Please help me with a response to these discussion answers. Thanks. #1: Define t
ID: 3757158 • Letter: P
Question
Please help me with a response to these discussion answers. Thanks.
#1: Define the different types of trusted recovery. What is meant by the term “fail secure”?
There are three components to trusted recovery; manual, automated and functional recovery. Manual recovery requires human interaction into bringing the system back online or controls the process in which the system returns to a secure state of readiness. Automated recovery does not require human interaction in that mechanisms within the system recover itself and protect specific objects on the system from further harm. Function recovery is when a system function completes an assigned task and/or returns the system to a previously secure state.
Fail Secure is when the system is not working properly, and access is blocked to all users, security is a priority to access.
#2 Define the full, incremental, and differential backups and describe the differences between these data backup types.
System backups include full, incremental and differential and their differences are simple to describe. A Full backup is the complete copy of all data and is transmitted to other media storage types. It has the lowest RTO, but limitations are the size of the files, etc, being copied to a single type of media. An Incremental backup copies only the changed data since the last full or incremental backup. It is a faster process and requires smaller storage media space. The Differential backup is similar to the incremental backup, but only copies the changed data from the previous full backup.
#3
1. Describe the four types of assessments that an Investigator can perform.
The four types of assessments that an investigator can perform are collection, examination, analysis, and reporting. The collection phase involves the identification, labeling, recording, collection, interviewing witnesses and suspects, and preservation of items without altering, damaging, or destroying its integrity as evidence. (Skillset, 2016) Examination involves the use of manual processes and automated tools to examine data or related items. The examination is conducted using bit-by-bit copies of the original data which is tracked via evidence log and secured to protect its integrity (Best Evidence Rule). (Kent, Chevalier, Grance, & Dang, 2006) Analysis is the phase in which the evidence collected and examined is analyzed to determine its value or weight in regards to the reason collected (evidence of crime, theft, unauthorized possession, etc.). The reporting phase is used to reveal the results and conclusions of the examination and analysis (technical report and/or expert witness testimony). It also relates the details involved in the investigation such as tools used, procedures followed, guidelines recommended actions, and recommended improvements. (Skillset, 2016)
Explanation / Answer
Answer)
The 3 types of trusted recovery are as follows:
System Reboot: This is done with response to the TCB Failure and after shutting down of the system in a controlled manner.
Emergency System Restart: This is being done when a system is failing and is uncontrolled with respect to the TCB or media failure.
System Cold Start: While the TCB or the media fails then the recovery procedure and the system is not being able to bring back to the consistent state.
Here, fail secure is defined as the condition where a system is not functioning properly and all such provided access is blocked to all the users. Here, security is the priority to access.
2) In System backup, a full backup is meant for completely copying all the data and then transferring it to the media storage types which is having limitations for the file size which gets copied to a single type of media whereas the incremental backup only helps to copy the changed/modified data from the last full. Here, the storage media space is small and is a faster process. In the differential backup, the changed data gets copied from the previous full backup which is almost similar to the incremental backup.
As per Chegg policy, a minimum of 1 question can be answered. We did 2.
Hit like if you find the answer useful. :)
Hope this answer helps. Thanks