Describe in 500 words the disaster recovery plan and who is responsible at your place of employment. Consider the critical business functions and your recovery point objectives and recovery time objectives.

Describe in 500 words the disaster recovery plan and who is responsible at your place of employment. Consider the critical business functions and your recovery point objectives and recovery time objectives.

A disaster recovery plan is a plan set by an organization to enhance stability in the incident of a disaster that may destroy part or all the business resources. These resources include; data records, information technology (IT) tools, and the overall physical space of a company. However, according to Berke et al. (2014), a recovery business plan has several stages to ensure its efficiency and effectiveness.

The first stage of disaster recovery requires a critical understanding of the business’ activities and how all the resources they are using are interconnected. Second, disaster recovery involves critical and acute assessment of the firm’s vulnerability in all the sectors. These areas include; equipment, physical space, operating measures, emergency planning, and data integrity. Third, disaster recovery involves a practical understanding of how the event of the disaster will impact other levels of the firm. The fourth stage requires the development of a short-term retrieval plan. The fifth stage includes the creation of a long term recovery plan, which provides for ways to return to the usual business activities. Lastly, a recovery plane requires testing, effective maintenance, and plan upgrade (Tiwari et al. (2014)).

Every organization should be keen when choosing the right personnel to be in charge of the disaster recovery process. In my organization, which is based on IT, when a disaster occurs, the IT director takes charge to ensure that the problem does not affect other departments in the organization. Also, the person in charge of the disaster recovery procedure is chosen depending on the extent of the damage. When the cost is high, senior managers and business managers come together to assist the IT director.

Critical business functions

Critical business functions (CBF) are the organization’s procedures and activities that require immediate restoration to avoid the probability of disruption of other business activities that are not affected by the disaster. The critical business function can be dealt with in terms of several procedures of single processes depending on the extent of the problem. These functions include; being keen on the business activities which lead to final products, retrieving information which was interrupted in the event of the problem, among others.

Recovery point objectives

Recovery point objective (RPO) refers to several crucial files which must be recovered to ensure the regular performance of business activities. The use of functional backup storage achieves these objectives. In my company, recovery business objectives enable the management to choose the optimum disaster recovery measures and technologies. Besides, the backup is updated every three hours. There is the usage of external hard drives to ensure that all information is documented adequately without getting lost.

Recovery time objectives

Recovery time objective (RTO) is the targeted duration of the time in which a business needs to take to recover all the damages after a disaster has occurred. It is the time between the actual information loss and the actual recovery duration. However, in our company, RTO is achieved during Business Impact Analysis by senior management.

Do a bit of research on the methodologies that Microsoft Windows firewall uses. Define a firewall. Define firewall security techniques. Consider the strengths and weaknesses of the Microsoft approach

Microsoft Windows Firewall

A firewall is a network safety system which is used to monitor and to take action of guidelines demarcated clearly.

Firewall security techniques

There are five major types of firewall security techniques, including; Stateful Inspection firewall, a Next-generation firewall, a Proxy firewall, a circuit-level gateway, and a packet filtering firewall.

Microsoft methodologies

First, Microsoft Windows uses Network Address Translation (NAT). NAT is used to enhance IP address and privacy maintenance of a particular computer when gaining access to the internet. Second, Microsoft uses a Proxy server for traffic management, that is, HTTP and FTP hence providing access control and critical checks for valid information. Third, Microsoft uses Packet Filter used for controlling network access used to track entering and departing packets. Lastly, Microsoft uses Stateful Inspection, which is used to prevent cyber threats and packets which are not requested from getting into the computer (Naik, & Jenkins, (2016)).

Strengths and weaknesses of the Microsoft approach

Strengths

Microsoft Windows firewall methodologies have various advantages. First, NAT is used to prevent the depletion of IPv4 addresses. Second, it obtains logging authorizations from the inspection. Third, the approach ensures the protection of internal IP addresses. Lastly, it provides recognition of URL and HTTP protocols.

Weaknesses

Every approach has its challenges, and the Microsoft approach is no exception. First, the method causes some delay in the interaction of IPv4. Also, at some point, the packets are difficult to manage. Besides, some of the methodologies, such as Proxy Server, are costly. Lastly, there can be attacks from a particular TCP/IP protocol