MIC03 - Define, implement and secure your backups

• Understanding the importance of backups
• Know the different types of backup
• Implement a hardened backup server
• Maintain the security of your backup environment

DAY 1: Backup security

Part 1 - Introduction :

• Presentation of the training content
• How to destroy backups
• The importance of backups on an IS

Part 2 - Harden your backups:

• Know your dependencies and control them
• Harden the backup server system
• Ensure network isolation
• Implement a Tiering model
• Set up dedicated service accounts
• Create immutable and disconnected backups
• Protecting backup media

DAY 2: Maintaining good practices

Part 3 - Managing and maintaining your backups :

• Determine the data to be backed up
• Set up surveillance
• Check the integrity of the configuration
• Principle of the safeguard 3-2-1

Part 4 - Maintaining a high level of control :

• Create a Disaster Recovery Plan (DRP)
• Define RPOs and RTOs
• Test the restoration with a disconnected media

PREREQUISITE:

It is advisable to have a general culture related to the world of IT
and the issues of computer security.

INTENDED PUBLIC:

• ISD
• CISO
• Security Engineer
• Architect