CYB 320_Module Three Project One Stepping Stone Two_JazmineWade
docx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
320
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
5
Uploaded by BarristerExploration6300
Jazmine Wade
Business Continuity Scenarios
Module 3-3 Project One Stepping Stone Two
CYB 320 Incident and Response
Southern New Hampshire University
03/24/2024
Scenario One:
The sprinkler system in your building has been triggered. You have been told there is no fire. However, you know that the sprinklers are going off in your server room.
In response to the displaced employees, there a several possible short-term solutions that could be implemented to ensure business continuity. We firstly have the option of working from home or remote work which has become more popular since COVID. This would require granting the employees access to essential systems and data from alternative locations. Arrangements could also be made for a temporary office space or workstation in an area that has not been affected for any displaced employees. There should be clear communication established
regarding the expectations of any employees that are impacted. Keeping the employees informed, providing updates, and delivering clear instructions for alternative work options should be practices followed. These measures can help reduce the chance of disruption in workflow and ensure productivity is maintained during an incident. To address the short-term challenges in regards to processes and hardware, there are also several different options available for maintaining business operations. One step to consider would be to regularly backup data and have a procedure in place to restore it quickly in the event
something occurs. protect critical data and systems. This will help ensure that restoration is as seamless as possible. It may also be beneficial for the site to consider using cloud solutions in the
future. This provides an extra layer of protection in case hardware that is on-site becomes damaged. A failover solution that could potentially be used in response to the server room incident, as mentioned before could be utilizing a cloud based solution or possible backup servers stored at another location that can take over with all of the same data from the original server.
In regards to the server room incident, the CIA order of importance would have to be Availability, Confidentiality, and Integrity. Availability is first as the overall goal is to ensure that resources are readily available for business operations. Confidentiality is next because we still want to ensure the protection of sensitive information, but this is not as much as a risk as the resources not being available. Lastly we have Integrity, which would be ensuring accuracy and reliability of resources on the network, this does not pose any risk as a result of the server room incident.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Scenario Two:
Previously: A user reports that their workstation is locked with a picture of a snowman. They have disclosed that right before this happened, they started playing music from a personal USB drive.
In regards to a user being unable to access their workstation due and is seeing a locked screen with a picture of snowman, there are limited short-term solutions that are available to ensure that the employee can continue working. Ideally, a temporary workstation could be used. As long as the temporary workstation is on the network the employee can just use their credentials and 2FA to access the necessary resources.
Short-term solutions for processes and hardware are critical in regards to this scenario. Firstly, running malware removal tools and/or antivirus software is important to ensure the device is cleaned and whatever is causing the snowman image is removed. Next, restoring the device to a clean backup is also vital in ensuring the malware is removed. Lastly, we should determine if the user needs access to the USB por
ts on the device and if not we should disable them. If not then educating the user on acceptable devices to connect to the workstation would be
beneficial.
A failover solution that could be implemented would be through network segmentation. This can prevent the malware from spreading to additional workstations on the network. Using a VPN or Virtual desktop can also help by giving secure access, so infected computers won’t disrupt business operations. Lastly having access to a cloud backup, can prove to be beneficial by offering ease of restoration and access to a clean backup. In regards to this scenario I would rank the CIA triad as the following, Availability, Integrity, and Confidentiality. Availability is first again due to the employee not being able to use their workstation. This is a direct disruption of business operations for that employee.
Integrity is next as the reliability and trustworthiness of the information on the workstation is at risk due to the malware. While confidentiality is ranked last it is still extremely important as there should be authentication policies in place preventing unauthorized access to sensitive data or resources.