Hello
Can you help me to solve this assignments please
Disaster recovery Part A: Planning Open the provided document ITSAP.40.004 entitled “Developing Your IT Recovery Plan” and respond to the questions below justifying your opinion, supporting them with other sources if necessary. 1. A company is increasing their cloud storage capacity so that the can more backup data by increasing the backups retention. What parameter related to Disaster Recovery are the adjusting? 2. This same company, located in Canada, opened an office in Munich, where a smaller datacenter contains data copied every Saturday night. What kind of site is Munich’s datacenter? 3. After setting all systems and networks in the new site to support an eventual disaster, the company decided to test it while keeping the services running in the main site. What kind of test is it? 4. One of the most widely used mirroring solutions is RAID. What is the main difference between RAID-5 and RAID-6? 5. What function is used for the parity disk(s)? 6. Calculate the parity if the first nibble of two disks was, respectively, 0110 and 0011. Part B: Backups Open the provided document ITSAP.40.002 entitled “TIPS FOR BACKING UP YOUR INFORMATION” and respond to the questions below justifying your opinion, supporting them with other sources if necessary. 1. What is the difference between incremental and differential backups? Which one would be best for daily backups if full backups are scheduled every 1st day of the month and there is plenty of storage space for the backups? Why? 2. If you chose to store the backups on a shared folder over the network, what considerations should be taken regarding the network bandwidth and the privacy of communications? How an independent network for backups would help? 3. What is the rule 3-2-1 regarding backups? What benefit does it bring? 4. Check the article below on how to perform full backups in Windows 11. Do you think that strategy would help recover from a ransomware attack? Why or why not? https://www.lifewire.com/create-full-backup-with-windows-11-5216922 5. Would it be useful to recover from a fire in the office if the backup was performed exactly as indicated in the article? Why or why not? RAID configuration Use Ubuntu VM (strong recommendation), you will configure RAID 5 in Linux with command- line tool mdadm. Before proceeding, create a snapshot of the VM, so you can restore it after finishing the assignment and go back in time. Reference tutorial: https://yourtoolbox.blogspot.com/search/label/mdadm Capture a screenshot for every step and respond to questions on your own words. 1. How many disks are necessary, at least, to configure RAID 5? Create them in Virtual Box, size 5 GB each and named data1, data2 and data3. 2. Once you log in, you would need to execute most commands as root, so “sudo su” is advised. Create a primary partition in each disk and show them all with “fdisk -l /dev/sd[bcd]”. 3. Install the package mdadm. Then, create a RAID 5 array on the target device file /dev/md/data that uses the first (and only) partition of each disk. Clearly show the command you used and the output. Then, right after, execute “cat /proc/mdstat”. 4. What are two signs in the previous cat command that the array is working properly? 5. Create a ext4 filesystem for the array and mount it in /mnt/data (the mount point must be created first). 6. If we sum up the 3 disks, the total space would be 15 GB. However, the actual size is far less and the space available is even less, as shown by “df -h /mnt/data”. Explain why in both cases. 7. Create a big file with the command “dd if=/dev/random of=/mnt/data/big bs=1M count=1024”. 8. Shutdown and add another SATA disk named data1new in VirtualBox’s settings. We are going to simulate a faulty disk that will be substituted with another one of the same characteristics. Then power on again. First, note that the array was not mounted automatically. Add the corresponding line to the /etc/fstab and, then, mount it with “mount /dev/md127”. Show the line you added and the mount without errors. https://yourtoolbox.blogspot.com/search/label/mdadm 9. Now, execute “mdadm --manage /dev/md127 --fail /dev/sdb1” and check the status of the array with “mdadm --details /dev/md127”. 10. As you can see, there is a faulty disk, so the array is inactive. Nonetheless, it can still be used. The array will not tolerate anymore failures, though. Create another file of some MB named as your first name. 11. The new disk must be partitioned. Then, to add it as spare, execute a similar command to the one used to removed disks. What command did you use? 12. Finally, show the array is being synchronized. Use the cat command. 13. Show the array details. 14. How do you remove the faulty disk? After finishing, you might want to restore the snapshot and remove any disks on your local filesystem from VirtualBox’s Virtual Media Manager. Developing Your IT Recovery Plan (ITSAP.40.004) UNCLASSIFIED Developing Your IT Recovery Plan Unplanned outages, cyber attacks, and natural disasters can happen. If unprepared for these events, your organization may lose information or experience downtime, disrupting or halting critical business functions. Regardless of the cause, unplanned down time is expensive and could have a lasting impact on your business. To ensure continued operations with minimal down time, your organization should have an IT recovery plan as part of its overall business continuity approach. In this plan, your organization should identify critical data, applications, and processes and define how it will recover IT services that support business operations, products, and services. Your recovery response should take many variables into consideration and should clearly identify and document what is to be recovered, by whom, when, and where in a detailed recovery plan. In general, there are two types of plans you should consider developing for your business—disaster recovery and incident response. These two plans take into consideration two major events that could cause an unplanned outage and require you to activate your recovery response. 1. Disaster Recovery Plan: The primary goal is to ensure business continuity during an unplanned outage or service disruption. 2. Incident Response Plan: The primary goal is to protect sensitive information during a security breach. IDENTIFY YOUR CRITICAL BUSINESS FUNCTIONS, APPLICATIONS, AND DATA To create an effective plan, you should identify your organization’s critical data, applications, and functions. Critical information may include financial records, proprietary assets, and personal data. Critical applications are the systems running your key business functions and are imperative to your business. These are the systems you need to have restored immediately in the event of an unplanned outage, in order to have business continuity. To identify critical business functions, applications, and data, you should conduct a risk assessment to help you identify threats and vulnerabilities. Run through specific scenarios (e.g. cyber attack, significant power outage, or natural disaster) to help you identify key participants and stakeholders, address the significant risks, develop mitigation strategies, and identify the recovery time and effort. You can conduct a business impact analysis (BIA) to predict how disruptions or incidents will harm your operations, business processes and systems, and finances. During your BIA, you should also assess the data you collect and the applications you use to determine their criticality and choose priorities for immediate recovery. JANUARY 2021| ITSAP.40.004 © Government of Canada | This document is the property of the Government of Canada. It shall not be altered, altered, distributed beyond its intended audience, produced, reproduced or published, in whole or in any substantial part thereof, without the express permission of CSE. KNOW YOUR BUSINESS DISRUPTION TOLERANCE For an effective recovery plan, you should tailor it to address the impact to your organization if an incident or a disaster occurs and the level of disruption that your organization is willing to accept. There are three key measures to consider in your plan: maximum tolerable downtime, recovery point objective, and recovery time objective. Maximum tolerable downtime (MTD) The total length of time that a process can be unavailable without causing significant harm to your business. Recovery point objective (RPO) The measurement of data loss that is tolerable to your organization. Recovery time objective (RTO) The planned time and level of service needed to meet the system owner's minimum expectations CREATE YOUR RECOVERY PLAN 1. Identify stakeholders including clients, vendors, business owners, systems owners, and managers. 2. Identify your response team members, as well as their roles and responsibilities. 3. Take inventory of all your hardware and software assets. 4. Identify and prioritize critical business functions, applications, and data. 5. Set clear recovery objectives. 6. Define backup and recovery strategies. 7. Test your plan. 8. Develop a communications plan to inform key stakeholders. 9. Develop a training program for employees to ensure everyone is aware of their roles, responsibilities, and order of operations during an unplanned outage. 10. Optionally, engage with your Managed Service Providers (MSPs) to identify areas in which they can assist you with your recovery efforts. UNCLASSIFIED © Government of Canada | This document is the property of the Government of Canada. It shall not be altered, altered, distributed beyond its intended audience, produced, reproduced or published, in whole or in any substantial part thereof, without the express permission of CSE. Testing is critical. You can identify inconsistencies and address areas that need revision. Be sure to use a test environment to avoid business interruptions. Some example test strategies include: Checklist: Read through and explain the steps of the recovery plan. Walkthrough: Walk through steps without enacting them. Simulation: Use a simulated incident or disaster to familiarize the recovery team with their roles and responsibilities. Parallel test: Set up and test recovery systems to see if they can perform operations to support key processes. You keep your main systems in full production mode. Cutover test: Your recovery systems are set up to assume all your business operations, and you disconnect primary systems. This type of test causes business interruptions, requiring additional pre-planning. CHOOSE YOUR RECOVERY STRATEGY LEARN MORE Visit the Cyber Centre website (cyber.gc.ca) to learn more about cyber security topics and find our entire collection of publications, including: ITSAP.40.002 Tips for Backing Up Your Information ITSAP.00.005 Have You Been Hacked? ITSAP.30.032 Best Practices for Passphrases and Passwords ITSAP.10.116 Cyber Security Tips for Remote Work ITSAP.00.70 Supply Chain Security for Small and Medium- Sized Organizations ITSE.50.060 Benefits and Risks of Adopting Cloud-Based Services in Your Organization ITSAP.00.099 Ransomware: How to Prevent and Recover ITSM.50.030 Cyber Security Considerations for Consumers of Managed Services CLOUD VS. ON-PREMISES RECOVERY With a cloud-based recovery platform, you can connect easily, from anywhere, with a variety of devices. You can back up your data frequently, and it can be less expensive than purchasing and maintaining an on-premise platform because you pay for the space you need as you need it. Using the cloud can also reduce or eliminate your need to have a separate offsite recovery site DISK MIRRORING Disk mirroring replicates data on two or more disk hard drives. Disk mirroring automatically switches your critical data to a standby server or network when your main system experiences unplanned downtime. If you’re unable to restore your systems, you can use the mirror copy. It is important the mirrored copy is backed up to a separate server or location that is unaffected by the outage. There are several options to consider when implementing your recovery strategy, but you should choose a recovery strategy that meets your business needs and security requirements. TEST YOUR PLAN HOT, WARM, OR COLD SITE Hot: Back-up site with the same servers and equipment as your primary site. Functions the same as your primary site and is always kept running in case of downtime. Data synchronization occurs within minutes to hours, reducing the risk of data loss. Warm: Back-up site with network connectivity and some equipment installed. Set up required to get the site to function at the full capacity of your primary site. Data synchronization occurs less frequently, which can result in some data loss. Cold: Back-up site with little to no equipment. Requires more time and resources to set up and restore business operations. Data synchronization can be a difficult and lengthy process as servers need to be migrated from your primary site, resulting in a higher risk of data loss. STORAGE REPLICATION Storage replication copies your data in real time