Back to Course

Incident Response

0% Complete
0/0 Steps
  1. Incident Response
    Incident Reporting
  2. Incident Response Use Cases
    Lab Setup
  3. Role Playing - Shift Manager
  4. Demonstrating: Investigating and Escalating
  5. Report from Malware Analyst
  6. Exercise 1.1: Exploring Suspicious Executable Detected using SIEM
  7. Exercise 1.2: Investigating Multiple Failed Logins using SIEM
  8. Exercise 3: Mitigating Risk
  9. Exercise 4.1: Asking the Right Questions
  10. Scenario 4.1: Asking the Right Questions
  11. Scenario 4.2: Suspicious or Malicious?
  12. Exercise 4.2: Reviewing the Shift Log
  13. Exercise 4.3: Investigating an Unauthorized Login Attempt
  14. Exercise 4.4: Investigating Firewall Traffic
  15. Exercise 4.5: Reviewing the Security Operations Mailbox
  16. Exercise 5.1: Reviewing New Intelligence
  17. Exercise 5.2: Assessing Threat Severity
  18. Exercise 6: Recommending Remediation
  19. Exercise 7: Conducting a Post-Incident Review
  20. Exercise 8: Communicating with Operations and Senior Management
  21. Business Continuity
    Business Continuity Plan Development
    8 Topics
  22. BCP Invocation Process
    2 Topics
  23. Emergency Procedures
    7 Topics
  24. Crisis Management Team
    10 Topics
  25. BCP Seating Plan
  26. Overview
  27. Disaster Recovery
    Scope of Critical Services
  28. Network Services
  29. Application Hosting Service
  30. File Hosting Services
  31. Call Centre and Voice Recording Services
  32. Regulatory Links
  33. Thin Client Environment
  34. Voice System (Non-Service Desk)
  35. Printing Services
  36. Recovery Time Objective (RTO) & Recovery Point Objective
  37. Single Point of Failure
  38. Redundancy Requirements
  39. Alternate Locations
  40. Contact Protocol
    4 Topics
Lesson 37 of 40
In Progress

Single Point of Failure

1                         SPOF

1.1                    Cisco Voice recorder

Description: The recorder is used for the following departments:

  • Call Center in case of BCP 8 channels
  • Collections 20 channels
  • Compliance 3 channels
  • Corporate services 4 channels
  • Credit initiation 10 channels
  • Customer services 6 channels
  • Fraud Risk 2 channels
  • Service desk 7 channels
  • Treasury 13 channels

Risk: No backup recorder available. The above departments will not be able to record their calls during the fixing period.

Risk Mitigation: IST / RAYA Vendors are supporting this device.

Action Plan: To be discussed

Risk acceptance: To be collected by approving this document.

1.2                    Avaya Voice recorder

Description:  The recorder is used by the Call Center agents.

Risk: No backup recorder available. The Call Center agents will not be able to record their calls during the fixing period.

Risk mitigation:

The bank has 3 years SLA with the vendor (SISCOM) with resident engineer for one year, and the vendor should provide replacement of the faulty part within 6 hours.

The Call Center Agents will not be able to record their calls with the customers till the problem been solved.

Action Plan: To be discussed

Risk Acceptance:

It’s a business decision to continue working without the voice recorder, or to move the Call Center Agents to Borsa premises, working on Cisco environment, using the Cisco Voice recorder but without the IVR.

1.3                    Bab El Loaq public exchange

Description: Garden City head office and Omar Makram head office are connected to the outside world only through copper cable to Bab El Loaq public exchange. Please refer to fig.1 in 3.1

Risk: Losing this public exchange will result in full isolated to ADIB main Head Offices. The entire staff in these buildings will not be able to work.

Risk mitigation: The staff of Omar Makram and Garden City buildingshas to follow the BCP plan. Please go to Appendix A 15.1.3 

Action Plan: There is a plan to do Fiber connection between these buildings and Bab El Loaq public exchange to back up the copper cable and increase the performance.

The Fiber cable will be connected to different room in the public exchange to reduce the risk, but if we lose the entire public exchange the risk will remain as it is.

Risk Acceptance: To be collected by approving this document.

1.4                    Maadi Branch connection

Description: There is No land line connection between Maadi branch and the public exchange. The branch is depending only on the 3G connection.

Risk: 3G connection is not very reliable and the branch got isolated frequently

Risk mitigation: Provide the branch with USB modem and VPN access to pass any customer transactions.

Action Plan: Microwave connection between the branch and Maadi public exchange may be the solution of this SPOF.

Special order for a dedicated land cable to Maadi branch should solve the problem.

Risk Acceptance: To be collected by approving this document.