2.5 Cybersecurity resilience

Question 1

Disk redundancy: what is redundancy?

Answer 1

Duplicate parts of the system so that if a part fails, the redundant part can be used and the organization continue to function. It can be harware, software

Question 2

Disk redundancy: what is geographical dispersal?

Answer 2

Redanduncy created in a complete different geographical area: use multiple data centers in different locations.
It may be part of a disaster recovery process.

Question 3

Disk redundancy: what is multipath I/O (Input/Output)?

Answer 3

Redundancy between network device to make sure a network device continue to work if one fail

Question 4

Disk redundancy: what is RAID?

Answer 4

Redundant Array of Independent Disks is a way of storing the same data in different places on multiple hard disks or solid-state drives (SSDs) to protect data in the case of a drive failure. There are different RAID levels, however, and not all have the goal of providing redundancy

Question 5

Disk redundancy: what are the differents RAID levels ?

Answer 5

• RAID 0: strinping without parity > high performance but no redundancy so loss of data in case of failure
• RAID 1: mirroring > duplicates data for fault tolerance on 1 drive
• RAID 5: stripping with parity > putting pieces of data on separate physical drives and parity info on last physical drive.If we lose data it will rebuild the info based on the parity info

Question 6

Disk redundancy: what are combinaison RAID ?

Answer 6

It is when you have multiple RAID in place: RAID 0+1, RAID 1+0, RAID 5+1 etc
By combining the RAID, you can customize your redundancy for your purpose

Question 7

Network redundancy: what is a load balancer?

Answer 7

A network device that balance the load between multiple servers. If an active server fails, the passive servr takes its place

Question 8

Network redundancy: what is NIC teaming ?

Answer 8

NIC teaming is a technique of grouping physical network adapters to improve performance and redundancy (without using a load balancer). Also known as Load Balancing Fail Over (LBFO)

Question 9

Power redundancy: what is an UPS?

Answer 9

Uninterruptible Power Supply is a device that has battery inside and if the power goes out we use the battery power instead of using the primary power source. It is a temporary ressource

Question 10

Power redundancy: what are the different types of UPS?

Answer 10

• Offline/Standby UPS: enabled only if the power is lost
• Line-interactive UPS: if the voltage is slowly diminishing on the line, the UPS slow ramp up the amount of power being provided
• On-line/Double-conversion UPS: always provide power to devices so the activity is never interupted is the primary resource fail

Question 11

Power redundancy: what are generators?

Answer 11

Long term power backup in case of failure. It can power an entire building.

Question 12

Power redundancy: what is dual-power supplies?

Answer 12

Redundancy for server that provide 2 types of power supplies:
- internal server power supplies
- external power circuits

Question 13

Power redundancy: what is a PDU?

Answer 13

Power Distribution units provide multiple power sources

Question 14

Replication: what is a SAN replication ?

Answer 14

Storage Area Network is a high performance storage with build in redundancy. It shares data between different devices so if one device fails, you can still work with the data.

Question 15

Replication: what is a SAN-to-SAN replication ?

Answer 15

Duplicate data from one data center to another

Question 16

Replication: what is a SAN snapshot ?

Answer 16

It create a state of data based on a point in time (snapchot) and copy that state to other SANs

Question 17

Replication: what is a VM replication ?

Answer 17

Virtual Machine redundancy, if update is done on one VM, it is replicated to all others. It is act as a backup in case of failure

Question 18

Replication: what is a on-premises vs cloud redundancy ?

Answer 18

• Speed: if failure on-prem device are connected faster than cloud
• Money: purchasing you own storage is expensive as compared to cloud costs
• Security: local data is private but data in the cloud require additional security controls (encryption etc

Question 19

Backup Types: what is the archive bit (or archive attribute)?

Answer 19

It is a Windows file attribute that when is set, it indicates that the file has changed since the last backup operation

Question 20

Backup Types: what is a full backup and how is it related to archive bit?

Answer 20

Backup of everything that is stored in an OS and save it. Once the backup is complete, the archive bit is cleared signifyig that no change have been made to that file since the last backup

Question 21

Backup Types: what is a incremental backup ?

Answer 21

It occurs after the full backup, and it backup all of the new or changed files since the last backup.

Question 22

Backup Types: what is a differential backup ?

Answer 22

Save only file that has changed since the last full backup

Question 23

Backup Types: how incremental backup works ?

Answer 23

1/ A full backup is taken first
2/ Subsequent backups contain data changed since the last full backup and last incremental backup: only the file that has changed since the last backup (whether is full or incremental) are saved
3/ A restoration requires the full backup + incremental backups

EX: monday = full backup; tuesday=incremental; wed=incremental; thursday = incremental; friday = recovery so monday full backup + the other day incremental backups

Question 24

Backup Types: how differential backup works ?

Answer 24

1/ A full backup is taken first
2/ Subsequent backups contain data changed since the last full backup
3/A restoration requires the full backup and the last differential backup

Ex: monday= full backup, tuesday=differential so file modified since monday, wed= differential so file modified since monday, thursday=differential so file modified since monday, friday= recovery so full backup+thursday differential backup

Question 25

Backup Types: what are the different backup media?

Answer 25

• Magnetic type: A sequential storage device (from 100GB to multiple terabytes)
• Disk : hard drive (faster than magnetic)
• Copy: exact image of the system at a particular time but do not include versioning

Question 26

Backup Types: what are the different between NAS vs SAN?

Answer 26

• Network Attached Storage (NAS): it provides access to a shared storage device connected over the network.
• Storage Area Network: looks and feels like a local storage device (block level access)

Both requires a lot of bandwidth and may use an isolated network and high speed network technologies

Question 27

Backup Types: what are the other types of backups?

Answer 27

• Cloud: backup to a remote device in the cloud but may be limited by bandwidth
• Image: capture an exactly replica of everything on a storage drive and can restore everything on a partition (inc. OS files and user doc)
• Offline backup: backup to local devices, fast and secure, must be protected, often requires offsite storage for disaster recovery
• Online backup: remote network-connected 3rd party, encrypted, accessible from anywhere, speed is limited

Question 28

Resiliency: why order of restoration is important?

Answer 28

• Application specific: some component may need to be restored first, DB shoudl be restored before the app
• Backup specific: depend on backup type, incremental backups restore the full backup then all subsequent incremental backup, differential backups restore full backup then all differential backup

Question 29

Resiliency: why diversity is important in resiliency?

Answer 29

• Technologies: a 0 day vuln can cause significant outages
• Vendors: a signe vendor can become a disavantage (contract renewal, bad support etc)
• Cryptographic: diverse certificate authorities can provide additional protection
• Controls: administrative controls, physical controls, technical controls should be all combined together to provide security controls