2.5 Cybersecurity Resilience Flashcards
Define 3 Common RAID levels
- RAID 0 - striping
- RAID 1 - mirroring
- RAID 5 - striping w/ parity
Define Multipath relative to disk redundancy
When using SAN or NAS, create multiple physical paths to maintain connectivity if a switch or fiber cable fails, for example
Define Geographic Dispersal
Having redundant back up site(s) in different geographic areas to provide resilience when a disaster may affect a large area, such as hurricane in Florida taking out services at a city-wide level
Define how a Load Balancer provides network resiliency
Load balancer distributes requests across multiple servers. If a server is down or a new one comes online the load balancer detects this and distributes requests accordingly
Define NIC Teaming and 2 benefits
Pooling multiple network cards to respond to network requests
Benefits
1. If a card or the switchport it is connected to goes down, the device maintains network connectivity
2. Increases the network bandwidth/throughput of the device
Name 3 types of UPS
- Offline or stand-by, only provides battery power when there is a total loss of power
- Line-Interactive, when incoming power level drops (brownout), it supplements with battery power to provide the expected power level
- Online: always provides power directly from batteries so that there is never an interruption when switching modes
What is a major limitation of a UPS?
It can only provide power for a limited time based on the capacity of the battery and number of devices it powers
Define generator
It is a fuel sourced power supply that can run as long as fuel is provided
Why is UPS still recommended when using a generator?
Because there is a delay before the generator(s) start providing power, usually wait 10-15 seconds before switching over
Define dual-power supply
2 identical power supplies that can individually provide all the power required by the device, often hot-swappable so that when one fails or is removed the function of the device is not interrupted
Define Managed PDU
Managed power distribution unit, has multiple interfaces to connect to different power sources for redundancy, can be remotely managed and monitored over the network
Define SAN
Storage Area Network
How does a SAN provide resiliency
Multiple front-ends can write to the SAN allowing continued function if a front-end system fails
Define SAN replication
Redundant SANs can be setup so that data replicates between them, allowing continued function if one SAN fails
Define 2 SAN replication models
- Real-time, data is copied to other SAN as soon it is written
- Snap-shot, data is replicated every x time frame, minimizing data loss if a SAN fails
2 Benefits of VM replication
- Updates only need to be made a “primary” VM and those changes are automatically pushed to other VM instances
- If a “primary” VM fails, it can be reproduced using from the instance(s) it is replicated to
What is the advantage of using cloud-based services (vs local) for data replication?
Cloud-based is less expensive and capacity can be easily increased on-the-fly
What are the disadvantages of using cloud-based services (vs local) for data replication?
- Bandwidth, depending on the amount of data bandwidth limitations might affect how quickly data can be replicated
- Security, data stored in cloud likely needs to be encrypted in case the cloud-provider is breached
Define full-backup
Backs up everything on the system
Define incremental backup
Only backs up files that have changed since the last backup, either full or incremental
Define differential backup
Backs up everything that has changed since the last full back up
What is required to perform a restore from an incremental backup?
The last full backup + every incremental backup since the last full backup
What is required to perform a restore from an differential backup?
The last full backup + the last differential backup
Distinguish between incremental and differential backups in terms of backup time, restore time, and size
Incremental backup: less time to backup, more time to restore, smaller backup sizes
Differential backup: more time to backup, less time to restore, larger backup size
Define 3 attributes of tape backup
- Data access and writing is sequential, i.e. like a music tape where you have to fast-forward or rewind to find a certain song
- Tape sizes can range from 100GB to multiple terabytes for each cartridge
- Easily stored and transported offsite
2 Advantages of hard drive backup over tape
- Faster read/write speed for creating backup and recovering
- Compression and deduplication allow for more efficient backups
What is an image, in terms of system backup
It is an exact copy of an entire system at the time it is taken
Name 2 differences between NAS and SAN
- NAS operates at file-level, so when a file is changed, the entire file is rewritten
SAN operates at the block-level, so only the changed portions of a file are rewritten - NAS typically appears to clients as a file share folder structure
What are the 3 differences between NAS and SAN?
- NAS operates at file-level, so when a file is changed, the entire file is rewritten
SAN operates at the block-level, so only the changed portions of a file are rewritten - NAS typically appears to clients as a file share folder structure
SAN appears a “drive” to clients - NAS is typically connected to network via Ethernet
SAN typically uses Fibre-channel
Define cloud-based backup and provide 2 primary concerns
- Allow many systems to be backed up to an offsite location
- Bandwidth limitations may be an issue for how quickly data can be backed up/restored
- Security during transmission and storage is a consideration
Offline vs On-Line backup
Offline backup is typically a fast backup to a dedicated device that typically allows offsite transfer of media
Online backup is typically done in near real-time as files are modified, typically to a cloud-based service
Define non-persistence relevant to resiliency
Application instances in the cloud can be constantly added & removed based on demand, they are non-persistent
Define snapshot relative to resiliency
Snapshot is a backup of an application instance at specific moment, can be used to restore or revert an application instance
What 3 restore options do snapshots provide?
- Revert to a previous configuration/state
- Revert to last known good configuration/state
- Live boot from external media
How can VM-based applications provide high-availability and scalability?
Cloud-based VM solutions provide the ability to either have multiple live instances running or the ability to quickly spin-up additional instances
How is restoration order relevant to resiliency?
Systems have to be restored in a specific order, for example, the database used by an application should be restored before the application is restored
How does diversity in technologies contribute to resiliency?
Using different technologies reduces the exposure of an outage caused by a vulnerability in a specific technology, i.e. zero-day attack
How does diversity in vendors contribute to resiliency?
Reduces the risk of security vulnerability specific to a certain vendor’s products and diversifies obtaining support for the products
Define diversity in cryptography
Using different cryptography and certificate authorities reduces the risk exposure if one is compromised
Define diversity in controls
Diversity in security controls, i.e. network equipment in a key-pad secured area + password required to login to equipment, aka defense in depth