Chapter Summary

Recent historical events have brought to the forefront the importance for such things as physical security, disaster recovery planning, risk identification, and education. The effects on particular business operations and an economy as a whole can be severely impacted if proper measures are not taken to minimize the physical and logical threats that are ever increasing in today’s world.

Most of the concepts and technical information stressed in this chapter have been around for quite some time. It has become an industry demand for properly educated certified professionals to implement these policies and procedures to better ensure the operational continuation and health of businesses.

At this point, you should at the very least be able to handle questions that relate to the following topics of discussion covered in this chapter:

• Physical security implementations and countermeasures.

• Aspects of Disaster Recovery Planning, procedures, and backup types.

• Business Continuity Planning and implementations.

• Forensics and the importance of gathering evidence that can be used to prosecute if a computer-related crime has occurred.

• Specific management/company policies and guidelines that should be documented, implemented, and followed by company employees.

• Ability to identify certain risks that are considered a threat to normal operations.

• Importance of educating all company employees regarding proper policies and procedures.