EC-Council Disaster Recovery Professional Outline (312-76), Security Systems Resource International

Course Description
This course teaches you the methods in identifying vulnerabilities and takes appropriate countermeasures to prevent and mitigate failure risks for an organization. It also provides the networking professional with a foundation in disaster recovery principles, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies, and procedures, and understanding of the roles and relationships of various members of an organization, implementation of the plan, and recovering from a disaster. This course takes an enterprise-wide approach to developing a disaster recovery plan. Students will learn how to create a secure network by putting policies and procedures in place, and how to restore a network in the event of a disaster.

Who Should Attend
Network server administrators, firewall administrators, systems administrators, application developers, and IT security officers.

Duration:
5 days (9:00 - 5:00)

Certification
The EC-Council Disaster Recovery Professional certification exam 312-76 will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the EDRP certification.

Course Outline v2

Module 01: Introduction to Disaster Recovery and Business Continuity

DisasterRecovery & Business Continuity: Terminologies
DisasterTypes
Consequencesof Disaster
DisasterRecovery & Business Continuity
Principlesof Disaster Recovery and Business Continuity
DisasterRecovery & Business Continuity: Issues Addressed
Activitiesof Disaster Recovery & Business Continuity
DisasterRecovery and Business Continuity Program
DisasterRecovery & Business Continuity Solutions
BestPractices in Disaster Recovery & Business Continuity Program
InternationalStrategy for Disaster Reduction (ISDR)
InternationalDay for Disaster Reduction

Module 02: Nature and Causes of Disasters

Natureof Disasters
Categorizationof Disasters
NaturalDisasters
Earthquakes
ProtectingYourself During Earthquake
Earthquakes:Volcanoes
Protectionfrom Volcanoes
ForecastingVolcanoes
EstimatingEarthquakes
Earthquakes:Tsunami
ProtectingYourself During Tsunami
Landslides
Effectsof Landslides
ProtectingYourself from Landslides
Hurricanes
SafetyMeasures During Hurricanes
PredictingHurricanes
Floods
Effectof floods
PreventionMeasures
Wildfires
SafetyMeasures
Drought
Consequencesof Drought
Measuresto Overcome Drought Effects
Man-MadeDisasters
Accidents
PowerOutage
TelecommunicationOutage
Categorizationof Human Intentional Disasters
Arson
CivilDisorder
Terrorism
War
ChemicalBiological Radiological Nuclear (CBRN)

Module 03: Emergency Management

Emergency
EmergencyManagement
Needfor Emergency Management
EmergencyManagement Phases
Mitigation
Preparedness
Response
Recovery
Effectof Disaster on Business Organizations
EmergencyManagement for Business Organizations
FEMA-Federal Emergency Management Agency
FEMAas an Organization
Activitiesof FEMA

Module 04: Laws and Acts

ApplicableActs in DR
Lawsand Acts in UnitedStates of America
Industries:Sarbanes-Oxley Act
ForeignCorrupt Practices Act (FCPA)
Healthcare:HIPAA Regulations
FinancialInstitutions: Gramm-Leach-Bliley Act
FloodDisaster Protection Act of 1973
RobertT. Stafford Disaster Relief and Emergency Assistance Act
CAN-SPAMAct of 2003
FederalFinancial Institutions Examinations Council (FFIEC)
PersonalInformation Protection and Electronic Documents Act (PIPEDA)
Lawsand Acts of Europe
DataProtection Act 1998
Transmissionof Personal Data: Directive 2002/58/EC
PersonalData: Directive 95/46/EC
Insurance:Financial Groups Directive (FGD)
TheFoundation of Personal Data Security Law: OECD Principles
DutchPersonal Data Protection Act
AustrianFederal Act concerning the Protection of Personal Data
GermanFederal Data Protection Act
Lawsand Acts in Australia
HealthRecords and Information Privacy Act (HRIP)
FinancialTransactions Reporting (FTR) Act 1988

Module 05: Business Continuity Management

BusinessContinuity Management
BusinessContinuity Planning
Objectivesof Business Continuity Planning
EssentialResources in Business Continuity Planning
BusinessContinuity Management Planning Steps
ISO(International Organization for Standardization)
Overviewof BS 7799 / ISO 17799
ISO/IEC17799:2005
ISO/IEC17799:2005: Business Continuity Management
RiskAnalysis
RiskAssessment
BasicElements of Risk Assessment
BusinessImpact Analysis (BIA)
Componentsof Business Impact Analysis
ThreatAnalysis
RiskAnalysis and Business Impact Analysis
CrisisManagement
Stepsin Crisis Management
CrisisManagement Phases
Compliance
Preparedness
Trainingand Resource Development
ContingencyPlanning
Pointsto remember in BCM Plan Testing
BirminghamCity Council's BCM Assessment Template
GreenwichCouncil - Emergency and BCM Plan

Module 06: Disaster Recovery Planning Process

DisasterRecovery Planning Process
ManagementSupport
OrganizingDR Team
Componentsof Disaster Recovery Team
DisasterRecovery Planning Team
Buildinga Planning Team
EstablishingTeam at the Departmental Level
RiskAssessment
RiskAssessment
ConductBusiness Impact Analysis
CriticalBusiness Activities
AnalysisSheet
Example:Analysis Sheet for IT System
Rolesand Responsibilities
Individual:Leader
Individual:Disaster Recovery Coordinator
Individual:IT Administrator
Individual:Network Manager
Individual:Disaster Recovery Manager
Individual:DR Team Member
Team:Administration Team
Team:Technical Team
Team:Damage Evaluation and Salvage Team
Team:Physical Security Team
Team:Communications Team
ResponsibilitiesCommon to all Disaster Recovery Teams
DevelopingCharts of Responsibilities
FacilityDisaster Recovery Chart of Responsibilities
DepartmentDisaster Recovery Chart of Responsibilities
BusinessProcess Disaster Recovery Chart of Responsibilities
DevelopingPolicies and Procedures
Assumptionsfor DR Planning
Needfor Disaster Recovery Planning
DisasterRecovery Plan Development
DisasterRecovery & Management: Budgeting
CentralizedOffice of DR Planning: Budget
Safetyand Health Procedures
Proceduresfor Internal and External Communications
Proceduresfor Containment and Property Protection
Proceduresfor Recovering and Resuming Operations
AssessingInsurance Requirements & Coverage Needs
Needfor Insurance
EvaluatingInsurance Policies
Testingand Training
DRPTesting and Rehearsal Process
DRPTesting: Advantages
DRPTesting: Methods
DRPTesting Steps
DRPTesting Flow Chart
TrainingDR Teams
CommenceTraining Program for Disaster Recovery
Trainingfor Executives
Trainingfor Middle Managers
Trainingfor Supervisors
Trainingfor Disaster Response Teams
Trainingfor Employees
Documentationof DR Procedures
Needfor Documentation of Plans
ImportantDocumentations in Disaster Recovery Process
WritingDisaster Recovery Plan
BestPractices for Documentation
ManagingRecords
DRPMaintenance
MonitoringProcess
MonitoringProcedures
EvaluateLatest Technologies
ConductingRegular Reviews
ConductingTraining Programs for Updated Plan
DRPImplementation
DRPlan Implementation
Internaland External Awareness Campaigns

Module 07: Risk Management

Whatis Risk
Introductionto Risk Management
Functionsof Risk Management
AnalyticProcess of Risk Management
RiskAnalysis
RiskReduction Analysis
ManagementDecision
RiskReduction Planning
Reviewsand Audit
ProjectRisk Management
ITSecurity Risk Management
RiskManagement Standards
FinancialRisk Management
BaselII and Risk Management
PillarI: Minimum Capital Requirement
PillarII: Supervisory Review Process
PillarIII: Market Discipline
QuantitativeRisk Management
BestPractices in Risk Management

Module 08: Facility Protection

FacilityProtection
WaterSupply
ProtectingWater Supply
Fire
Typesof Fire Extinguishers
APW Extinguishers
DryChemical Extinguisher
CarbonDioxide Extinguishers
Pointsto Remember
Usinga Fire Extinguisher
FireSuppression for Companies
Fireexits
PowerSupply
CommonPower Supply Problems
EnsuringSteady Power Supply
Ventilation
Kindsof Ventilation
Measuresfor Proper Ventilation
AirConditioners
Measuresfor Proper Working of Air Conditioners
Buildingand Premises
Checklistfor Securing Facility

Module 09: Data Recovery

Typesof Data Recovery
LogicalData Recovery
PhysicalData Recovery
Disk-to-Disk-toDisaster Recovery (3DR) Concept
Stepsin Data Recovery
RecoveryManagement
RecoveryManagement Evaluation Metrics
RecoveryTime Objective (RTO)
Roleof RTO in Disaster recovery
RecoveryPoint Objective (RPO)
NetworkRecovery Objective (NRO)
RecoveryManagement Model Layers
DataProtection Continuum
Do'sand Don'ts
Lumigent'sLog Explorer
BestPractices in Data Recovery

Module 10: System Recovery

SystemRestore in Windows XP
LinuxSystem Recovery
LinuxSystem Crash Recovery
CrashRecovery Kit for Linux
MacSystem Recovery
RestoringWindows Server 2003
Recoveringfrom Boot problems in Windows Server 2003
Step1: Start computer by using Last Known Good Configuration
Step2: Starting computer in Safe Mode
Step3: Use Event Viewer to Identify the Cause of the Startup Problem
Step4: Use System Information to Identify the Cause of the Startup Problem
Step5: The Safe Mode Boot Log File
Step6: Use Device Manager to Identify the Cause of the Startup Problem
Step7: Use System Configuration Utility
MicrosoftWindows Recovery Console
AutomatedSystem Recovery
Windows2000 Backup and Restore Utility
Methodsfor Restoring Replicated Data
RestoringServer Services
ActiveDirectory Recovery: Non-Authoritative Restore
ActiveDirectory Recovery: Authoritative Restore
VerifyingActive Directory Restoration: Advanced Verification
VerifyingActive Directory Restoration: Basic Verification
ActiveDirectory Recovery on a Computer with a Different Hardware Configuration
SysvolRecovery: Primary Restore
SysvolRecovery: Non-authoritative Restore
SysvolRecovery: Authoritative Restore
Recoveryof Global Catalog Server
Recoveryof an Operations Master
DomainController Recovery: With a Working Domain Controller
DomainController Recovery: Without a Working Domain Controller
DatabaseIntegrity Testing
RightsManagement Services Restoration
RightsManagement Services Database Restoration
Toolsfor Active Directory Disaster Recovery: Recovery Manager
RestoringIIS Configurations: iisback.vbs
RestoringMicrosoft IIS Metabase Backup
WANSyncIIS
WANSyncIIS: Working
RestoringExchange Server 2003
DataRecovery Scenarios
ExchangeData Recovery Preparation
SingleMailbox Recovery
SingleItem Recovery using Deleted Items Retention
SingleItem Recovery using Third-party Brick Backup Programs
Full-ServerRecovery: Preparation
Full-ServerRecovery: Option 1
Full-ServerRecovery: Option 2
Full-ServerRecovery: Option 3
Full-ServerRecovery: Option 4
ExchangeServer Backup/Recovery Solution: SonaSafe
RecoveringBlackberry EnterpriseServer
IBMWebSphere Application Server Recovery
RecoveringColdfusion Application Server: CFMAIL Bug
RecoveringColdfusion Application Server: Variable Deadlocks
RecoveringColdfusion Application Server: ODBC Errors
RecoveringColdfusion Application Server:500 IIS Internal Server Error
RecoveringColdfusion Application Server: System Registry Access Problem
Recoveringfrom Domino Server Crashes
Tool:SteelEye LifeKeeper
RestoringMySQL Server
RestoringMS SQL Server: Option 1
RestoringMS SQL Server: Option 2
RestoringMS SQL Server: Option 3
RestoringMS SQL Server: Option 4
RestoringMS SQL Server: Option 5
RestoringMS SQL Server: Option 6
RestoringMS SQL Server: Option 7
RestoringMS SQL Server: Option 8
RestoringMy SQL Server
RecoveringCisco IOS

Module 11: Backup and Recovery

Backup
Needfor Backup
Typesof Backup:
FullBackup
IncrementalBackup
DifferentialBackup
HotBackup
HotBackup Sample Code
ColdBackup
ColdBackup Sample Code
BackupSites
HotSite/ Cold Site
RedundantArray of Inexpensive Disks (RAID)
RAID:Some Important Levels
WideArea File Services (WAFS)
Backupfor UNIX
BareMetal Recovery for LINUX
BuckyBackup for Mac OS X
SystemBackup Administrator
NanoCopyTechnology
Backup4all
Backup4allFeatures
ABCBackup Software
GenieBackup Manager
NTIBackupNow
HighAvailability Disaster Recovery (HADR)
BestPractices in Backup & Recovery

Module 12: Centralized and Decentralized System Recovery

DistributedComputing
Objectivesof Distributed Computing
Architecturefor Distributed Computing
Workingof Distributed Computing
CentralizedBackup
CentralizedBackup Using SAN or NAS Server
DataConsolidation
Cross-PlatformData Consolidation
Mainframeas Centralized Storage Source
Tiersof Disaster Recovery
GDPS/PPRC
GDPS/PPRCConfiguration
GDPS/PPRCSingle-site Workload Configuration
GDPS/PPRCMulti-site Workload Configuration
BestPractices in Centralized and Decentralized System Recovery

Module 13: Windows Data Recovery Tools

DigitalPhoto Recovery
Active@UNERASER
TestDisk
PhotoRec
BadCopyPro
DirectorySnoop
DataAdvisor
FastFile Undelete
FileScavenger
GetDataBack
KernelRecovery for FAT+NTFS
R-Mail
R-Studio
Recover4all
RecoverIt All
RecoverMy Files Data Recovery
QuickRecovery for Windows
Restorer2000
FileRecovery
EasyRecoveryDataRecovery
EasyRecoveryProfessional
RecoverSoftMedia Tools Professional
RecoverSoftData Rescue PC
ADRCData Recovery Software Tool
SalvageRecoveryfor Windows
DiskDoctors Email Recovery
WinternalsRecovery Manager

Module 14: Linux, Mac and Novell Netware Data Recovery Tools

KernelRecovery for Linux
KernelRecovery for ReiserFS
KernelRecovery for JFS
KernelRecovery for Macintosh
KernelRecovery for Novell-Netware
StellarPhoenixLinux
R-Linux
QuickRecovery for Linux
QuickRecovery for Macintosh
SalvageRecoveryfor Linux
SalvageRecoveryfor Mac
SalvageRecoveryfor Netware
DiskDoctors Linux Data Recovery Software
DiskInternalsLinux Reader

Module 15: Incident Response

Incident
Categoryof Incidents
LowLevel
MidLevel
HighLevel
Howto Identify an Incident?
Howto Prevent an Incident?
Relationshipbetween Incident Response, Incident Handling, and Incident Management
IncidentManagement Plan
IncidentHandling
InformationSecurity Life Cycle
IncidentResponse
IncidentResponse Policy
RiskAnalysis
RiskAnalysis and Incident Response
IncidentResponse Methodology
Preparation
Identification
Containment
Eradication
Recovery
Followup
CERT(Computer Emergency Response Team)
CSIRT(Computer Security Incident Response Team)
GeneralCategories of CSIRTs
Membersof CSIRT Team
Buildingan Effective CSIRT
FIRST(Forum of Incident Response and Security Teams)
RequestTracker for Incident Response
Helix- Incident Response & Computer Forensics Live CD
IncidentResponse Tools Present in Helix CD
THEFARMER'S BOOT CD
Resources

Module 16: Role of Public Services in Disaster

PublicServices
Stateand Local Governments
PublicUtilities and Departments
Hospitals
BloodBanks
MedicalLaboratories
FoodBanks
FireFighting Service
Waste/Debris Management
Police
ArmedForces
PublicTransportation
WaterSupply System
ElectricityDepartment
Information& Public Relations Department
ITService Providers

Module 17: Organizations Providing Services during Disasters

OrganizationsProviding Services during Disasters
ReliefOrganizations
InternationalCommittee of the Red Cross (ICRC)
InternationalFederation of Red Cross and Red Crescent Societies (IFRC)
UnitedNations Children's Fund (UNICEF)
NationalEmergency Response Team (NERT)
CARE
AnandaMarga Universal Relief Team (AMURT)
ActionAgainst Hunger (AAH)
EmergencyNutrition Network (ENN)
DoctorsWithout Borders
HungerPlus, Inc.
InterAction
InternationalRescue Committee (IRC)
MennoniteCentral Committee (MCC)
MercyCorps (MC)
RefugeesInternational
ReliefInternational
Savethe Children
ProjectHOPE

Module 18: Organizations Providing Disaster Recovery Solutions

OrganizationsProviding Disaster Recovery Solutions
Symantec
SystemSizing
SystemSizing: Practices
Disk-basedBackup
ManualSystem Recovery
Disadvantages
AutomatedSystem Recovery
IBM
HumanCapital Resilience
HumanCapital Risks in Crisis Situations
BusinessResilience
Elementsof Business Resilience
Frameworkfor Business Resilience
Causesof E-Mail Outages
E-MailContinuity
DELL
OracleData Guard Utility
RMANUtility for Database Backup
NAS(Network Attached Storage)
SunMicrosystems
IntegratedSolutions of Sun and Vignette
SunCluster Geographic Edition
InfosysBusiness Continuity Planning Solution
InfosysBCP solution
SybaseBusiness Continuity Planning Solution
SybaseModel
HPBusiness Continuity and Availability solutions
HP3-tiered Service Levels Balance Investment with Risk
PricewaterhouseCoopersFast Track BCP
AT&T'sBusiness Continuity and Disaster Recovery

Module 19: Case Studies

BusinessContinuity for Critical Applications
JonesWalker:Weathering the Storm
Let'sbe prepared: An educational project about disasters in Cuba
Fromrehabilitation to safety: Gujarat school safety initiative, India
Disaster-resistantschools: A tool for universal primary education
DisasterRecovery Situation Assessment
DisasterRecovery Planning
BusinessContinuity Planning and Business Impact Analysis
Localrisk management in earthquake zones of Kazakhstan
DisasterRecovery Case Study: Max Re
DisasterRecovery Case Study: GSD&M
StorageAssessment Services
Backupand Recovery Plan and Design
StorageInfrastructure Design and Implementation
ContinuousData Protection and Disaster Recovery
DisasterRecovery Testing
DisasterRecovery Strategy Assessment and Validation
CaseStudy: Improving Disaster Recovery Without Breaking the Bank