2.5 Cybersecurity Resilience

Question 1

Define 3 Common RAID levels

Answer 1

1. RAID 0 - striping
2. RAID 1 - mirroring
3. RAID 5 - striping w/ parity

Question 2

Define Multipath relative to disk redundancy

Answer 2

When using SAN or NAS, create multiple physical paths to maintain connectivity if a switch or fiber cable fails, for example

Question 3

Define Geographic Dispersal

Answer 3

Having redundant back up site(s) in different geographic areas to provide resilience when a disaster may affect a large area, such as hurricane in Florida taking out services at a city-wide level

Question 4

Define how a Load Balancer provides network resiliency

Answer 4

Load balancer distributes requests across multiple servers. If a server is down or a new one comes online the load balancer detects this and distributes requests accordingly

Question 5

Define NIC Teaming and 2 benefits

Answer 5

Pooling multiple network cards to respond to network requests
Benefits
1. If a card or the switchport it is connected to goes down, the device maintains network connectivity
2. Increases the network bandwidth/throughput of the device

Question 6

Name 3 types of UPS

Answer 6

1. Offline or stand-by, only provides battery power when there is a total loss of power
2. Line-Interactive, when incoming power level drops (brownout), it supplements with battery power to provide the expected power level
3. Online: always provides power directly from batteries so that there is never an interruption when switching modes

Question 7

What is a major limitation of a UPS?

Answer 7

It can only provide power for a limited time based on the capacity of the battery and number of devices it powers

Question 8

Define generator

Answer 8

It is a fuel sourced power supply that can run as long as fuel is provided

Question 9

Why is UPS still recommended when using a generator?

Answer 9

Because there is a delay before the generator(s) start providing power, usually wait 10-15 seconds before switching over

Question 10

Define dual-power supply

Answer 10

2 identical power supplies that can individually provide all the power required by the device, often hot-swappable so that when one fails or is removed the function of the device is not interrupted

Question 11

Define Managed PDU

Answer 11

Managed power distribution unit, has multiple interfaces to connect to different power sources for redundancy, can be remotely managed and monitored over the network

Question 12

Define SAN

Answer 12

Storage Area Network

Question 13

How does a SAN provide resiliency

Answer 13

Multiple front-ends can write to the SAN allowing continued function if a front-end system fails

Question 14

Define SAN replication

Answer 14

Redundant SANs can be setup so that data replicates between them, allowing continued function if one SAN fails

Question 15

Define 2 SAN replication models

Answer 15

1. Real-time, data is copied to other SAN as soon it is written
2. Snap-shot, data is replicated every x time frame, minimizing data loss if a SAN fails

Question 16

2 Benefits of VM replication

Answer 16

1. Updates only need to be made a “primary” VM and those changes are automatically pushed to other VM instances
2. If a “primary” VM fails, it can be reproduced using from the instance(s) it is replicated to

Question 17

What is the advantage of using cloud-based services (vs local) for data replication?

Answer 17

Cloud-based is less expensive and capacity can be easily increased on-the-fly

Question 18

What are the disadvantages of using cloud-based services (vs local) for data replication?

Answer 18

1. Bandwidth, depending on the amount of data bandwidth limitations might affect how quickly data can be replicated
2. Security, data stored in cloud likely needs to be encrypted in case the cloud-provider is breached

Question 19

Define full-backup

Answer 19

Backs up everything on the system

Question 20

Define incremental backup

Answer 20

Only backs up files that have changed since the last backup, either full or incremental

Question 21

Define differential backup

Answer 21

Backs up everything that has changed since the last full back up

Question 22

What is required to perform a restore from an incremental backup?

Answer 22

The last full backup + every incremental backup since the last full backup

Question 23

What is required to perform a restore from an differential backup?

Answer 23

The last full backup + the last differential backup

Question 24

Distinguish between incremental and differential backups in terms of backup time, restore time, and size

Answer 24

Incremental backup: less time to backup, more time to restore, smaller backup sizes
Differential backup: more time to backup, less time to restore, larger backup size

Question 25

Define 3 attributes of tape backup

Answer 25

1. Data access and writing is sequential, i.e. like a music tape where you have to fast-forward or rewind to find a certain song
2. Tape sizes can range from 100GB to multiple terabytes for each cartridge
3. Easily stored and transported offsite

Question 26

2 Advantages of hard drive backup over tape

Answer 26

1. Faster read/write speed for creating backup and recovering
2. Compression and deduplication allow for more efficient backups

Question 27

What is an image, in terms of system backup

Answer 27

It is an exact copy of an entire system at the time it is taken

Question 28

Name 2 differences between NAS and SAN

Answer 28

1. NAS operates at file-level, so when a file is changed, the entire file is rewritten
   SAN operates at the block-level, so only the changed portions of a file are rewritten
2. NAS typically appears to clients as a file share folder structure

Question 28

What are the 3 differences between NAS and SAN?

Answer 28

1. NAS operates at file-level, so when a file is changed, the entire file is rewritten
   SAN operates at the block-level, so only the changed portions of a file are rewritten
2. NAS typically appears to clients as a file share folder structure
   SAN appears a “drive” to clients
3. NAS is typically connected to network via Ethernet
   SAN typically uses Fibre-channel

Question 29

Define cloud-based backup and provide 2 primary concerns

Answer 29

1. Allow many systems to be backed up to an offsite location
2. Bandwidth limitations may be an issue for how quickly data can be backed up/restored
3. Security during transmission and storage is a consideration

Question 30

Offline vs On-Line backup

Answer 30

Offline backup is typically a fast backup to a dedicated device that typically allows offsite transfer of media
Online backup is typically done in near real-time as files are modified, typically to a cloud-based service

Question 31

Define non-persistence relevant to resiliency

Answer 31

Application instances in the cloud can be constantly added & removed based on demand, they are non-persistent

Question 32

Define snapshot relative to resiliency

Answer 32

Snapshot is a backup of an application instance at specific moment, can be used to restore or revert an application instance

Question 33

What 3 restore options do snapshots provide?

Answer 33

1. Revert to a previous configuration/state
2. Revert to last known good configuration/state
3. Live boot from external media

Question 34

How can VM-based applications provide high-availability and scalability?

Answer 34

Cloud-based VM solutions provide the ability to either have multiple live instances running or the ability to quickly spin-up additional instances

Question 35

How is restoration order relevant to resiliency?

Answer 35

Systems have to be restored in a specific order, for example, the database used by an application should be restored before the application is restored

Question 36

How does diversity in technologies contribute to resiliency?

Answer 36

Using different technologies reduces the exposure of an outage caused by a vulnerability in a specific technology, i.e. zero-day attack

Question 37

How does diversity in vendors contribute to resiliency?

Answer 37

Reduces the risk of security vulnerability specific to a certain vendor’s products and diversifies obtaining support for the products

Question 38

Define diversity in cryptography

Answer 38

Using different cryptography and certificate authorities reduces the risk exposure if one is compromised

Question 39

Define diversity in controls

Answer 39

Diversity in security controls, i.e. network equipment in a key-pad secured area + password required to login to equipment, aka defense in depth