2.5 Cybersecurity Resilience

Question 1

the practice of keeping data in two or more places within a database or data storage system. [this] ensures an organization can provide continued operations or services in the event something happens to its data -- for example, in the case of data corruption or data loss.
• Duplicate parts of the system
– If a part fails, the redundant part can be used
• Maintain uptime
– The organization continues to function
• No hardware failure
– Servers keep running
• No software failure
– Services always available
• No system failure
– Network performing optimally

Answer 1

(Disk) Redundancy

Question 2

• Bad things can happen in a local area
– Hurricanes, tornadoes, flooding,
• Disperse technologies to different geographies
– Use multiple data centers
– In different locations
• Data centers might be part of the normal operations
– East coast and west coast operations centers
• May be part of a disaster recovery center
– If Florida gets hit, fire up the Denver data center

Answer 2

Geographic dispersal

Question 3

• Multipath* I/O (Input/Output) - a fault-tolerance and performance enhancement technique in which more than one physical path exists between the server and its storage devices through the buses, controllers, and switches connecting them.
– Especially useful for network-based storage subsystems
– Multiple Fibre Channel interfaces with multiple switches

• RAID* - Redundant Array of Independent Disks - a way of storing the same data in different places on multiple hard disks or solid-state drives (SSDs) to protect data in the case of a drive failure. There are different RAID levels, however, and not all have the goal of providing redundancy.

• Multiple drives create redundancy
– Many different designs and implementations

Answer 3

Disk redundancy

Question 4

the process of distributing network traffic across multiple servers. This ensures no single server bears too much demand. By spreading the work evenly, [this] improves application responsiveness. It also increases availability of applications and websites for users.
• Some servers are active - Others are on standby
• If an active server fails, the passive server takes its place

Answer 4

Load balancing

Question 5

allows you to combine multiple physical network adapters into a virtual NIC, which will then be presented to the OS as a single NIC. All of the traffic being sent from the OS will pass through the virtual NIC and be load-balanced across the assigned physical network connections.
• Load Balancing / Fail Over (LBFO)
– Aggregate bandwidth, redundant paths
– Becomes more important in the virtual world
• Multiple network adapters
– Looks like a single adapter
– Integrate with switches
• NICs talk to each other
– Usually multicast instead of broadcast
– Fails over when a NIC doesn’t respond

Answer 5

NIC teaming

Question 6

a device that allows a computer to keep running for at least a short time when incoming power is interrupted.
– Short-term backup power
– Blackouts, brownouts, surges
• UPS types
– Offline/Standby UPS
– Line-interactive UPS
– On-line/Double-conversion UPS
• Features
– Auto shutdown, battery capacity, outlets,
phone line suppression

Answer 6

UPS - Uninterruptible Power Supply

Question 7

a routine that can be used to control the iteration behavior of a loop. All generators are also iterators.
• Long-term power backup
– Fuel storage required
• Power an entire building
– Some power outlets may be marked as
generator-powered
• It may take a few minutes to get the
generator up to speed
– Use a battery UPS while the generator is starting

Answer 7

Generators

Question 8

a regular direct current power supply. It can provide a positive as well as negative voltage. It ensures stable power supply to the device as well as it helps to prevent system damage. Many electronic circuits require a source of DC power.
• Redundancy
– Internal server power supplies
– External power circuits
• Each power supply can handle 100% of the load
– Would normally run at 50% of the load
• Hot-swappable
– Replace a faulty power supply without powering down

Answer 8

Dual-power supplies

Question 9

a device for controlling electrical power in a data center. The most basic [this] are large power strips without surge protection. They are designed to provide standard electrical outlets for data center equipment and have no monitoring or remote access capabilities.
• Provide multiple power outlets
– Usually in a rack
• Often include monitoring and control
– Manage power capacity
– Enable or disable individual outlets

Answer 9

Power distribution units (PDUs)

Question 10

a service where a centralized repository of stored or archived data is duplicated to another centralized data repository in real-time. [this] replication provides an extra measure of redundancy in case a main storage system fails.
• Share data between different devices
– If one device fails, you can still work with the data
– VERY fast recovery times compared to
traditional backups
• [this]
– Specialized high-performance network of
storage devices
• [this]-to-[this] replication
– Duplicate data from one data center to another
• [this] snapshot
– Create a state of data based on a point in time
– Copy that state to other [this]

Answer 10

Storage area network (SAN) replication

Question 11

a process used by information technology (IT) professionals to create backup versions of virtual machines (VMs) The backup can be kept and used to restore the machine in the event that its data is corrupted or lost.
• [this]
– Maintain one VM, replicate to all others
– The virtual machine is really just one big file
2.5 - Replication
• Consistent service offering
– Maintain copies anywhere in the world
• Recover from a replicated copy
– Provides a backup if needed
• Efficient copying
– Only replicates the data that has changed

Answer 11

VM replication

Question 12

On premises vs. cloud redundancy
• Speed
– Local devices are connect over very fast networks
– Cloud connections are almost always slower
• Money
– Purchasing your own storage is an expensive
capital investment
– Cloud costs have a low entry point and can scale
• Security
– Local data is private
– Data stored in the cloud requires additional
security controls

Answer 12

On premises vs. cloud redundancy

Question 13

• The archive attribute
– Set when a file is modified
• Full - Everything
– You’ll want this one first
• Incremental
– All files changed since the last incremental backup
• Differential
– All files changed since the last full backup

Answer 13

Backup Types

Question 14

a backup type that only copies data that has been changed or created since the previous backup activity was conducted. [this] approach is used when the amount of data that has to be protected is too voluminous to do a full backup of that data every day.
• A full backup is taken first
• Subsequent backups contain
data changed since the last full
backup and last incremental backup
– These are usually smaller
than the full backup
• A restoration requires the full
backup and all of the incremental
backups

Answer 14

Incremental Backup

Question 15

a data backup that copies all of the files that have changed since the last full backup was performed. This includes any data that has been created, updated or altered in any way and does not copy all of the data every time.
• A full backup is taken first
• Subsequent backups contain
data changed since the last
full backup
– These usually grow larger as
data is changed
• A restoration requires the full
backup and the last differential
backup

Answer 15

Differential Backup

Question 16

media, such as disks, disk drives, and tapes, onto which Backup Systems store Electronic Data. [this] does not include media, such as CDs, DVDs, and USB flash drives, on which an individual user stores unique, relevant Documents.

• Magnetic tape
– Sequential storage
– 100 GB to multiple terabytes per cartridge
– Easy to ship and store

• Disk
– Faster than magnetic tape - Deduplicate and compress

• Copy
– A useful strategy
– May not include versioning - May need to keep offsite

Answer 16

Backup media

Question 17

NAS vs. SAN
• Network Attached Storage (NAS)* - file-level storage architecture that makes stored data more accessible to networked devices. NAS is 1 of the 3 main storage architectures—along with storage area networks (SAN) and direct-attached storage (DAS).
– Connect to a shared storage device across the network
– File-level access

• Storage Area Network (SAN)*
– Looks and feels like a local storage device
– Block-level access
– Very efficient reading and writing
• Requires a lot of bandwidth
– May use an isolated network and high-speed
network technologies

Answer 17

Network Attached Storage (NAS) vs. Storage Area Network (SAN)

Question 18

Other backups
• Cloud
– Backup to a remote device in the cloud
– Support many devices
– May be limited by bandwidth

• Image
– Capture an exactly replica of everything on a
storage drive
– Restore everything on a partition, including
operating system files and user documents

Answer 18

Other backups

Question 19

used to store data that can enable computer systems and networks to be restored and properly configure in the event of a disaster.
• Offline backup
– Backup to local devices
– Fast and secure
– Must be protected and maintained
– Often requires offsite storage for disaster recovery

• Online backup
– Remote network-connected third-party
– Encrypted
– Accessible from anywhere
– Speed is limited by network bandwidth

Answer 19

Backup locations

Question 20

> > look up definition
• The cloud is always in motion
– Application instances are constantly built
and torn down

• Snapshots* can capture the current configuration and data
– Preserve the complete state of a device, or
just the configuration

• Revert to known state
– Fall back to a previous snapshot

• Rollback to known configuration
– Don’t modify the data, but use a previous configuration

• Live boot media
– Run the operating system from removable
media - very portable!

Answer 20

Non-persistence

Question 21

the ability of an organization to maintain acceptable service levels when there is a disruption of business operations, critical processes, or your IT ecosystem. In this digital age, high availability is critical to your organization’s success. [this] is a measure of the percentage uptime, considering the downtime due to faults and other causes such as planned maintenance.
• Redundancy doesn’t always mean always available
– May need to be powered on manually

• HA (high availability)
– Always on, always available
• May include many different components
working together
– Active/Active can provide scalability advantages
• Higher availability almost always means higher costs
– There’s always another contingency you could add
– Upgraded power, high-quality server components,
etc.

Answer 21

High availability

Question 22

a system restore, describes as the process of reverting a computer back to its original configuration or an earlier copy.
• Application-specific
– Certain components may need to be restored first
– Databases should be restored before the application
• Backup-specific
– Incremental backups restore the full backup,
then all subsequent incremental backups
– Differential backups restore the full backup,
then the last differential backup

Answer 22

Order of restoration

Question 23

>> look up definition
Diversity
• Technologies
– A zero-day OS vulnerability can cause significant
outages
– Multiple security devices
• Vendors
– A single vendor can become a disadvantage
– No options during annual renewals
– A bad support team may not be able to resolve
problems in a timely manner
• Cryptographic
– All cryptography is temporary
– Diverse certificate authorities can provide
additional protection
• Controls
– Administrative controls
– Physical controls
– Technical controls
– Combine them together
– Defense in depth

Answer 23

Diversity