Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ > Chapter 12: Disaster Recovery and Incident Response > Flashcards

Chapter 12: Disaster Recovery and Incident Response Flashcards

1
Q

Business Continuity

A

The act of hardening your business, essentially. Making it easier to recover from disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Business Continuity Planning (BCP)

A

Implementing policies, controls, and procedures to plan for recovery from failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Critical Business Functions (CBFs)

A

Identifying which aspects of your business are most important to restore ASAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Business Impact Analysis (BIA)

A

Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk Assessment

A

How likely is an attack or failure to occur?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the most common reasons you’ll have to restore information from a backup?

A
  • Accidental deletion
  • Application errors
  • Natural Disasters
  • physical attacks
  • Server failure
  • Virus infection
  • Workstation failure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Working Copies (Shadow Copies)

A

Partial or full backups stored for the purpose of immediate recovery. They’re updated pretty frequently

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Journaled File System (JFS)

A

A log file of all changes and transactions that occur within a set period of time, so you can recover after a crash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Onsite Storage

A

Your means of backup storage are right there in your building. These systems are in a protected environment rated for fire, moisture, and pressure <b>resistance</b>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Offsite Storage

A

Your means of backup are located elsewhere. This can range from your backup being at a remote office, or a high-security, nuclear-hardened facility. See the Mormon Church’s Granite Mountain Records Vault.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Disaster Recovery Plan

A

Your plan to recover after a disaster, such as system failure, network failure, natural disaster, etc. It’s primarily focused on reestablishing services and minimizing losses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Database System Backup Plans

A

Keep your databases backed up. This could be a SAN kind of deal, or even on magnetic tapes (which are becoming less and less prevalent).
-You should decide based on the needs of the company what information gets backed up, which changes get backed up, and how often/under what conditions data gets written

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

User Files Backup Plans

A

You will have to backup a humongous amount of user files, which can seem daunting at first, but the nice thing is that once these files are created, they probably won’t be modified super often. This means that when a new backup is made, you only have to backup new files and newly modified files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Applications Backup Plans

A

Keep one single up to date backup for each application the company needs, and if it needs to be restored system-wide, you can deploy it to every computer right from the backup media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Hierarchal Storage Management (HSM)

A

Continuous online backup. It appears as an infinite disk to your system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Creating a backup in SUSE Enterprise

A
  • Log in as root, start YaST
  • Choose System and System Backup
  • Click Profile Management and choose Add, then enter a name for the new profile
  • Click OK
  • Enter a backup name (with the path you want), and make sure that the archive type is set to a tar variety
  • At the File Selection window, leave all the default options
  • Leave the Search Constraints at default
  • At the main YaST System Backup dialog box, click Start Backup.
17
Q

Grandfather, Father, and Son backup plan

A

When you do full backups, you keep the previous two. So the son is the most recent one, and when a new backup is created it becomes the father, then the grandfather. Each monthly backup replaces the monthly backup from the previous year, which is stored at an offsite facility. Common practice keeps backups for seven eyars.

18
Q

Full Archival backup plan

A

All backups are kept forever. This pretty mcuh eliminates the potential for data loss.

19
Q

Backup Server backup plan

A

You have a large server with a lot of disk space that does nothing but store backup data. Time to crack out the Dell Storage Array!

20
Q

Backout vs. Backup

A

A backout is undoing a change that was made that fucked somethign up.

21
Q

Alternative Site

A

When you have a backup site so if your power is out for a long period of time, you can operate from another site.

22
Q

Hot Site

A

A location that con provide operations very soon after failure. It would contain everything you need; servers, networks, telecommunications, etc. They’re expensive, and only should be used for short-term situations.

23
Q

Warm Site

A

Like a less functional hot site. The customer will have to do more work for things to be operational.

24
Q

Cold Site

A

A facility that’s not immediately ready to use. You have this site sitting here for your usage, but after data failure you’ll have to get people to bring their own architecture in, set up systems, and THEN get going. this can take months.

25
Q

Incident Response Policies

A

When incidents occur, how exactly will you respond?

26
Q

Computer Security Incident Response Team (CSIRT)

A

You throw a team together after an incident occurs to try and get the situation rectified as soon as possible.

27
Q

The steps of incident Response

A
  1. Identify the incident
    - What happened? Do you need to escalate the problem?
  2. Investigating the Incident
    - Where did this come from? What tools may have been used to cause this incident?
  3. Repairing the Damage
    - Begin to rectify the problems
  4. Document and report the response
    - Keep full and comprehensive documents of the steps you took to remediate. Report your findings and solutions to whoever needs to see them
  5. Adjusting procedures
    - How will you stop this from happening again?
28
Q

Act in Order of Volitality (OOV)

A

Deal with the biggest problems first

29
Q

Forensics steps

A
  • OOV
  • Capture a system image
  • document network traffic and logs
  • capture video
  • record time offset
  • take hashes
  • Capture screenshots
  • talk to witnisses
  • track man hours and expenses
30
Q

Tabletop exercises

A 
Simulations of disasters. There are five levels of testing:
-Document review
-Walkthrough
0Simulation
0Parallel Test
0Cutover Test
31
Q

Code Escrow

A

The storage and conditions of source code release that may be given to you by a vendor.

32
Q

Three types of penetration testing

A

Black Box
-The tester has no knowledge of your system
White Box
-The tester knows a lot about your system. This is to simulate an insider attack
Gray Box
-The middle ground between the two

CompTIA Security+ (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions