3.4 Explain the importance of resilience and recovery in security architecture

Question 1

! High Availability

Answer 1

Ensures continuous service with minimal downtime using load balancing, clustering, redundancy, and multi-cloud strategies.

• Key Differences:
  
  • Load Balancing: Distributes tasks for optimal performance.
  • Clustering: Active teamwork—systems share tasks and support each other. Provides failover
  • Redundancy: Passive backup—used only during failure. Provides fault tolerance

Load Balancing is about distributing requests across multiple servers for optimized performance.

Clustering is about connecting servers to act as a single entity, ensuring redundancy and fault tolerance.

Use Clustering when you need high availability, shared resources, or when servers must work together on complex tasks.

Use Load Balancing when managing traffic for stateless, independent servers, especially in applications where adding or removing servers as traffic changes is a priority.

Question 2

Capacity Planning

Answer 2

Prepares for future demands efficiently.

• People: Forecast needs and ensure the right skills.
  
  • Example: Hire seasonal staff.
• Technology: Plan for scalability and future use.
  
  • Example: Handle traffic spikes on platforms.
• Infrastructure: Optimize spaces and utilities.
  
  • Example: Allocate data center space.
• Processes: Improve workflows and efficiency.
  
  • Example: Automate onboarding.

Question 3

Powering Data Centers

Answer 3

• Line Conditioners: Stabilize voltage and filter fluctuations; not suitable for major power losses.
• Uninterruptible Power Supplies (UPS): Provide emergency power with battery backup for 15-60 minutes and offer line conditioning.
• Generators: Types: Portable gas-engine, permanently installed, battery-inverter.
• Power Distribution Centers (PDC): Receive signal from the source and distribute power with circuit protection, monitoring, and load balancing; integrate with UPS and generators.

Question 4

Data Backups

Answer 4

• Onsite vs. Offsite Backups
• Backup - full backup
• Differential Backup: Backs up all data changed since the last full backup.
• Incremental Backup: Backs up data changed since the last full or incremental backup.
• Snapshots: Capture point-in-time data, storing only changes to save space. Not a real backup
• Replication: Copies data in real-time

Question 5

Continuity of Operations Plan (COOP)

Answer 5

• Business Continuity Plan (BCP): INCIDENT. Involves preventative actions and recovery steps
• Disaster Recovery Plan (DRP): DISASTER. Subset of BC Plan, focuses on quick recovery from disasters (e.g., floods, fires).

Business Continuity Committee - representatives from various departments (IT, Legal, Security, Communications, etc.)

Question 6

Redundant Site Considerations

Answer 6

Types of Continuity Locations:

• Hot Site: Continuously running; instant switchover
• Warm Site: Partially equipped; ready in days
• Cold Site: Minimal setup; ready in 1-2 months
• Mobile Site: Portable units (hot, warm, or cold); flexible deployment.
• Virtual Sites: - hot, warm, or cold

Question 7

Resilience and Recovery Testing

Answer 7

General

• Resilience Testing: Checks if systems stay strong during disruptions with exercises
• Recovery Testing: Tests the system’s ability to restore operations after disruptions

Types

• Tabletop Exercises: Scenario-based discussions among stakeholders to assess preparedness, identify gaps, and promote teamwork.
• Failover Tests: Controlled transition from primary to backup components
• Simulations: Virtual scenarios to test real-time responses, assess performance, and provide feedback for improvement. Red and blue teams involved
• Parallel Processing: Runs primary and backup systems simultaneously to test stability and ensure no disruptions during failures.