HELP] NEED ASAP THANK YOU CASE 1: Anna Marie Corporation is developing a revised business continuity plan and disaster recovery plan for its headquarters facility and network of 16 branch offices. The said plans have not been updated in more than eight (8) years, during which time the organization has grown by over 300%. At the headquarters facility there are approximately 750 employees. These individuals connect over a local area network (LAN) to an array of more than 60 applications, databases, and file print servers in the corporate data center and over a frame relay network to the branch offices. Traveling users access corporate systems remotely by connecting over the internet using a virtual private network (VPN). Users at both the headquarters and branch offices access the internet through a firewall and proxy server located in the data center. Critical applications have a recovery time objective (RTO) of between three (3) and five (5) days. Branch offices are located between 30 and 50 miles from one another, with none closer than 25 miles to the headquarters facility. Each branch office has between 20 and 35 employees plus a mail server and a file/print server. Backup media for the data center are stored at a third-party facility that is 35 miles away. Backups for servers located at the branch offices are stored at nearby branch offices using reciprocal agreements between offices. Current contracts with a third-party hot site provider include 25 servers, work area space equipped with desktop computers to accommodate 100 individuals, and a separate agreement to ship up to two servers and 10 desktop computers to any branch office declaring an emergency. The contract term is for three years, with equipment upgrades occurring at renewal time. The hot-site provider has multiple facilities throughout the country in case the primary facility is in use by another customer or rendered unavailable by the disaster. Senior management desires that any enhancements be as cost-effective as possible. REQUIRED: 1. When negotiating new contracts with the vendor, what should the IS auditor recommend to management about the hot site in the above situation?2. When negotiating new contracts with the vendor, what should the IS auditor recommend to the management about branch office recovery? CASE 2: The headquarters of Abi Corporation (AC), a private company with P650 million in annual sales, is located in Taguig. AC provides for its 150 clients an online legal software service that includes data storage and administrative activities for law offices. The company has grown rapidly since its inception three (3) years ago, and its data processing department has expanded to accommodate this growth. Because AC's president and sales personnel spend a great deal of time out of the office soliciting new clients, the planning of the information technology (IT) facilities has been left to the data processing professionals. AC recently moved its headquarters into a remodeled warehouse on the outskirts of the city. While remodeling the warehouse, the architects retained much of the original structure, including the wooden-shingled exterior and exposed wooden beams throughout the interior. The minicomputer distributive processing hardware is situated in a large open area with high ceilings and skylights. The openness makes the data processing area accessible to the rest of the staff and encourages a team approach to problem-solving. Before occupying the new facility, city inspectors declared the building safe; that is, it had adequate fire extinguishers, sufficient exits, and so on. To provide further protection for its large database of client information, AC instituted a tape backup procedure that automatically backs up the database every Sunday evening, avoiding interruption in the daily operations and procedures. All tapes are then labeled and carefully stored on shelves reserved for this purpose in the data processing department. The departmental operator's manual has instructions on using these tapes to restore the database, should the need arise. A list of home phone numbers of the individuals in the data processing department is available in case of an emergency. AC has recently increased its liability insurance for data loss from P5,000,000 to P10,000,000. This past Saturday, the building of its headquarters was completely ruined by fire, and the company must now inform its clients that all their information has been destroyed. REQUIRED: 1. Describe at least five (5) computer security weaknesses present in Abi Corporation that made it possible for a disastrous data loss.2. List at least five (5) components that should have been included in the disaster recovery plan (DRP) of Abi Corporation to ensure computer recovery within 72 hours.3. What factors, other than those included in the plan itself, should a company consider when formulating a disaster recovery plan? List at least three (3) of them. CASE 3: An information system (IS) auditor has been asked to represent the internal audit department of her organization on a task force to define the requirements for a new branch automation project for BrownBank, a community bank with 16 branches. This new system would handle deposit and loan information and other confidential customer information. The branches are located within the same geographic area, so the director of branch operations has suggested the use of a microwave radio system to provide connectivity due to its low cost of operation and the fact that it is a private network. The director has also strongly suggested that it would be preferable to provide each branch with a direct coaxial connection to the internet (using the local cable television provider) as a backup if the microwave system develops a fault. The direct internet connection would also be connected to a wireless access point at each branch to provide free wireless access to customers. The director also asked that each branch be provided with mail and application servers that the administrative manager of each branch would administer. The IS auditor was informed by the IT manager for the bank that the cable service provider will encrypt all traffic sent over the direct coaxial connection to the internet. REQUIRED: 1. In reviewing the information for the project, what would be the MOST important concern about the use of microwave radio systems of Bank Brown?2. Give at least one (1) best possible way to reduce the likelihood of business systems being successfully attacked from the public internet through the wireless network