Disaster Recovery and Planning/ Lab

Name

Professor

Course

Division

Institution

Date

Disaster Recovery and Planning/ Lab

The laboratory report

This lab involved the collection of the data based on the user or consumer behaviors of various internet users. This was done in three days, the users data was recorded in computers to show that date of the visit, time of entry and exit from the facility and the type of program they used. Another metric that was used was computers resources from the internet as the software. A log was kept to ensure that their data was easily stored and used for the analysis.

The report was created based on the names of the employees, the bandwidths as well as the dates of access. The main idea behind this was to analyze the usage of computer hardware, and softwares. It was also designed to identify the sources potential sources of threats to the computer system. This was also useful for identifying the sources of threat. And the consumption behaviors of the internet users.

Steps

The steps started by first collecting and assessing the data to look for outliers in the data

After data collection and assessment, the data is sorted out according to the name of the users to get the totals of the data consumed by each user. This was used to get the first pie chart in figure 1.

The data was then sorted according to date to get the total of the bandwidth consumed by the users on 26 February as shown in figure 2.

The data was then sorted out according tom the dates to get then number of bandwidths used by al the users over the three days period; this is shown in figure 3

Then the analysis for figure 4, was involving the determination of the amount of bandwidth consumed when particular programs were used within then facility

1. Create a pie chart showing the total bandwidth usage for each individual user for the entire data set. Show the percentage values for each user’s total bandwidth usage, but not the actual bandwidth values.

Figure SEQ Figure * ARABIC 1

2. Create a bar graph showing the total bandwidth usage for each individual user on February 26, 2012. The actual bandwidth usage amounts should be shown in the figure bellow:

Figure SEQ Figure * ARABIC 2

3. Create a chart or graph showing the total bandwidth usage per day for the entire data set (there are three days of data).

Figure SEQ Figure * ARABIC 3

4. Create a pie chart showing the percentage of bandwidth usage per application for the entire data set. Show the percentage values for each application’s total bandwidth usage, but not the actual bandwidth values.

Figure SEQ Figure * ARABIC 4

5. Create a chart or graph showing the average bandwidth usage hourly. The work day is from 9AM until 5PM, and every hour during this period should be represented on the chart/graph. Results should be the average of all three days presented as one day of data. This may require creating a new data set drawn from the original.

While the data was collected on only three days of operation, there was very high disparity between the numbers of bandwidths used by various users of the internet. For one amongst the users of the internet services, Jdoe was the highest user of the Bandwidth on 26 February, considering that he was the consumer with the highest percentage of the total bandwidth. His total bandwidth value was 106016 while the llynai used the lowest bandwidth of 1522. This was a very high difference despite the other users using slightly higher than the least user. On the other hand, chrome exe, and excel exe, were the programs that most users preferred probably due to their usefulness in the computers. According to the data, 26 February was the day on which the personnel used the highest number of bandwidth (Harris, 2008).

Amongst the users of the bandwidth over the three day, Jdoe was the highest users and is also a concern as his bandwidth was the highest on the three days the data was collected and the number of hours spent in the cyber as well the frequency into the cyber was quite alarming. It is highly likely that Jdoe was a security threat to the system of the company, the company should consider instituting software and hardware based control such as: anti-virus, firewalls, intrusion detection systems. Additionally the company can institute, end-user training on how to avoid computer virus infections know how to recognize social engineering tactics used by suspicious users of the internet such as Jdoe.

Jdoe is a security consideration because he poses a threat to confidentially, availability and the overall integrity of data stored in the database, and within the networked computers. The methodology offered by the Mc cumber, (1990), is based on the general interrelationship between the availability and integrity and the total confidentiality of the data stored or been transmitted. This involves the usage of policies and procedures and human interventions, however, technology such as firewalls and hardware passwords are important part of the whole concept

McCumber cube

HYPERLINK “http://en.wikipedia.org/wiki/File:Mccumber.jpg” INCLUDEPICTURE “http://upload.wikimedia.org/wikipedia/en/thumb/5/50/Mccumber.jpg/220px-Mccumber.jpg” * MERGEFORMATINET

Figure SEQ Figure * ARABIC 5

According to the Harris, (2008), the company should consider causes of threat and emphasize on how to limit the threats associated with information systems. Mc cumber argue that human factors should be given prominence in the bid to maintain confidentiality and integrity of the data in storage or transmission or processing. Excessive usage of the internet or usage of insecure programs within the networked computers is a security threat. McCumber (2004), argues that this policy should not be overridden.

.

Conclusion

While users were forbidden from using other program apart from the internet explorer, most of the users preferred the chrome as the browser of choice, this may be due tom a number of reasons. However, they kept on using the chrome even in the presence of the administrator, who was supposed to communicate the policies of internet and software uses. This is likely to communicate the reasoning behind many debugging problems, as most of the internet browsers are not stable (Allen, 2001). The company has no firewall installed because if there was firewalls the number of scans could be have been very low. Additionally, the number of users accessing the AS/400 system in the Superheroes Inc organization was high on the 26th thereby increasing the number of bandwidth usage, this increased the company’s cost of internet thereby violating the bandwidth per day limit. While the internet is accessed using the internet explorer, the volume of the bandwidth used is low as compared to the bandwidth used while the internet is accessed using the chrome. The company should consider installing the chrome.exe. In addition, change its policies to accommodate for the usage of the chrome browser and increasing level of information system management (McCumber, 2004).

References

McCumber J., (2004). Assessing and Managing Security Risk in IT Systems: A Structured Methodology: Auerbach Publications.

Harris, Shon (2003). All-in-one CISSP Certification Exam Guide (2nd Ed. ed.). Emeryville, California: McGraw-Hill

Harris, Shon (2008). All-in-one CISSP Certification Exam Guide (4th Ed. ed.). New York, NY: McGraw-Hill

Allen, H., (2001). The CERT Guide to System and Network Security Practices. Boston, MA: Addison-Wesley