Chapter 9 Flashcards

1
Q

What is two-person integrity?

A

A security principle that requires at least two authorized individuals to perform a task.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can CCTV be used as a compensating control?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is system sprawl?

A

When an organization has more systems than they actually use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is vendor diversity?

A

A security principle that requires multiple vendors to full fill a singular need to diminish SPOF, or to meet multiple needs to increase security resilience.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is technology diversity?

A

The use of various technologies to protect an environment. I.e., CCTV, biometric locks on doors, motion detectors, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is control diversity?

A

The use of or layering of multiple control types to insure security. The use of technical control, physical control, and administrative control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a faraday cage?

A

A Faraday cage is a large room or box that deflects radio frequency from entering or being emanated from the room.

Elevators can also act as faraday cages, as the metal wrapping of the elevator blocks cell signals from reaching the device in the elevator, and the device’s signal within the elevator also does not leave, causing you to s lose reception.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the minimum disks you need for RAID-0, and how is fault tolerance achieved?

A

RAID-0 requires 2 or more disks, however, it does not provide fault tolerance. Data in a RAID-0 arrangement is broken up (Stripped) into pieces (blocks) across the disk array.

RAID-0 does provide performance in its ability to read and write.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the minimum disks you need for RAID-1, and how is fault tolerance achieved?

A

RAID-1 is known as “mirroring (one disk controller) and duplexing (each disk has its own controller).” RAID-1 requires a minimum of 2 disks. Fault tolerance is achieved in this scheme by copying (mirroring) all the data from one disk to the second disk.

To achieve further fault tolerance, a controller can be added to each disk, the process is known as duplexing, to become fault tolerant against the controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the minimum disks you need for RAID-5, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?

A

RAID-5 requires a minimum of 3 disks. RAID-5 uses striping, in additional parity to create fault tolerance. RAID-5 can withstand the loss of 1 disk in its configuration of 3 disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the minimum disks you need for RAID-6, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?

A

RAID-6 requires a minimum of 4 disks. RAID-6 uses striping, in additional parity to create fault tolerance. RAID-6 can withstand the loss of 2 disk in its configuration of 4 disks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the minimum disks you need for RAID-10, and how is fault tolerance achieved?

A

RAID-10 requires a minimum of 4 disks. RAID-10 uses the striping of RAID-0 and the mirroring of RAID-1 to create fault tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the difference between Active-active and Active-passive load balancing?

A

Active-active: All the servers are on/active, the load balancer chooses how to balance the service load by directing traffic to any of the servers that are online. For example, this can be done in a round-robin fashion or by source address affinity.

Active-passive: Some servicers are online, and some are not. In the event a server goes out, a server that was once offline will come online and the load balancer will begin directing traffic to it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is NIC Teaming?

A

Network Interface Card (NIC) teaming is a technology (software) that groups two or more physical NIC into a single software-based virtual network adapter. It also handles load balancing for out going traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are UPSs used for?

A

Uninterrupted power supply (UPS) provides short-term power, giving computers time to logically shut down or stay on long enough for long-term power to be restored. UPS also helps protect against power fluctuation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does generator provide?

A

Generators can provide long-term power during outages or natural disasters.

17
Q

What is the benefit of using disks compared to traditional tapes for storage?

A

Disks provide quicker access than tapes. Disks, however, can be more expensive than tapes.

18
Q

What is NAS?

A

Network-attached storage (NAS) is a dedicated machine (hardware) on the network primarily used for file storage. It can be read from and written to. It typically runs a stripped-down version of Linux for simplicity and to reduce cost.

19
Q

What is a SAN?

A

A storage area network (SAN) is a dedicated high-speed network that is used for data storage. This network of machines consists of multiple disk arrays, switches, and servers that are all interconnected in this network by fiber optics.

20
Q

Why are full backups the easiest and quickest to restore?

A

They only require the one tape that has the full backup and all the data is in one place.

21
Q

What is a differential backup, and how does a full/differential backup strategy work?

A

Differential backup work by backing up all the data since the last full backup.
For example;
A full backup is done on Sunday night, a differential backup would back up all the changes created during Monday’s workday

On Tuesday night all the changes made during Tuesday’s workday and Monday’s backup will be backed up, and so on until the next full backup on Sunday.

In the event of a crash on Wednesday day, you would need 2 tapes, one full backup tape, and the second differential backup tape that includes both Monday’s and Tuesday’s backup.

22
Q

What is an incremental backup, and how does a full/incremental backup strategy work?

A

Incremental backup work by backing up all the data since the last full backup or the last incremental backup.
For example;
A full backup is done on Sunday night, a incremental backup would back up all the changes created during Monday’s workday

On Tuesday night all the changes made during Tuesday’s workday are backed up and would not include Monday’s backup. The same would happen for Wednesday and so on until the next full backup on Sunday.

In the event of a crash on Wednesday day, you would need 3 tapes, 1 full backup tape, Monday’s incremental backup tape, and Tuesday’s incremental backup tape.

23
Q

What does a BIA do?

A

A Business Impact Analysis (BIA) helps the org identify critical systems (that support mission-essential functions) and components and their impact. I also define the maximum downtimes for these systems and potential loss. BIA does not recommend solutions.

24
Q

What is RTO?

A

Recovery Time Objective (RTO) identifies the max amount of time a mission-critical system or service can remain inoperable. If outages last longer than the time indicated by the RTO, it is considered unacceptable.

25
Q

What is RPO?

A

Recovery Point Object (RPO) focuses on the amount of data loss that is acceptable. Or how far back is okay for us to restore from (5 minutes, 24 hrs, a week?).

26
Q

What is MTBF?

A

The Mean Time Between Failures (MTBF) is used to identify how reliable a system was. The greater the average time between system failures the more reliable that system is.

27
Q

What is MTTR

A

The Mean Time To Repair (MTTR) is used to identify the average time it should take to repair a system or to bring it back online.

28
Q

What is COOP?

A

Continuity of Operations Planning (COOP) focuses on restoring mission-essential functions at a recovery site after a critical outage.

29
Q

What is a hot site?

A

A hot site is a recovery site, that is fully equipped with power, utilities, equipment, comms, and data to be operational in a few minutes or within an hour. These sites are generally up and running 24hr/week 7days/week. This a typically another business location supporting non-mission-essential activities.

30
Q

What is a warm site?

A

Warm sites are a step down from the hot site. They are not running 365 days/week. They may include internet, comms, and equipment, but configurations are still needed to be up and running. This site will need the data. This is typically an office space or a warehouse.

31
Q

What is a cold site?

A

Cost sites provide the bare minimum. The building or space, electricity, and restrooms. The equipment, utilities, comms, and data will all need to be installed, configured, and brought to the cold site.

32
Q

What are the recovery steps for the DRP?

A

The general steps to a Disaster Recovery Plan (DRP) are:

  • Activate the disaster recovery plan
  • Implement contingencies
  • Recover critical systems
  • Test recovered systems
  • After-action report (lesson learned)
33
Q

What is a walk-through exercise in DRP?

A

The walk-through is an orientation/workshop of personnel’s roles and responsibilities
as well as introducing personnel to the BCP. Also, they are normally done before a tabletop exercise.

34
Q

What is a tabletop exercise DRP?

A

Tabletop exercises are discussion-based hypothetical scenarios that participants discuss with the exercise operator.

35
Q

What are simulations in DRP?

A

Simulations are the participants to carry out responses and recovery steps in a simulation rather than talk about them as in the other two exercises.