The first section of the chapter talks about business
continuity and what precautions are available to help businesses recover as
quick as possible from security disasters. It begins with defining Business Continuity which is ‘the ability of an organization to maintain its
operations and services in the face of a disruptive event.’ To help avert a
potential outage a comprehensive approach is discussed beginning with Redundancy Planning which covers Servers, Storage, Networks, and Power all key components in maintaining
a viable system. Another important aspect is the Site. In the event of a major disaster and the facility is not
functional alternative measures must be taken. There are three classifications
of sites a Hot site, Cold site, and Warm site. The differences in the three sites are functionality
with the hot site being as close to normal, only set up off premise and typical
up and running in an hour. The cold site is simply an available space needing
all components to be operational and the warm site somewhere in the middle. The
text then moves into the Disaster Recovery Procedures and the planning process.
In today's fast pace
world businesses need to be aware of unauthorized attacks and respond to these
incidents. This leads us into the field of computer forensics. Digital evidence
can be retrieved from computers which can help the forensic examiner solve
these crimes. The chapter goes on to talk about responding to a computer
forensics incident and elaborates on the following topics:
- Securing the Crime Scene
- Preserve the Evidence
- Establish the Chain of Custody
- Examine the Evidence
