovery Chart of Responsibilities
  • Department Disaster Recovery Chart of Responsibilities
  • Business Process Disaster Recovery Chart of Responsibilities
  • Assessing Insurance Requirements and Coverage Needs
  • The Need for Insurance
  • Evaluating the Terms and Conditions of Insurance Policies
  • Evaluating Insurance Coverage

 Module 5: Developing Plans and Procedures

  • Determining What Disaster Recovery Procedures are Needed
  • Developing and Writing Disaster Recovery Procedures
  • Reviewing and Approving Disaster Recovery Procedures
  • Developing Basic Disaster Recovery Plans for Every Facility
  • Primary Disaster Recovery Staff
  • Disaster Classification
  • Directions, Controls, and Administration Procedures
  • Safety and Health Procedures
  • Procedures for Internal and External Communications
  • Procedures for Containment and Property Protection
  • Procedures for Resuming and Recovering Operations
  • Procedures for Restoring Facilities and normalizing Operations
  • Publishing the Disaster Recovery Plans

 Module 6: Organizational Relationships in Disaster Recovery

  • Identifying Organizations to Work with During a Disaster
  • Working with Public Service Providers
  • Developing Procedures for Working with Emergency Services
  • Developing Procedures for Working with Public Utilities and Departments
  • Developing Procedures for Working with Disaster Recovery Services
  • Developing Procedures for Working with Telecommunication Service Providers
  • Developing Procedures for Working with IT Service Providers
  • Developing Procedures for Working with IT Equipment Providers and Software Companies
  • Developing Procedures for Working with Business Partners
  • Developing Procedures for Working with Suppliers and Business Service Providers
  • Developing Procedures for Working with Customers
  • Communicating with the Media
  • Communicating with Stakeholders
  • Stockholder and Investor Relations
  • Communicating with Employees
  • Communicating with Families of Employees
  • Working with the Local Community

 Module 7: Procedures for Responding to Attacks on Computers

  • Computer Crime and Cyberattacks
  • Cyberattack scenarios
  • Economic and Malicious Code Attacks
  • Cyberattacks in Definitions of Terrorism
  • Information Warfare
  • Protection Against Cyberattacks
  • Evolving Privacy Laws
  • How Computer Systems are Attacked?
  • Type of Attacks
  • Developing Procedures in the Wake of Security Breech
  • Developing Procedures for Working with Law Enforcement
  • Developing Procedures to Determine Economic Loses
  • Developing Procedures to Ease IT Recovery
  • Recovery of Small Computer Systems
  • Recovery of Large Computer Systems
  • Network Recovery
  • Establishing Computer Incident Response Team

 Module 8: Developing Procedures for Special Circumstances

  • Evaluating the Need for Special Procedures
  • Developing Procedures for Hazardous Materials
  • Developing Procedures for Art, Antiques and Collectibles
  • Developing Procedures for Historic Documents
  • Developing Procedures for Perishable Foods and Materials
  • Developing Procedures for Controlled Substances
  • Developing Procedures for Trade Secrets
  • Developing Procedures for Animals and Other Life Forms
  • Developing Procedures for Precision Equipment
  • Developing Procedures for Rare Materials

 Module 9: Implementing disaster Recovery Plans

  • Developing an Implementation Plan
  • Assigning Responsibilities for Implementation
  • Establishing an Implementation Schedule
  • Distributing the Disaster Recovery Documentation
  • Assessing the Value and Effectiveness of Mitigation Steps
  • Managing Internal and External Awareness Campaigns
  • Using Existing Channels of Communications
  • Building Awareness Among Employees
  • Building Awareness Among Customers and Business Partners
  • Launching a Training Program for Disaster Recovery
  • Training for Executives
  • Training for Middle Managers
  • Training for Supervisors
  • Training for Disaster Response Teams
  • Training for Employees

 Module 10: Testing and Rehearsal

  • Testing and Rehearsal Process
  • Using a Step-By-Step Testing Process
  • Developing Test Scenarios
  • Evacuation and Safety Exercises
  • Testing for Special Circumstances
  • Testing Shutting and Lockdown Procedures
  • Testing Emergency Service Response Procedures
  • Rehearsing the Abilities of Subunits
  • Severe weather Test Scenarios
  • Measuring Effectiveness and Fine-Tuning Procedures

 Module 11: Continued Assessment of Needs, Threats and Solutions

  • Organizing for Long-Term Disaster Recovery Management
  • Establishing Monitoring Process
  • Monitoring Compliance with Procedures
  • Evaluating New Technologies
  • Accommodating Changes Between Organizations
  • Establishing Regularly Scheduled Reviews
  • Updating Documentation for Disaster Recovery Plans
  • Updating Training Programs

 Module 12: Living Through a Disaster

  • Managing Human Dynamics During a Disaster
  • Dealing with Increasing Complexity During a Disaster
  • Conducting Post-Event Debriefings
  • Conducting Post-Event Evaluations of Response
  • Reviewing and Modifying Plans After a Disaster
  • Understanding the Residual Effects of a Disaster


© 2002 EC-Council. All rights reserved.
This document is for informational purposes only. EC-Council MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. EC-Council logo is registered trademarks or trademarks of EC-Council in the United States and/or other countries.