701 - Chapter 9 Flashcards
What type of security control is something you can physically touch such as a lock, a fence, and a ID badge, a security camera?
Physical
What can serve as an access badge to secure access to certain areas? And how do they work? And what can be added to these for multi factor authentication?
Proximity or smart cards… users pass the card near a proximity card reader and the card reader then reads data on the card…a PIN
What else can be used to control access to building and secure spaces to deter security incidents?
Security guards or a receptionist
What physical control can provide reliable proof of a persons, location and activity by identifying who enters and exits secure areas?
Video surveillance
True or false closed circuit television CC TV can be used as a compensating control in some situations
True
What monitors the environment and can detect changes? What are some common types of these?
Sensors… motion detection , noise detection, infrared temperature monitor, pressure monitor, microwaves monitor, ultrasonic waves monitor
What provides a barrier around a property and deters people from entering? What also is visible especially around entrances and can deter attackers from trying to break?
A fence…lights
What is an important to do with lighting? Why and how?
Protect them… because if they don’t work, they can’t do their job… By placing them high enough out of reach or surrounding them with a metal cage
Military bases often erect these, while a business uses these? In both cases, what are they deterring?
Barricades…bollards… a person driving in to the structure that they are protecting
What is a physical barrier between the outside world and a data center, consisting of two sets of interlocking doors designed to create a secure compartment that allows only one person to enter at a time? What are the doors usually equipped with? And what are they preventing?
Access control vestibule… Biometric scanners, RFID card readers or facial recognition systems…tailgating
What is the process of tracking valuable assets throughout their life cycle?
Asset management
what is the process that provides consistent procedures for identifying the need for new assets, And effectively on boarding and managing new vendors
Acquisition/procurement process
What is the process that assigns each asset to a named owner who bears responsibility for the asset and a classification system that identifies as sensitivity and criticality of each asset to the organization?
Assignment/accounting process
What is the process that maintains an inventory of all of the assets owned by the organization and their current current location?
Monitoring and asset tracking process
What is the process to track servers, desktop, computers, laptop computers, router, switches, and other hardware assets?
Hardware asset management
What vulnerabilities can be reduced with a hardware asset management process?
Architecture and design weaknesses, system sprawl and undocumented assets
What automated method can be implemented to assist with inventory control for hardware asset management?
RFID
What involves tracking and managing software licenses, installations, and usage within an organization? And how does it help?
Software asset management… it helps with licensing compliance, optimizes software usage, minimizes the risk of security vulnerabilities associated with unpatched or unauthorized software
What is the security practice of implementing several layers of protection called?
Defense in depth, also known as layered security
What are the different types of diversity for layered security?
Vendor diversity, technology diversity, control diversity
What is the practice of implementing security controls from different vendors to increase security? And What is an example of this?
Vendor diversity…To implement a screened subnet requires two firewalls…using firewalls from different vendors means it is unlikely to develop a vulnerability at the same time in each
What is the practice of using different technologies to protect an environment?
Technology diversity
What is the use of different security control categories to protect an environment called?
Control diversity
What is the practice of illegally capturing credit card data at the point of sale? And what is the practice of making a copy of a credit card using data captured from a magnetic strip called
Credit card skimming… card cloning
What is the type of physical attack that can be rudimentary but effective? And what type of attack will disrupt By going after a power source or flooding it with water to cause a catastrophe?
Brute force attack… environmental attack
What is adding duplication to critical system components and networks called? And what does it provide? And what are these trying to eliminate?
Redundancy… fault tolerance… single point of failure
What are five types of redundancies that organizations will implement?
Disc redundancies using RAID, NIC redundancy with NIC teaming, server redundancies by adding load balancers, power redundancies by adding generators or UPSes, site redundancies by adding hot cold or warm sites
What is any component whose failure results in the failure of an entire system called?
Single point of failure
True or false people can never be a single point of failure
False… if that person is the only one with expertise on how to perform a specific task, they can become a single point of failure
True or false RAID-0 or striping Provides redundancy and fault tolerance
False it provides neither as its benefit is increased read and right performance
What is RAID-1 called? And how does it provide redundancy? And how can redundancy be further added?
Mirroring… By having two discs store the same information… by adding a disc controller to both drives, this is called disc duplexing
What is RAID-5? And what happens if there is a disk failure?
Three or more discs that are striped together and including parity information… The disk can be re-created by reading the remaining good disks information
What is RAID-6? And what is the benefit?
An extension of raid-5 with an additional parity block and disc… if two drives should fail you can still recover the data
What combines the features of mirroring RAID-1 and striping RAID-0?
RAID-10
Of the RAID types, which ones provide fault tolerance and increased data availability? Which can survive the failure of one disc and which can survive the failure of two discs
1,5 and 6…1,5…6
What refers to a system or serviced that needs to remain operational with almost 0 downtime? And what can help achieve this?
Hi availability… high capacity load balancers
What type of load balancer can optimize and distribute data across multiple computers or multiple networks? With this type of load balancing, what type of concept can be implemented?
Active/active… clustering
True or false low balancers are hardware only?
False, they can be software as well
What what does load balancing primarily provide?
Scalability
In load balancers, what insures users will go to a specific server? And what does that provide?
Source address affinity… it provides session persistence
What are the two types of load balancer configuration?
Active/active… active/passive
In load balancing, what configuration ensures that if the active server fails, the inactive server takes over? And what is the monitoring connection between the servers called?
Active/passive… a heartbeat
What are two scheduling methods that an active/active low balance or uses?
Round robin and source IP address affinity
What allows you to group 2 or more physical network adapters into a single software based virtual network adapter?
NIC teaming
True or false NIC teaming eliminates any physical NIC as a single point of failure?
True
What provides short term power and can protect against power fluctuations?
UPS
What can provide a second power supply if a primary power supply fails?
Dual supply
What can provide long-term power during extended outages?
Generators
What can monitor the quality of power such as voltage current and power consumption and report these measurements to central monitoring console?
Managed power distribution units
What are four types of backup media?
Tape, network attached storage NAS, storage area network SAN, cloud storage
Of the backup media, what can be used for real time replication of #DATA?
SAN
What type of backup uses traditional backup media, such as tapes, local discs, drives in a NAS? And what type of stored with a cloud?
Off-line… online
What are two limiting factors to doing full backups all the time?
Time to take the full backup and the cost of storage required for full backups
Which back up starts with a full back up and then backs up data that has changed or is different since that last full back up?
Differential back up
Which back up starts with a full back up and then backs up data that has changed since the last backup?
Incremental back up
If you have unlimited time and money, which back up provides the fastest recovery time? Which back up reduces the amount of time needed perform back ups? Which backup reduces the amount of time needed to restore backups.
Full… incremental… Differential
Which backup captures the data at a moment in time and is commonly used with VMs?
A snapshot back up
What is the process of creating an exact copy of data or a system in real time or near real time? What is the backup technique that records changes to data or file sequentially in a separate log?
Replication… journaling
What is the best way to confirm the integrity of a companies backup data and its process?
Test restores
True or false back up media does not need to be protected with the same level of protection as the data on the back up?
False, it needs to be protected to the same level
What protects back ups against a disaster such as a fire or a flood?
Storing at least one copy of the back ups offsite
What refers to the legal implications when data is stored offsite, if they are stored in a different country, they are subject to that country‘s law?
Data Sovereignty
What plays a vital role in securing backup data both in transit and at rest?
Encryption
What helps an organization predict in plan for potential outages of critical services or functions, and contains the steps used to return critical functions to operations after an outage?
Business continuity plan BCP
This important part of a BCP helps an organization, identifies mission essential functions and critical systems that are essential to the organizations success?
Business impact analysis BIA
What are some of the questions that are addressed by a BIA?
What are the critical systems and functions? are there any dependencies related to those? What is the maximum downtime limit? What scenarios are most likely to impact these? What is the potential loss from these?
What are some of the scenarios that a BIA evaluates?
Natural disasters, fires, attacks, power outages, data loss, hardware/software failures
What is the maximum amount of time it can take to restore a system after an outage? What refers to the amount of data you can afford to lose?
Recovery time objective RTO… recovery point objective RPO
What is the average time between failures called? And what do higher numbers indicate?
Meantime between failures MTBF… a higher reliability in a system
What is the average time it takes to restore a failed system called?
Meantime to repair MTTR
What plan focuses on restoring mission essential functions at a recovery site after a critical outage?
Continuity of operations planning COOP
What is an alternate processing site that an organization has? And what does it offer?
A recovery site…site resilience
What are the three types of recovery sites? And what is important to keep in mind when planning for these sites?
Hot, cold, warm… geographic dispersion
Of the three recovery site types which one includes the personnel, equipment, software, and communication capabilities of the primary site with all the data up-to-date?
Hot site
Which recovery site type provides the shortest recovery time, Is the most effective disaster recovery solution but is also the most expensive to maintain?
Hot site
Which recovery site type requires power and connectivity but not much else? What is a pro and what is a con?
Cold site… cheapest to maintain but most difficult to test
Which recovery site type has all the necessary hardware but not include up-to-date data?
Warm site
What site does not have dedicated locations, but can provide temporary support during a disaster?
A mobile site
When restoring to a primary site after a disaster, which functions are restored first? And why?
The least critical functions… It’s very likely there are still some unknown problems and by moving the lease critical first you will help uncover those problems
What identifies how to recover critical systems and data after a disaster, and often prioritizes the services to restore?
Disaster recovery plan DRP
What validates the disaster recovery plan? And what is the final phase of the DRP?
Testing… An after action report to identify lessons, learn and also any updates to the plan
What is a discussion based version of testing a DRP?
A tabletop exercise
What are functional exercises that allow personnel to test the DRP in a test operational environment?
Simulations
What type of DRP test allows FOR THE PARTICIPANTS TO TAKE ACTUAL PHYSICAL OR ACTIONS?
Parallel processing
Which DRP allows the shutting down of the primary site and testing where the recovery site properly handles the load?
Fail over test
What is the process of determining the resources required to meet the demands of an organizations, operations and growth, and analyzes in forecasts the organizations resource needs?
Capacity planning
What are the three main areas regarding capacity planning?
People, technology, infrastructure
