The document outlines a lab assessment exercise focused on developing disaster recovery and backup procedures, enabling students to apply theoretical concepts to practical scenarios. It includes a detailed course description for ISOL/MSDF 633, examining legal regulations, compliance, and information security topics alongside specific course expectations and policies. Additionally, the syllabus emphasizes academic integrity, participation, and evaluation methods to ensure a structured learning environment.

1. Assessment Worksheet
Developing Disaster Recovery Backup Procedures and Recovery
Instructions
Course Name and Number:
_____________________________________________________
Student Name:
_____________________________________________________
___________
Instructor Name:
_____________________________________________________
_________
Lab Due Date:
_____________________________________________________
___________
Overview
In this lab, you applied the same concepts of disaster recovery
backup procedures and recovery
instructions to your own data. You explained how you can lower
recovery time objectives
(RTOs) with proper backup and recovery procedures, you
defined a process for IT system and
application recovery procedures, you identified a backup
solution for saving your own data, and
you tested and verified your backups for RTO compliance.

2. Lab Assessment Questions & Answers
1. How do documented backup and recovery procedures help
achieve RTO?
2. True or false: To achieve an RTO of 0, you need 100 percent
redundant, hot-stand-by
infrastructure (that is, IT systems, applications, data, and so
on).
3. What is most important when considering data backups?
4. What is most important when considering data recovery?
5. What are the risks of using your external e-mail box as a
backup and data storage solution?
75
Copyright © 2015 by Jones & Bartlett Learning, LLC, an
Ascend Learning Company. All rights reserved.
www.jblearning.com Student Lab Manual

3. 6. Identify the total amount of time required to recover and
install the Lab Assessment Worksheet(s)
and to open the file(s) to verify integrity. (Calculate your timed
RTO using your computer clock
and your documented instructions.)
7. Did you achieve your RTO? What steps and procedures can
you implement to help drive RTO
even lower?
8. What are some recommendations for lowering the RTO for
retrieval and access to the backup data
file?
9. If you drive RTO lower, what must you do to streamline the
procedure?
10. Why are documenting and testing critical to achieve a
defined RTO?
11. Why is it a best practice for an organization to document its
backup and recovery steps for disaster
recovery?
12. What can you do to cut down on the recovery time for

4. accessing, copying, and recovering your
Lab Assessment Worksheets to achieve the RTO?
13. What will encryption of a disk or data in storage do to the
RTO definition when attempting to
retrieve and recover cleartext data for production use?
14. How many total steps did your backup and recovery
procedures consist of for this lab exercise?
Are there any that can be combined or streamlined?
15. If the individual accessing the system for disaster recovery
purposes were not familiar with the IT
system and required system administrator logon credentials,
what additional step would be
required in the recovery phase?
Course Name and Number: Student Name: Instructor Name: Lab
Due Date: Text92: Text93: Text94: Text95: Text96: Text97:
Text98: Text99: Text100: Text101: Text102: Text103: Text104:
Text105: Text106:
School of Computer & Information Sciences
COURSE SYLLABUS

5. Course Name:
ISOL/MSDF 633 – Legal, Regulations, Investigations, and
Compliance
Section – 13X
Summer 2019 – Second Bi-term – Online (Asynchronous)
Residency Session Date: Not Applicable
Residency Session Course Site: Not Applicable
Professor:
Dr. Jeff Sallee
Contact Information:
Office Hours: By appointment
E-mail: [email protected]
Online Support (IT) and I-Learn Policy:
All members of the University of the Cumberlands’ community
who use the University’s computing, information or
communication resources must act responsibly.
http://www.ucumberlands.edu/it/downloads/terms.pdf
Course Website:
Access to the course website is required via the iLearn portal on
the University of the Cumberlands website:
http://www.ucumberlands.edu/ilearn/
Course Description:
The course examines computer crimes, laws and regulations. It
includes techniques for investigating a
crime, gathering evidence, and communicating results.
Alignment Matrix
Course Objectives/Learner Outcomes:
Upon completion of this course, the student will:
· Recognize the legal aspects of information security systems.
· Examine the concept of privacy and its legal protections.
· Identify the basic components of the American legal system.
· Describe legal compliance laws addressing how public and
private institutions protect the security and privacy of consumer
financial information.
· Analyze intellectual property laws.
· Describe the role of contracts in online transactions and

6. cyberspace.
· Identify cybercrime and tort law issues in cyberspace.
· Examine the principles requiring governance of information
within organizations.
· Identify risk analysis and incident response procedures.
· Explain the importance of forensic examination in legal
proceedings.
Prerequisites:
There are no prerequisites for this course.
Books and Resources:
Grama, Joanna Lyn. Legal Issues in Information Security, 2nd
ed. Burlington, MA: Jones & Bartlett Learning, 2015
Student Lab Manual and Lab Access Key (also known as
supplemental Lessons)
Other articles and readings may be assigned by course
professor.Course Expectations
Course Activities and Experiences:
Students are expected to:
• Review any assigned reading material, complementary
materials, and weekly lectures and prepare responses to
homework assigned.
• Actively participate in activities, assignments, and
discussions.
• Evaluate and react to each other’s work in a supportive,
constructive manner.
• Complete specific assignments and exams when specified and
in a professional manner.
• Utilize learned technologies for class assignments.
• Connect content knowledge from core courses to practical
training placement and activities.
Academic Integrity:
At a Christian liberal arts university committed to the pursuit of
truth and understanding, any act of academic dishonesty is
especially distressing and cannot be tolerated. In general,
academic dishonesty involves the abuse and misuse of

7. information or people to gain an undeserved academic
advantage or evaluation. The common forms of academic
dishonesty include:
· Cheating – using deception in the taking of tests or the
preparation of written work, using unauthorized materials,
copying another person’s work with or without consent, or
assisting another in such activities.
· Lying – falsifying, fabricating, or forging information in
either written, spoken, or video presentations.
· Plagiarism—using the published writings, data,
interpretations, or ideas of another without proper
documentation
Plagiarism includes copying and pasting material from the
internet into assignments without properly citing the source of
the material. Even if you cite the source, if the majority of your
work is someone else’s work, it is considered plagiarism. See
https://www.plagiarism.org/article/what-is-plagiarismfor more
information.
Episodes of academic dishonesty are reported to the Vice
President for Academic Affairs. The potential penalty for
academic dishonesty includes a failing grade on a particular
assignment, a failing grade for the entire course, or charges
against the student with the appropriate disciplinary body.
Attendance Policy:
Residency Attendance: If a residency session is required for this
course, each student must be in attendance for the entire
duration of the required residency weekend. Late arrivals
and/or early departures are not permitted. Punctuality is
important as each student is required to have the documented
in-seat time per USCIS regulations. If a student is not in
attendance for the full session, he/she will be counted absent for
the entire session, and receive an automatic “F” and will be
required to pay the $300.00 make-up fee and attend a residency
make-up session.

8. Disability Accommodations:
University of the Cumberlands accepts students with certified
disabilities and provides reasonable accommodations for their
certified needs in the classroom, in housing, in food service or
in other areas. For accommodations to be awarded, a student
must submit a completed Accommodations Application form
and provide documentation of the disability to the Disability
Services Coordinator (Mr. Jacob Ratliff, Boswell Campus
Center, Student Services Office Suite, [email protected]). When
all paperwork is on file, a meeting between the student and the
Coordinator will be arranged to discuss possible
accommodations before accommodations are formally approved.
Students must then meet with the Coordinator at the beginning
of each semester before any academic accommodations can be
certified for that term. Certifications for other accommodations
are normally reviewed annually.
Student Responsibilities:
· The only authorized electronic means of academic,
administrative, and co-curricular communication between
University of the Cumberlands and its students is through the
UCumberlands email system (i.e. Webmail). Each student is
responsible for monitoring his/her University email account
frequently. This is the primary email account used to
correspond with you directly by the University; imperative
program information is sent to this email account specifically
from campus and program office.
· Students should check for e-mail and class announcements
using iLearn (primary) and University of the Cumberlands
webmail (secondary).
· Students are expected to find out class assignments for missed
classes and make up missed work.
· Students are expected to find out if any changes have been
made in the class or assignment schedule.
· Written workmust be presented in a professional manner.
Work that is not
submitted in a professional manner will not be evaluated and

9. will be returned as unacceptable.
· There is a craft to writing. Spelling, grammar, punctuation
and diction (word usage) are all tools of that craft. Writing at
the collegiate level will show careful attention to these elements
of craft. Work that does not exhibit care with regard to these
elements will be considered as inadequate for college writing
and graded accordingly.
· Students are expected to take the examinations on the
designated dates. If you are unable to take the exam on the
scheduled date and know in advance, you are to make
arrangements with your professor before the designated date. If
you miss the exam, you must have a legitimate reason as
determined by your professor.
Deadlines and Dues Dates:
Recognizing that a large part of professional life is meeting
deadlines, it is necessary to develop time management and
organizational skills. Failure to meet the course deadlines may
result in penalties. Keep in mind that all deadlines are set using
Eastern Standard Time (EST). Late assignments will NOT be
accepted.
Writing Expectations:
Learning outcomes for candidates’ writing competencies include
clarity of thought, discernment in planning and organization,
and integration of evidence and criteria.
· The instructor expects that students will have knowledge of
appropriate forms of documentation and use it where
appropriate. APA format is required and style of notation to
credit all sources that are not your own.
· There is a craft to writing. Spelling, grammar, punctuation
and diction (word usage) are all tools of that craft. Writing at
the collegiate level will show careful attention to these elements
of craft. Work that does not exhibit care with regard to these
elements will be considered as inadequate for college writing
and graded accordingly.
· All assignments, unless otherwise instructed, should be
submitted in APA format.

10. Participation Policy:
Study after study has linked successful academic performance
with good class participation. Those who assume positions of
responsibility must “show up” in order to be effective.
Therefore, students are expected to actively participate in
intelligent discussion of assigned topics in all areas (Discussion
Board Activities, Synchronous Sessions, Forums, Shared
Papers, etc.) to help process course material and/or to
demonstrate understanding of course content. Point adjustments
will be taken for non-participation.
Academic Appeals:
Both undergraduate and graduate students have the right to
challenge a grade. If discussions with the course instructor and
department chair do not lead to a satisfactory conclusion,
students may file a formal written appeal with the Vice
President for Academic Affairs, who will forward the appeal to
the chair of the Academic Appeals Committee. This formal
written appeal must be filed by the end of the 4th week of
classes in the next regular term following the term in which the
course in question was taken. The Academic Appeals Committee
then gathers information from the student, the instructor, and
any other relevant parties. The Committee will deliver its
recommendation on the complaint to the Vice President for
Academic Affairs. After reviewing this recommendation and
concurring or amending it, the Vice President for Academic
Affairs will inform the student and instructor of the disposition
of the complaint no later than the last day of classes of the term
in which the complaint was filed. Records of all actions
regarding academic grade appeals, including their final
disposition, are maintained by the Vice President for Academic
Affairs and the Academic Appeals Committee. (Undergraduate
Catalog/Graduate Catalog)
Links to Support:
Orientation to I-Learn: Student training course on I-Learn,
https://ucumberlands.blackboard.com/webapps/portal/frameset.j
sp

11. Book Store:
http://cumber.bncollege.com/webapp/wcs/stores/servlet/BNCBH
omePage?storeId=50059&catalogId=10001&langId=-1
Library: http://www.ucumberlands.edu/library/
Course Assignments and Evaluation
Evaluation Method:
Graded work will receive a numeric score reflecting the quality
of performance. Relative weights assigned to graded work are as
follows:Course Evaluation
Students will be evaluated on:
Description
Weight
1.
Two Exams - Tentative dates for the Exams are given below.
Exams may consist of multiple choice, short answer, discussion,
and other security related questions.
30% (Midterm)
30% (Final)
2.
Homework Assignments and Quizzes – Assignments and quizzes
will be given throughout the term. Assignments will come from
the lecture materials, discussion questions, and reading
assignments.
19% (Quizzes)
0% (Labs)
3.
Discussion Posts
15%
4.
Practical Connection Assignment
5%
5.
Syllabus Confirmation
1%

12. 6.
For Classes with a residency component, a group paper and a
group presentation will be a significant portion of your grade.
N/A
Grading Scale:Graded work will receive a numeric score
reflecting the quality of performance as given above in
evaluation methods. The overall course grade will be
determined according to the following scale:
A= 90 – 100 (90% - 100%)
B= 80 – 89 (80% - 89%)
C = 70 – 79 (70% - 79%)
F < 69 (Below 69%)
Syllabus Disclaimer:
This syllabus is intended as a set of guidelines for this course
and the professor reserves the right to make modifications in
content, schedule, and requirements as necessary to promote the
best education possible within conditions affecting this course.
Any changes to the syllabus will be discussed with the students.
Tentative Course Expectations (specific due dates are listed in
the course module)
Week
Topic
Assignments
1
Information Security OverviewConcepts of confidentiality,
integrity, and availability (the C-I-A triad) associated with
information system securityBasic information systems security
conceptsRisk analysis and mitigationMechanisms for
organizational information securityData classifications
requiring specialized legal considerationReading: Chapter 1Lab

13. #1 Creating an IT Infrastructure Asset List and Identifying
Where Privacy Data Resides
Privacy OverviewWhy is privacy an issue?How is privacy
different from information security?Privacy lawsThreats to
privacy in the information agePrinciples of privacy protection
in information systems
Reading: Chapter 2Lab #2 Case Study on U.S. Veterans Affairs
and Loss of Privacy Information Quiz Due Sunday, July
7Confirmation of Syllabus, July 7
2
The American Legal SystemComponents of the American legal
systemCode versus common lawCategories of lawHow
precedent affects the lawSecurity, privacy, compliance, and
auditing
Reading: Chapter 3
Security and Privacy of Consumer Financial
InformationFinancial institutions and the protection of
information they collectFinancial regulatory laws and
government regulatory bodiesThe Gramm-Leach-Bliley Act and
financial institutionsThe Federal Trade Commission Red Flags
RulePayment Card Industry (PCI) Standards
Reading: Chapter 4Lab # 3 Case Study on PCI DSS
Noncompliance: CardSystems
Solution
sQuiz Due Sunday, July 14Discussion #1 Due, July 14
3
Security and Privacy of Information Belonging to Children and
in Educational RecordsProtecting children on the InternetFamily

14. Educational Rights and Privacy Act (FERPA)Children’s Online
Privacy Protection Act (COPPA)Children’s Internet Protection
Act (CIPA)Understand differences between purpose and scope
of FERPA, COPPA, CIPA
Reading: Chapter 5
Security and Privacy of Health InformationThe health care
industry and information privacyHealth Information Portability
and Accountability Act (HIPAA)State laws regarding
confidentiality and privacy of recordsWhy health care
information is sensitive
Reading: Chapter 6Lab #4 Analyzing and Comparing GLBA
and HIPAAQuiz Due Sunday, July 21Discussion #2 Due, July
21
4
Corporate Information Security and Privacy
RegulationSarbanes-Oxley (SOX) ActCompliance and security
controlsCorporate privacy issues Public and private
companiesInfluence of law on security practices
Reading: Chapter 7Lab #5 Case Study on Issues Related to
Sharing Consumers’ Confidential Information
Federal Government Information Security and Privacy
RegulationsFederal government information security and
privacy regulationFederal Information Security Management
Act (FISMA)Import and export laws for information

15. technologySecurity challenges facing the federal government
Office of Management and Budget (OMB)
Reading: Chapter 8Midterm Due Sunday, July 28
5
State Laws Protecting Citizen Information and Breach
Notification LawsState regulation of privacy and information
securityState data breach notificationState encryption
regulations State data disposal regulationsHistory of state
privacy protection laws
Reading: Chapter 9Lab #6 Identifying the Scope of Your
State’s Data and Security Breach Notification Law
Intellectual Property LawThe importance of protecting
intellectual propertyLegal ownership and its
protectionPatentsTrademarksCopyright
Reading: Chapter 10Lab #7 Case Study on Digital Millennium
Recording Act: NapsterQuiz Due Sunday, Aug 4Discussion #3
Due, Aug 4
6
The Role of ContractsGeneral principles of contract
lawContracts in cyberspace and online transactionsShrinkwrap,
clickwrap, and browsewrap agreements End user license
agreements (EULAs)Information security provision
Reading: Chapter 11

16. Criminal Law and Tort Law Issues in CyberspaceGeneral
principles of criminal lawCybercrimeGeneral principles of tort
lawTort concepts in cyberspace Laws governing cybercrime
Reading: Chapter 12Lab #8 Cyberstalking or Cyberbullying and
Laws to Protect IndividualsPractical Connection Assignment
Due Sunday, Aug 11Quiz Due Sunday, Aug 11Discussion #4
Due, Aug 11
7
Information Security GovernanceHigh-level policiesInformation
security standardsUse of security guidelinesSecurity
proceduresMilitary and civilian governance of information
Reading: Chapter 13
Risk Analysis, Incident Response, and Contingency
PlanningRisk analysisIncident response proceduresDisaster
recovery plansContingency planning Business continuity
planning
Reading: Chapter 14Lab #9 Recommending IT Security
Policies to Help Mitigate RiskQuiz Due Sunday, Aug 18
8
Computer Forensics and InvestigationsCybercrime
investigationsDigital evidence Chain of custody Laws affecting
collection of digital evidenceRole of computer forensic
examinerFinal evaluations
Reading: Chapter 15Lab #10 Case Study on Computer

17. Forensics: Pharmaceutical Company
Semester SummaryFinal evaluationsFINAL EXAM Exam Due
Tuesday, August 20.
2