2.5 Cybersecurity resilience Flashcards
Disk redundancy: what is redundancy?
Duplicate parts of the system so that if a part fails, the redundant part can be used and the organization continue to function. It can be harware, software
Disk redundancy: what is geographical dispersal?
Redanduncy created in a complete different geographical area: use multiple data centers in different locations.
It may be part of a disaster recovery process.
Disk redundancy: what is multipath I/O (Input/Output)?
Redundancy between network device to make sure a network device continue to work if one fail
Disk redundancy: what is RAID?
Redundant Array of Independent Disks is a way of storing the same data in different places on multiple hard disks or solid-state drives (SSDs) to protect data in the case of a drive failure. There are different RAID levels, however, and not all have the goal of providing redundancy
Disk redundancy: what are the differents RAID levels ?
- RAID 0: strinping without parity > high performance but no redundancy so loss of data in case of failure
- RAID 1: mirroring > duplicates data for fault tolerance on 1 drive
- RAID 5: stripping with parity > putting pieces of data on separate physical drives and parity info on last physical drive.If we lose data it will rebuild the info based on the parity info
Disk redundancy: what are combinaison RAID ?
It is when you have multiple RAID in place: RAID 0+1, RAID 1+0, RAID 5+1 etc
By combining the RAID, you can customize your redundancy for your purpose
Network redundancy: what is a load balancer?
A network device that balance the load between multiple servers. If an active server fails, the passive servr takes its place
Network redundancy: what is NIC teaming ?
NIC teaming is a technique of grouping physical network adapters to improve performance and redundancy (without using a load balancer). Also known as Load Balancing Fail Over (LBFO)
Power redundancy: what is an UPS?
Uninterruptible Power Supply is a device that has battery inside and if the power goes out we use the battery power instead of using the primary power source. It is a temporary ressource
Power redundancy: what are the different types of UPS?
- Offline/Standby UPS: enabled only if the power is lost
- Line-interactive UPS: if the voltage is slowly diminishing on the line, the UPS slow ramp up the amount of power being provided
- On-line/Double-conversion UPS: always provide power to devices so the activity is never interupted is the primary resource fail
Power redundancy: what are generators?
Long term power backup in case of failure. It can power an entire building.
Power redundancy: what is dual-power supplies?
Redundancy for server that provide 2 types of power supplies:
- internal server power supplies
- external power circuits
Power redundancy: what is a PDU?
Power Distribution units provide multiple power sources
Replication: what is a SAN replication ?
Storage Area Network is a high performance storage with build in redundancy. It shares data between different devices so if one device fails, you can still work with the data.
Replication: what is a SAN-to-SAN replication ?
Duplicate data from one data center to another
Replication: what is a SAN snapshot ?
It create a state of data based on a point in time (snapchot) and copy that state to other SANs
Replication: what is a VM replication ?
Virtual Machine redundancy, if update is done on one VM, it is replicated to all others. It is act as a backup in case of failure
Replication: what is a on-premises vs cloud redundancy ?
- Speed: if failure on-prem device are connected faster than cloud
- Money: purchasing you own storage is expensive as compared to cloud costs
- Security: local data is private but data in the cloud require additional security controls (encryption etc
Backup Types: what is the archive bit (or archive attribute)?
It is a Windows file attribute that when is set, it indicates that the file has changed since the last backup operation
Backup Types: what is a full backup and how is it related to archive bit?
Backup of everything that is stored in an OS and save it. Once the backup is complete, the archive bit is cleared signifyig that no change have been made to that file since the last backup
Backup Types: what is a incremental backup ?
It occurs after the full backup, and it backup all of the new or changed files since the last backup.
Backup Types: what is a differential backup ?
Save only file that has changed since the last full backup
Backup Types: how incremental backup works ?
1/ A full backup is taken first
2/ Subsequent backups contain data changed since the last full backup and last incremental backup: only the file that has changed since the last backup (whether is full or incremental) are saved
3/ A restoration requires the full backup + incremental backups
EX: monday = full backup; tuesday=incremental; wed=incremental; thursday = incremental; friday = recovery so monday full backup + the other day incremental backups
Backup Types: how differential backup works ?
1/ A full backup is taken first
2/ Subsequent backups contain data changed since the last full backup
3/A restoration requires the full backup and the last differential backup
Ex: monday= full backup, tuesday=differential so file modified since monday, wed= differential so file modified since monday, thursday=differential so file modified since monday, friday= recovery so full backup+thursday differential backup
Backup Types: what are the different backup media?
- Magnetic type: A sequential storage device (from 100GB to multiple terabytes)
- Disk : hard drive (faster than magnetic)
- Copy: exact image of the system at a particular time but do not include versioning
Backup Types: what are the different between NAS vs SAN?
- Network Attached Storage (NAS): it provides access to a shared storage device connected over the network.
- Storage Area Network: looks and feels like a local storage device (block level access)
Both requires a lot of bandwidth and may use an isolated network and high speed network technologies
Backup Types: what are the other types of backups?
- Cloud: backup to a remote device in the cloud but may be limited by bandwidth
- Image: capture an exactly replica of everything on a storage drive and can restore everything on a partition (inc. OS files and user doc)
- Offline backup: backup to local devices, fast and secure, must be protected, often requires offsite storage for disaster recovery
- Online backup: remote network-connected 3rd party, encrypted, accessible from anywhere, speed is limited
Resiliency: why order of restoration is important?
- Application specific: some component may need to be restored first, DB shoudl be restored before the app
- Backup specific: depend on backup type, incremental backups restore the full backup then all subsequent incremental backup, differential backups restore full backup then all differential backup
Resiliency: why diversity is important in resiliency?
- Technologies: a 0 day vuln can cause significant outages
- Vendors: a signe vendor can become a disavantage (contract renewal, bad support etc)
- Cryptographic: diverse certificate authorities can provide additional protection
- Controls: administrative controls, physical controls, technical controls should be all combined together to provide security controls
