2.5 Given a scenario, implement cybersecurity resilience

Question 1

Summarize REDUNDANCY

Answer 1

Redundancy means to have more than one of some functioning feature of a system or even another complete system. With fault tolerance, the secondary storage, the system, and the network are online and ready to go. If something goes wrong, the data on the storage or the services provided by the system can have a minimal amount of disruption. Second, redundancy provides high availability. High availability means using redundancy in such a way as to ensure that certain levels of operational performance are balanced against risk. Third, you can work on one of your services offline with minimal impact to your customers, whether that’s adding capacity or repairing a component.

Question 2

Summarize GEOGRAPHICAL DISPERSAL

Answer 2

The gold standard for system redundancy is to make perfect copies of the same system and spread them apart geographically, then use the Internet to keep the copies identical. Geographic dispersal protects from natural disasters and widespread Internet disruption. You can set up your own dispersed servers, but virtualization services make it easy.

Question 3

Summarize REDUNDANT ARRAY OF INEXPENSIVE DISKS(RAID) LEVELS

Answer 3

Redundant array of inexpensive disks (RAID) is a fault tolerance technology that spans data across multiple hard disk drives or solid state drives within a server or workstation. This level of fault tolerance specifically addresses hard drive failure and balances the need for data redundancy with speed and performance.

Question 4

Summarize RAID 0

Answer 4

Disk striping; does not use mirroring or parity; provides for performance only with no redundancy.

Question 5

Summarize RAID 1

Answer 5

Disk mirroring; all data is completely duplicated on both disks; uses no striping or parity but provides for full redundancy at the expense of the loss of half the total available disk space for duplication.

Question 6

Summarize RAID 5

Answer 6

Disk striping with parity; parity information is spread across all disks evenly; 1/n of the total disk space available is used for parity.

Question 7

Summarize RAID 6

Answer 7

Disk striping with double distributed parity; this allows for failure of up to two drives.

Question 8

Summarize RAID 1 + 0 OR RAID 10

Answer 8

Disk mirroring with striping; combines both RAID levels 0 and 1 for performance and redundancy; a stripe of two mirrored arrays.

Question 9

Summarize RAID 0 + 1

Answer 9

Disk striping with mirroring; combines both RAID levels 0 and 1 for performance and redundancy; a mirror of two striped arrays.

Question 10

Summarize redundancy in a MULTIPACK disk

Answer 10

A multipath solution provides more than one way to access storage. A RAID 1 implementation with two controllers, one for each drive, is the traditional multipath solution (called disk duplexing, as you might recall from CompTIA A+ studies). More than one connection to a SAN is also a typical implementation of multipath.

Question 11

Summarize a LOAD BALANCER

Answer 11

A load balancer is a network device used to provide efficient and seamless workload sharing between network devices (such as routers or firewalls) or hosts, typically Web or file servers or storage devices. As you might suspect from the name, load balancers provide load balancing to the network. Implement load balancers in a scenario where you need to enhance cybersecurity resilience.

Question 12

Summarize NETWORK INTERFACE CARD (NIC) TEAMING

Answer 12

Network interface cards rarely fail, but when one does, the system with the bad NIC is offline until the NIC is replaced. Network interface card (NIC) teaming addresses this issue by using two or more NICs on a single system that act as though they are a single NIC with one MAC address and one IP addresses. Not only does NIC teaming increase throughput (sort of), but if one NIC fails, the other continues to work.

Question 13

Summarize UNINTERRUPTIBLE POWER SUPPLY(UPS)

Answer 13

An uninterruptible power supply (UPS) uses a small battery (often the same type used in motorcycles) as a backup power source if the power ever sags or goes out completely. It’s very common to place a UPS at the bottom of an equipment rack, powering all the devices on the rack with quality, dependable power. A UPS is designed to power a system for a few minutes to enable an orderly shutdown.

Question 14

Summarize a GENERATOR

Answer 14

If you need to ensure that a system has uninterrupted power for an extended period of time after a power failure, you need to consider an onsite generator as a source of backup electricity. Generators are expensive, but if you need real backup power, this is your only choice.

Question 15

Summarize a DUAL SUPPLY

Answer 15

Many higher-end devices support dual power supplies. These aren’t complicated: if one power supply goes out, the other takes over. The only trick to dual power supplies is to make sure you buy a product that supports them and also make sure that product comes with two power supplies.

Question 16

Summarize MANAGED POWER DISTRIBUTION UNITS(PDUs)

Answer 16

You need to distribute the power coming from your UPS to the devices. Plus you need to ensure that you have sufficient outlets for all the gear on the rack. That’s where a power distribution unit (PDU) comes into play. At the simplest end a simple power strip is a PDU, but if you’re going to distribute power, why not use a managed PDU that can monitor power usage, send alarms, and so forth?

Question 17

Summarize REPLICATION

Answer 17

You’ll see this aspect of VMs—the capability to push out multiple identical copies—categorized as replication on the CompTIA Security+ exam.

Question 18

Summarize a STORAGE AREA NETWORK(SAN)

Answer 18

A storage area network (SAN) is a network storage that enables you to access the shared folders by using block-level controls rather than the network stack. This gives SANs some unique capabilities, mainly on-the-fly volume creation/manipulation. On a SAN, you just tell the SAN controller to add another disk to your local system. You can create a new volume or you can mount an existing volume.

Question 19

Summarize a VM in regards to cybersecurity resilience

Answer 19

You’ll see this aspect of VMs—the capability to push out multiple identical copies—categorized as replication on the CompTIA Security+ exam. With a master image—the desktop environment for users of very specific hardware and configurations—a central server can push that image to every local computer. Automation/scripting can make rollouts regular, such as after patch Tuesday—and configuration validation (i.e., it works!)—so users always have up-to-date builds. This kind of automated course of action helps keep systems current.

Question 20

Summarize ON-PREMISES VS. CLOUD

Answer 20

Nothing beats virtualization, especially cloud-based services, for giving you all the benefits of redundancy, especially high availability, without outrageous cost and time. Virtualization solutions are incredibly scalable.

Question 21

Summarize a FULL BACKUP

Answer 21

In a full backup, regardless of whether you back up a shared folder, a single hard drive, a RAID array, or an entire server, everything is included in the backup set.

Question 22

Summarize an INCREMENTAL BACKUP

Answer 22

The incremental backup typically backs up only files that have changed since the last full backup. In other words, when an incremental backup runs, it backs up only the files that have the archive bits turned on. After it backs up those files, it turns off the archive bits. Because data can change daily, incremental backups should run daily as well.

Question 23

Summarize a SNAPSHOT

Answer 23

A snapshot stores a version of an operating system (including applications) at a given moment in time. These are common for individual system backups, such as restore points in Windows and Time Machine backups in macOS. For servers and such, a snapshot as a backup refers to the powerful feature with virtual machines that enables you to save a version of a functional VM to restore very quickly if anything negative happens to the functional server.

Question 24

Summarize a DIFFERIENTIAL BACKUP

Answer 24

The differential backup also gets only a subset of the total data and is also based upon the archive bit setting. However, the major difference between a differential backup and an incremental backup is that the differential backup does not clear the archive bit—it leaves it turned on. One advantage to differential backups, however, is that if you must restore data, you restore the full backup first, followed by only the last differential backup to be executed.

Question 25

Summarize a TAPE BACKUP

Answer 25

Preferred backup media has changed over the years because, progress. Traditionally, magnetic tape provided incredibly inexpensive storage with the offset of very slow (compared to any other storage media) restore times.

Question 26

Summarize a COPY

Answer 26

make a replica of a drive for storage elsewhere. One important difference here between the standard full backup method and copy or image is that the latter two do not turn off the archive bit.

Question 27

Summarize a NETWORK-ATTACHED STORAGE(NAS)

Answer 27

A network-attached storage (NAS) system is a standalone box filled with removable hard drives. The NAS operating system enables remote access and monitoring and often a lot of other features handy for consumers, such as media centers and the like. NAS devices provide file-based storage of data. To LAN devices, in other words, accessing the NAS is precisely the same as accessing another computer’s shared folder over a network.

Question 28

Summarize a CLOUD BACKUP

Answer 28

The movement to back up in the cloud, harnessing concentrated storage power managed by someone else, has consumed IT, from individual users all the way up to the mightiest enterprises. Because it makes sense.

Question 29

Summarize an IMAGE

Answer 29

make a replica of a drive for storage elsewhere.

Question 30

Summarize OFFLINE VS. ONLINE

Answer 30

The concept of online versus offline backups refers to the state of the data at the time of the backup. ONLINE BACKUPS means the backup happens while the database is live and in use by however many numbers of simultaneous users. This has the advantage of not disrupting any use of the database.

With an OFFLINE BACKUP, in contrast, the database is shut down. The process backs up a clean copy of the database files and, with SAP at least, stores no log files because no changes happen to the database during the backup.

Question 31

Summarize OFFSITE STORAGE

Answer 31

Storing backup drives at a location distant from your primary organization provides essential security in the event of a disaster. Keeping a backup of our critical data—financial information, intellectual property, and so on—in some storage facility that’s not going to be affected by Hurricane [name] next year is essential.

Question 32

Summarize DISTANCE CONSIDERATIONS

Answer 32

Although cloud access can seem instant for many users, the distance between your primary location and online services and storage can make a difference in recovery from disasters.

Question 33

Summarize REVERTING TO KNOWN STATE

Answer 33

Every major OS has some form of revert/rollback method to bring a system back to a previous state, what the CompTIA Security+ objectives call revert to known state. All revert/rollback methods work by making the OS aware of changes and then storing files or settings in such a way that techs can look up previous states and tell the OS to go back to one of those states.

Question 34

Summarize LAST KNOWN-GOOD CONFIGURATION

Answer 34

Older Windows versions (such as Windows 7) offered a boot feature called last known good configuration that enabled quick recovery from installation of a buggy driver. The feature was especially useful with buggy video card drivers.

Question 35

Summarize LIVE BOOT MEDIA

Answer 35

Live boot media are complete, installed operating systems that exist on bootable media. The names change to match the media. On optical media, for example, they’re called live CDs; for consistency, bootable flash-media drives should be called live sticks (they’re not), but they’re usually just called bootable USB flash drives. Live boot media are very popular in Linux environments, giving you an opportunity to try a Linux distro without installing it on your hard drive.

Question 36

Summarize HIGH AVAILABILITY

Answer 36

High availably means using redundancy in such a way as to ensure that certain levels of operational performance are balanced against risk.

Question 37

Summarize RESTORATION ORDER

Answer 37

Contingency planning next examines these assets for degree of impact to the business in the event they are lost or nonfunctional during a disaster, and then prioritizes them for order of restoration.

Question 38

Summarize DIVERSITY

Answer 38

Diversity refers to the practices of using a variety of technologies, vendors, cryptographic systems, and controls to avoid the possibility that all systems have the same vulnerability and can be taken out en masse.

Question 39

Summarize diversity in VENDORS

Answer 39

Security people have a tendency to stick with single technologies, crypto, and controls from preferred vendors. Why not? We know they work, we know how to use them, and we know how to fix them. The danger with such a lack of diversity is the possibility that all systems have the same vulnerability and can be taken out en masse.

When organizations rely on multiple redundant technologies, vendors, cryptographic systems, and security controls, that diversity provides cybersecurity resilience.

Question 40

Summarize diversity in CRYPTO

Answer 40

Security people have a tendency to stick with single technologies, crypto, and controls from preferred vendors. Why not? We know they work, we know how to use them, and we know how to fix them. The danger with such a lack of diversity is the possibility that all systems have the same vulnerability and can be taken out en masse.

When organizations rely on multiple redundant technologies, vendors, cryptographic systems, and security controls, that diversity provides cybersecurity resilience.

Question 41

Summarize diversity in CONTROLS

Answer 41

Security people have a tendency to stick with single technologies, crypto, and controls from preferred vendors. Why not? We know they work, we know how to use them, and we know how to fix them. The danger with such a lack of diversity is the possibility that all systems have the same vulnerability and can be taken out en masse.

When organizations rely on multiple redundant technologies, vendors, cryptographic systems, and security controls, that diversity provides cybersecurity resilience.