Reference no: EM132271979
Task 1
Competencies
Scenario
Requirements
COMPETENCIES
427.1.1 Integrated Principles of Disaster Recovery and Enterprise Continuity
The graduate evaluates the background, purpose, and value of a comprehensive disaster recovery plan; integrates principles of disaster recovery and enterprise continuity; and documents the plans in a disaster recovery and enterprise continuity brief.
SCENARIO
A university is applying for the National Security Agency's Center of Academic Excellence. As part of that application, the university must put together a disaster recovery/enterprise continuity plan and show proof of its implementation. To do this, the university first needs to obtain executive support for the plan. The application requires a written justification to the executive team to support the project. You have been hired as a consultant to help them get organized so they can begin putting together this plan.
The university's administrative offices are located in a downtown urban area. The university itself occupies all of the sixth, seventh, and eighth floors of an 11-story building. The university's servers are housed in an offsite location. Approximately 350 employees work on the university's three floors.
All but 50 employees work in 5 feet x 5 feet cubicles. Each cubicle has one laptop, one additional monitor, wired and wireless access, and one voice over IP (VoIP) phone for equipment. The network uses Microsoft Server 2003, an Exchange server, and a SharePoint server for all data. Student records are stored on the offsite servers, and backups of the servers are run three times a day.
Employees can only get into secured office locations with a secure electronic key. Stairwells are locked and are only accessible via a key code punched in at each entrance. Elevators can only access the three university floors by using the same secure electronic key that will get employees into office spaces.
There are some physical risks to the operation. Blizzards could potentially knock out power. Earthquakes could damage the building. High winds could blow out windows and possibly injure people near those windows.
REQUIREMENTS
Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. An originality report is provided when you submit your task that can be used as a guide.
You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.
Create a multimedia presentation (e.g., PowerPoint, Keynote) (suggested length of 15 slides) which presents a disaster recovery plan/enterprise continuity plan (DRP/ECP) by doing the following:
Note: The purpose of the presentation is to justify to administrators in the scenario the need to implement a disaster recovery and enterprise continuity plan for the organization.
Describe the roles of a DRP/ECP team.
Outline the type of training a typical DRP team will need.
Outline the six resilience layers that need to be integrated into the ECP.
Provide one example for each of the six resilience layers related to this enterprise.
Outline how the university should go about choosing outside expertise to assist with the development of a DRP.
Describe what the university will outsource to the outside experts.
Discuss the process of how the university will go about identifying the qualified outside experts and what service agreements you will put in place.
Describe the outside expert's qualifications for what you are outsourcing.
Evaluate one best method for developing a DRP/ECP awareness campaign.
Evaluate one best method for implementing a DRP/ECP awareness campaign.
Develop presenter notes for each slide. Please submit any PowerPoint presenter notes in a seperate file that is in document format (for example, MS Word). Identify which slide each set of notes apply.
When you use sources, include all in-text citations and references in APA format.
Task 2
COMPETENCIES
427.1.5 Responding to Attacks and Special Circumstances
The graduate identifies, evaluates, and applies network response procedures for attacks with special circumstances.
427.1.7 Continued Assessments During a Disaster
The graduate assesses needs, threats, and solutions prior to and during a network disaster.
SCENARIO
An employee hacked into the human resource records system at the employee's place of business and changed the employee's base salary rate to obtain a pay raise. The employee did this by spoofing an IP address in order to eavesdrop on the network. Once the employee identified where the data was stored and how to modify it, the employee made the changes and received two paychecks with the new amount.
Fortunately, an auditor happened to discover the error. The auditor sent an e-mail to several individuals within the organization to let them know there was a potential problem with the employee's paycheck. However, the employee was able to intercept the message and craft fake responses from the individuals the original e-mail was sent to.
The employee and the auditor exchanged e-mails back and forth until the employee was soon given access permissions for some other financial records. With this new information, the employee was able to lower the salaries of the president of the company and several other employees and then to include the salary difference in the employee's own paycheck.
The IT staff determined that the spoofing that occurred that allowed the employee to gain access to the human resources system was caused by a lack of authentication and encryption controls. As such, a local root certificate authority was installed to implement a public key infrastructure (PKI) in which all communication to the human resource system required a certificate. This would encrypt network traffic to and from the human resources system and prevent eavesdropping. It would also properly authenticate the host to prevent spoofing.
REQUIREMENTS
Perform a postevent evaluation of how the organization's IT staff responded to the attack described in the scenario by doing the following:
Describe the series of malicious events that led up to the incident.
Identify who needs to be notified based on the type and severity of the incident.
Outline how the incident could be contained.
Discuss how the factor that caused the incident could be eradicated.
Discuss how the system could be recovered to return to normal business practice.
Explain how the system could be verified as operational.
Perform a follow-up of the postevent evaluation by doing the following:
Identify areas that were not addressed by the IT staff's response to the incident.
Identify the other attacks mentioned in the scenario that were not noticed by the organization.
Describe the type and severity of the attacks not noticed by the organization.
Describe how these additional attacks can be prevented in the future.
Recommend a recovery procedure to restore the computer systems back to a fully operational state.
When you use sources, include all in-text citations and references in APA format.