2.5 Given a scenario, implement cybersecurity resilience. Flashcards
RAID 0
Stripping without parity
redundant array of independent disk
No redundancy, high performance, and no fault tolerance
Raid 1
Mirroring
Duplicate data for fault tolerance
Requires twice the disk space
Raid 5
Striping with parity
Fault-tolerant only requires an additional disk for redundancy.
Load Balancing
Balance load between multiple servers. The person will access the load balancer, and the load balancer will decide which server the user will get.
Some servers are active, and others are on standby
If the active server does not pass the hello server health check, it will start to use one of the standby servers.
Nic teaming
Also referred to as Load balancing/fail over LBFO.
increase through put and a way to have redundant paths.
Multiple network adapters on a single server.
Within the server the NICs will talk to each other and if one fails it fails over to the other nic.
UPS
Uninterruptible Power Supply.
Short term backup power
helps with blackouts, brownouts and surges.
Offline/Standy UP - short term.
Line-interactive UPS- helps with brown outs and fill in difference for power source
O-line/Double-conversion - expensive, Always on line and always provides power.
generator
Long-term power backup can keep power running for days or weeks at a time.
It can power the entire building.
Usually, there is a 10-15 second waiting period. You would typically combine this with a ups.
SAN replication
Share data between different devices.
If one fails, you can still work with data
Storage Area Network - Specialized high-performance network storage of storage devices.
SAN to SAN replication. Duplicate data from one data center to another.
SAN Snapshot
Create a state of data based on a point of time
Copy that state to other SANs.
VM Replication
Virtual Machine redundancy
Maintain one VM and replicate to others
Consistent service offering
Recover from a replicated copy.
Efficient copying - only replicates the data that has been changed.
On-premise vs Cloud redundancy
Speed :
Local device connections are very fast
cloud connections are much slower.
Money:
Local storage is more expensive. Cloud is cheaper
Security:
Local data is private
Cloud data requires additional security controls
What is an archive bit?
This is a bit in microsoft that tells us that a file system object has been modified.
Full backup
Backs up every single file on the system.
The archive bit is cleared after the backup.
This takes the longest, and restoration time is low.
Incremental backup
After a full backup, you will back up all of the files that have changed since the last backup.
To perform a recovery, you will need all of the previous incremental backups and the full backup.
Restoration time is high due to the need for the full backup and all of the subsequent incremental backup
Archive bit is cleared
differential backup
I will back up all files that have changed since the last full backup.
To restore, you will need the full backup and then the last differential backup.
Take a moderate amount of time to do this backup. But to restore, you only need two sets of backups, The full and the last differential.
Archive bit is not cleared
Magnetic tape
Perfect archive media
sequential storage
Easy to hip and store
Disk
Faster than magnetic tape
deduplicate and compress
Copy or Image
Useful strategy
May not include versioning, may need to keep offsite
NAS
Network-attached Storage
Connect to a shared storage device across the network
File-level access - if you need to change a file, you must rewrite the entire file on the NAS.
Requires a lot of bandwidth
SAS
It looks and feels like a local storage device
block-level access - if you need to change a single portion of a very large file, you only need to change the portion on the disk.
Very efficient reading and writing.
Requires a lot of bandwidth
Cloud backups
Automatic off-site backup functions.
Take files on local device backup to the cloud.
Requires a lot of bandwidth
Image backup
Create an exact duplicate or replica of everything on a storage device, including systems files and your documents.
Offline backup
Backup to local devices
Fast and secure
Must be protected and maintained
requires storage in the offsite facility for disaster recovery.
Online Backup
Constantly accessible and constantly updated throughout the day.
Remote network connected third party.
Encrypted
Speed is limited by network bandwidth
Non persistence
Meaning a system that is always changing. the cloud on non-persistent
High Availability
Redundancy doesn’t always mean always available.
HA(high availability) means always on and always available.
It may include many different components working together.
Active/Active can provide scalability advantages.
Higher Availability almost always means higher cost. There is always another contingency you could add.
Upgrade power, high-quality server components, etc.
Diversity
- Technologies - different OS being used or different security components
-Vendors - using different vendors for different manufacturers and working with different support teams, not relying on any single vendor. - Cryptography - all cryptography is temporary. Diverse certificate authorities.
Controls - Admin controls, physical controls, technical controls. Defense in depth.
Synchronous replication
particularly sensitive to distance. With synchronous replication, sites will replicate with each other at the same time. Latency is a possibility with slow links and long distances.
Synchronous (not Asynchronous) replication indicates data must be written at both sites to be considered valid. A slow link will result in longer wait times for data synchronization.
Asynchronous replication
is a data protection process that indicates data is mirrored from a primary site to a secondary site.
not as particularly sensitive to distance as synchronous due to the one-way synchronization
Raid 6
Redundant array of inexpensive disks (RAID) provides increased system availability and fault tolerance for disks. RAID-6 requires four disks and can survive a failure on two.
Raid 10
Redundant array of inexpensive disks (RAID)-10 combines mirroring and striping in a single system. It delivers better write performance than any other RAID level providing data protection. RAID 10 requires a minimum of four disks.
What is the correct way to bring a Datacenter back up after a loss of power
Step 1. Enable and test power
Step 2. Enable and test infrastructure
Step 3. Enable and test critical network servers
If systems are brought back online in an uncontrolled way, there is the serious risk of causing additional power problems. Due to computer system dependencies, network infrastructure such as switches should be brought online before any computer systems.
Faraday Cage
A Faraday Cage can block electromagnetic fields, radio frequencies, and electrostatic signals. The enclosure can keep signals out and block them from going into the secure area providing a physical security layer.
PDU
A power distribution unit (PDU) distributes power to networking equipment within racks. It provides protection against electrical spikes and can integrate with UPS.
