Chapter 9

Question 1

What is two-person integrity?

Answer 1

A security principle that requires at least two authorized individuals to perform a task.

Question 2

Can CCTV be used as a compensating control?

Answer 2

Yes

Question 3

What is system sprawl?

Answer 3

When an organization has more systems than they actually use.

Question 4

What is vendor diversity?

Answer 4

A security principle that requires multiple vendors to full fill a singular need to diminish SPOF, or to meet multiple needs to increase security resilience.

Question 5

What is technology diversity?

Answer 5

The use of various technologies to protect an environment. I.e., CCTV, biometric locks on doors, motion detectors, etc.

Question 6

What is control diversity?

Answer 6

The use of or layering of multiple control types to insure security. The use of technical control, physical control, and administrative control.

Question 7

What is a faraday cage?

Answer 7

A Faraday cage is a large room or box that deflects radio frequency from entering or being emanated from the room.

Elevators can also act as faraday cages, as the metal wrapping of the elevator blocks cell signals from reaching the device in the elevator, and the device’s signal within the elevator also does not leave, causing you to s lose reception.

Question 8

What are the minimum disks you need for RAID-0, and how is fault tolerance achieved?

Answer 8

RAID-0 requires 2 or more disks, however, it does not provide fault tolerance. Data in a RAID-0 arrangement is broken up (Stripped) into pieces (blocks) across the disk array.

RAID-0 does provide performance in its ability to read and write.

Question 9

What are the minimum disks you need for RAID-1, and how is fault tolerance achieved?

Answer 9

RAID-1 is known as “mirroring (one disk controller) and duplexing (each disk has its own controller).” RAID-1 requires a minimum of 2 disks. Fault tolerance is achieved in this scheme by copying (mirroring) all the data from one disk to the second disk.

To achieve further fault tolerance, a controller can be added to each disk, the process is known as duplexing, to become fault tolerant against the controller.

Question 10

What are the minimum disks you need for RAID-5, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?

Answer 10

RAID-5 requires a minimum of 3 disks. RAID-5 uses striping, in additional parity to create fault tolerance. RAID-5 can withstand the loss of 1 disk in its configuration of 3 disks.

Question 11

What are the minimum disks you need for RAID-6, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?

Answer 11

RAID-6 requires a minimum of 4 disks. RAID-6 uses striping, in additional parity to create fault tolerance. RAID-6 can withstand the loss of 2 disk in its configuration of 4 disks.

Question 12

What are the minimum disks you need for RAID-10, and how is fault tolerance achieved?

Answer 12

RAID-10 requires a minimum of 4 disks. RAID-10 uses the striping of RAID-0 and the mirroring of RAID-1 to create fault tolerance.

Question 13

What is the difference between Active-active and Active-passive load balancing?

Answer 13

Active-active: All the servers are on/active, the load balancer chooses how to balance the service load by directing traffic to any of the servers that are online. For example, this can be done in a round-robin fashion or by source address affinity.

Active-passive: Some servicers are online, and some are not. In the event a server goes out, a server that was once offline will come online and the load balancer will begin directing traffic to it.

Question 14

What is NIC Teaming?

Answer 14

Network Interface Card (NIC) teaming is a technology (software) that groups two or more physical NIC into a single software-based virtual network adapter. It also handles load balancing for out going traffic.

Question 15

What are UPSs used for?

Answer 15

Uninterrupted power supply (UPS) provides short-term power, giving computers time to logically shut down or stay on long enough for long-term power to be restored. UPS also helps protect against power fluctuation

Question 16

What does generator provide?

Answer 16

Generators can provide long-term power during outages or natural disasters.

Question 17

What is the benefit of using disks compared to traditional tapes for storage?

Answer 17

Disks provide quicker access than tapes. Disks, however, can be more expensive than tapes.

Question 18

What is NAS?

Answer 18

Network-attached storage (NAS) is a dedicated machine (hardware) on the network primarily used for file storage. It can be read from and written to. It typically runs a stripped-down version of Linux for simplicity and to reduce cost.

Question 19

What is a SAN?

Answer 19

A storage area network (SAN) is a dedicated high-speed network that is used for data storage. This network of machines consists of multiple disk arrays, switches, and servers that are all interconnected in this network by fiber optics.

Question 20

Why are full backups the easiest and quickest to restore?

Answer 20

They only require the one tape that has the full backup and all the data is in one place.

Question 21

What is a differential backup, and how does a full/differential backup strategy work?

Answer 21

Differential backup work by backing up all the data since the last full backup.
For example;
A full backup is done on Sunday night, a differential backup would back up all the changes created during Monday’s workday

On Tuesday night all the changes made during Tuesday’s workday and Monday’s backup will be backed up, and so on until the next full backup on Sunday.

In the event of a crash on Wednesday day, you would need 2 tapes, one full backup tape, and the second differential backup tape that includes both Monday’s and Tuesday’s backup.

Question 22

What is an incremental backup, and how does a full/incremental backup strategy work?

Answer 22

Incremental backup work by backing up all the data since the last full backup or the last incremental backup.
For example;
A full backup is done on Sunday night, a incremental backup would back up all the changes created during Monday’s workday

On Tuesday night all the changes made during Tuesday’s workday are backed up and would not include Monday’s backup. The same would happen for Wednesday and so on until the next full backup on Sunday.

In the event of a crash on Wednesday day, you would need 3 tapes, 1 full backup tape, Monday’s incremental backup tape, and Tuesday’s incremental backup tape.

Question 23

What does a BIA do?

Answer 23

A Business Impact Analysis (BIA) helps the org identify critical systems (that support mission-essential functions) and components and their impact. I also define the maximum downtimes for these systems and potential loss. BIA does not recommend solutions.

Question 24

What is RTO?

Answer 24

Recovery Time Objective (RTO) identifies the max amount of time a mission-critical system or service can remain inoperable. If outages last longer than the time indicated by the RTO, it is considered unacceptable.

Question 25

What is RPO?

Answer 25

Recovery Point Object (RPO) focuses on the amount of data loss that is acceptable. Or how far back is okay for us to restore from (5 minutes, 24 hrs, a week?).

Question 26

What is MTBF?

Answer 26

The Mean Time Between Failures (MTBF) is used to identify how reliable a system was. The greater the average time between system failures the more reliable that system is.

Question 27

What is MTTR

Answer 27

The Mean Time To Repair (MTTR) is used to identify the average time it should take to repair a system or to bring it back online.

Question 28

What is COOP?

Answer 28

Continuity of Operations Planning (COOP) focuses on restoring mission-essential functions at a recovery site after a critical outage.

Question 29

What is a hot site?

Answer 29

A hot site is a recovery site, that is fully equipped with power, utilities, equipment, comms, and data to be operational in a few minutes or within an hour. These sites are generally up and running 24hr/week 7days/week. This a typically another business location supporting non-mission-essential activities.

Question 30

What is a warm site?

Answer 30

Warm sites are a step down from the hot site. They are not running 365 days/week. They may include internet, comms, and equipment, but configurations are still needed to be up and running. This site will need the data. This is typically an office space or a warehouse.

Question 31

What is a cold site?

Answer 31

Cost sites provide the bare minimum. The building or space, electricity, and restrooms. The equipment, utilities, comms, and data will all need to be installed, configured, and brought to the cold site.

Question 32

What are the recovery steps for the DRP?

Answer 32

The general steps to a Disaster Recovery Plan (DRP) are:

• Activate the disaster recovery plan
• Implement contingencies
• Recover critical systems
• Test recovered systems
• After-action report (lesson learned)

Question 33

What is a walk-through exercise in DRP?

Answer 33

The walk-through is an orientation/workshop of personnel’s roles and responsibilities
as well as introducing personnel to the BCP. Also, they are normally done before a tabletop exercise.

Question 34

What is a tabletop exercise DRP?

Answer 34

Tabletop exercises are discussion-based hypothetical scenarios that participants discuss with the exercise operator.

Question 35

What are simulations in DRP?

Answer 35

Simulations are the participants to carry out responses and recovery steps in a simulation rather than talk about them as in the other two exercises.