Back to Course

Incident Response

0% Complete
0/71 Steps
  1. Incident Response
    Incident Reporting
  2. Incident Response Use Cases
    Lab Setup
  3. Role Playing - Shift Manager
  4. Demonstrating: Investigating and Escalating
  5. Report from Malware Analyst
  6. Exercise 1.1: Exploring Suspicious Executable Detected using SIEM
  7. Exercise 1.2: Investigating Multiple Failed Logins using SIEM
  8. Exercise 3: Mitigating Risk
  9. Exercise 4.1: Asking the Right Questions
  10. Scenario 4.1: Asking the Right Questions
  11. Scenario 4.2: Suspicious or Malicious?
  12. Exercise 4.2: Reviewing the Shift Log
  13. Exercise 4.3: Investigating an Unauthorized Login Attempt
  14. Exercise 4.4: Investigating Firewall Traffic
  15. Exercise 4.5: Reviewing the Security Operations Mailbox
  16. Exercise 5.1: Reviewing New Intelligence
  17. Exercise 5.2: Assessing Threat Severity
  18. Exercise 6: Recommending Remediation
  19. Exercise 7: Conducting a Post-Incident Review
  20. Exercise 8: Communicating with Operations and Senior Management
  21. Business Continuity
    Business Continuity Plan Development
    8 Topics
  22. BCP Invocation Process
    2 Topics
  23. Emergency Procedures
    7 Topics
  24. Crisis Management Team
    10 Topics
  25. BCP Seating Plan
  26. Overview
  27. Disaster Recovery
    Scope of Critical Services
  28. Network Services
  29. Application Hosting Service
  30. File Hosting Services
  31. Call Centre and Voice Recording Services
  32. Regulatory Links
  33. Thin Client Environment
  34. Voice System (Non-Service Desk)
  35. Printing Services
  36. Recovery Time Objective (RTO) & Recovery Point Objective
  37. Single Point of Failure
  38. Redundancy Requirements
  39. Alternate Locations
  40. Contact Protocol
    4 Topics

Participants3

Incident Response Scope of Critical Services
In Progress
Lesson 27 of 40
In Progress

Scope of Critical Services

Secure x Design

In General, the allowed time for trouble shooting for any critical service issue is 2 hours with update every 30 min.
During this period, a decision from O&T head and IT head could be taken to activate the related BCP mentioned in each scenario in this document.
2.1 Network services
This will cover any problem in country network links between DC, DR, and main buildings in Omar Makram and Garden City as well as the International circuit to Abu Dhabi.
This will also cover the Core switches and routers malfunction.
2.2 Application hosting services
This is related to Exchange server, GFS, Ethix finance, Swift, Core Banking DB/Sybase/SQL, SharePoint, VMware, and Xen server host.
2.3 File hosting services
This is related to file servers used by the business for BAU activities, and Core storage HW
2.4 Call Center and voice recording services
This is to cover the Call Center Server/DB and the Voice recording services
2.5 Central bank, Regulatory secured links
This is to cover the firewalled systems and 3rd party service (CBE/ISCORE/NPC/123) as well as Swift link Failure.
2.6 Reuters
This is related to REUTERS link and services to ADIB
2.7 Thin Client Environment
This is to cover thin client users
2.8 Normal (Non Call Center) Telephone system
This is related to Cisco Telephone system for all the bank users except for Call Center.
2.9 Xerox printing
This is related to the process of printing the bank statement.