9 - Resilience and Physical Security Flashcards
Be able to explain the importance of security concepts and security controls; given scenarios, implement proper cybersecurity resiliency measures
Naomi wants to deploy a tool that can allow her to scale horizontally while also allowing her to patch systems without interfering with traffic to her web servers. What type of tech should she deploy?
Load Balancer
Rick is performing a backup that captures the changes since the last full backup. What type of backup has he performed?
Differential Backup
What type of recovery site has some or most systems in place but does not have the data needed to take over operations?
Warm Site
Ben wants to implement a RAID array that combines both read and write performance while retaining data integrity if a drive fails. Cost is not a concern compared to speed and resilience. What type of RAID should he use?
RAID 10 (1+0)
Cynthia wants to clone a virtual machine. What should she do to capture a live machine, including the machine state?
A Snapshot
Sally is working to restore her org’s operations after a disaster took her datacenter offline. What critical document should she refer to as she restarts a system?
The Restoration Order Documentation
Mike wants to stop vehicles from traveling toward the entrance of his building. What physical security controls should he implement?
Bollards (eg. physical barriers such as metal pillars or concrete planters/barricades)
Amanda wants to securely destroy data held on DVDs. Which of the following options is NOT a suitable solution for this?
- Degaussing
- Burning
- Pulverizing
- Shredding
Degaussing (which only works on magnetic data)
Why are Faraday cages deployed?
To prevent Electro Magnetic Interference (EMI)
What control specifically helps prevent insider threats?
Two-person Control
Madhuri wants to implement a camera system but is concerned about the amount of storage space that the video recordings will require. What technology can help with this?
Motion-Detecting Cameras
What factor is a major reason organizations do not use security guards?
Cost
Michelle wants to ensure that attackers who breach her network security perimeter cannot gain control of the systems that run the industrial processes her org uses as a part of their business. What type of solution is best suited for this?
An Air Gap (physical separation of systems)
Kathleen wants to discourage potential attackers from entering the facility she is responsible for. What are COMMON controls used for this type of prevention [think: what are basic physical deterrents]?
Fences, Lights, and Signs
How does technology diversity help ensure cybersecurity resilience? [Recall the KEY WORDS.]
It ensures that a VULNERABILITY in a single company’s product with not impact the entire infrastructure; if a single VENDOR goes out of business, the company does not need to replace its entire system; and MISCONFIGURATION will not impact the entire network.