part 1
Review the following video on. https://youtu.be/U–CXHmBDXQ?list=PLljFlTO9rB155aYBjHw2InKkSMLuhWpxHReview the information on their website:
SecurityOnion.com
. What is Security Onion? What type of services does it offer? Write up a summary of what you have learned.
part 2
Amazon
complete the Disaster Recovery Call Tree and Recovery Facilities section of the disaster recovery plan.
Disaster Recovery Call Tree
In a disaster recovery or business continuity emergency, time is of the essence so will make use of a Call Tree to ensure that appropriate individuals are contacted in a timely
manner.
•
•
•
•
•
The Disaster Recovery Team Lead calls all Level 1 Members (Blue cells)
Level 1 members call all Level 2 team members over whom they are responsible (Green cells)
Level 1 members call all Level 3 team members over whom they are directly responsible (Beige
cells)
Level 2 Members call all Level 3 team members over whom they are responsible (Beige cells)
In the event a team member is unavailable, the initial caller assumes responsibility for
subsequent calls (i.e. if a Level 2 team member is inaccessible, the Level 1 team member directly
contacts Level 3 team members).
Add as many levels as you need for your organization.
Contact
Office
Mobile
Home
111-222-3333
111-222-3333
111-222-3333
DR Lead
John Smith
DR Management Team Lead
DR Management Team 1
DR Management Team 2
Facilities Team Lead
Facilities Team 1
Network Team Lead
LAN Team Lead
LAN Team 1
WAN Team Lead
WAN Team 1
Server Team Lead
Server Type 1 Team Lead
Server Type 1 Team 1
Server Type 2 Team Lead
Server Type 2 Team 1
Applications Team Lead
App 1 Team Lead
App1 Team 1
App 2 Team Lead
App 2 Team 1
Management Team Lead
Management Team 1
Communications Team Lead
Communications Team 1
Finance Team Lead
Finance Team 1
A Disaster Recovery Call Tree Process Flow diagram can help clarify the call process in the event of an
emergency. This sample may be used as-is or replaced with a custom flow process.
Initiation
Disaster Recovery Call Tree Process Flow
DR Lead Initiates
Call Tree,
Contacts Team
Leads
Team Lead
Available?
No
DR Lead Contacts
Sub Team Leads
Team
Member
Sub Team
Lead
Team
Lead
Yes
Team Lead
Contacts Sub
Team Lead
Sub
Team Lead
Available?
No
DR Lead or Team
Lead Contacts
Team Members
Yes
Sub Team Lead
Contacts Team
Members
Team Members
respond to DR
call-out
Recovery Facilities
In order to ensure that is able to withstand a significant outage caused by a
disaster, it has provisioned separate dedicated standby facilities. This section of the document describes
those facilities and includes operational information should those facilities have to be used.
This section will vary depending on the type of standby facility that your organization uses. Please
append this section according to the measures and facilities that your organization has in place. Some
organizations may not have a standby facility at their disposal; in this situation, skip this section.
This section is currently populated by an example of a company with a dedicated standby facility.
Description of Recovery Facilities
The Disaster Command and Control Center or Standby facility will be used after the Disaster Recovery
Lead has declared that a disaster has occurred. This location is a separate location to the primary facility.
The current facility, located at is miles away from the primary facility.
The standby facility will be used by the IT department and the Disaster Recovery teams; it will function as
a central location where all decisions during the disaster will be made. It will also function as a
communications hub for .
The standby facility must always have the following resources available:
•
•
•
•
•
•
•
•
•
•
Edit this list to reflect your organization
Copies of this DRP document
Fully redundant server room
Sufficient servers and storage infrastructure to support enterprise business operations
Office space for DR teams and IT to use in the event of a disaster
External data and voice connectivity
Sleeping quarters for employees that may need to work multiple shifts
Kitchen facilities (including food, kitchen supplies and appliances)
Bathroom facilities (Including toilets, showers, sinks and appropriate supplies)
Parking spaces for employee vehicles
Map of Standby Facility Location
Provide a map of the area where the standby facility is located. Use sufficient scale that people can easily
determine both where the facility is (not too small a scale) and how to get there (not too large a scale).
Example (From Google Maps):
Directions to Recovery Facility
Provide multiple ways of getting to the facility in the event that one of the roads is unavailable.
Standby Facility Maintenance
Maintenance Company
Address
Phone Number
Transportation to the Standby Facility
In the event of a disaster, only the Disaster Recovery Teams and select members of the IT department
will work out of the standby facility. Since the standby facility is located miles away from the primary facility, employees will need to be
provided with transportation to the facility if they do not own vehicles or are unable to use them and hotel
accommodations if necessary.
Include only those transportation providers that are appropriate given the location of the Standby Facility.
Taxi Providers
Taxi Company 1
Address
Phone Number
Taxi Company 2
Address
Phone Number
Data and Backups
Mandatory
This section explains where all of the organization’s data resides as well as where it is backed up to. Use
this information to locate and restore data in the event of a disaster.
In this section it is important to explain where the organization’s data resides. Discuss the location of all
the organization’s servers, backups and offsite backups and list what information is stored on each of
these.
Data in Order of Criticality
Please list all of the data in your organization in order of their criticality. Add or delete rows as needed to
the table below.
Rank
1
Data
Data Type
Back-up
Frequency
2
3
4
5
6
7
8
9
10