Chapter 9 Flashcards
What is two-person integrity?
A security principle that requires at least two authorized individuals to perform a task.
Can CCTV be used as a compensating control?
Yes
What is system sprawl?
When an organization has more systems than they actually use.
What is vendor diversity?
A security principle that requires multiple vendors to full fill a singular need to diminish SPOF, or to meet multiple needs to increase security resilience.
What is technology diversity?
The use of various technologies to protect an environment. I.e., CCTV, biometric locks on doors, motion detectors, etc.
What is control diversity?
The use of or layering of multiple control types to insure security. The use of technical control, physical control, and administrative control.
What is a faraday cage?
A Faraday cage is a large room or box that deflects radio frequency from entering or being emanated from the room.
Elevators can also act as faraday cages, as the metal wrapping of the elevator blocks cell signals from reaching the device in the elevator, and the device’s signal within the elevator also does not leave, causing you to s lose reception.
What are the minimum disks you need for RAID-0, and how is fault tolerance achieved?
RAID-0 requires 2 or more disks, however, it does not provide fault tolerance. Data in a RAID-0 arrangement is broken up (Stripped) into pieces (blocks) across the disk array.
RAID-0 does provide performance in its ability to read and write.
What are the minimum disks you need for RAID-1, and how is fault tolerance achieved?
RAID-1 is known as “mirroring (one disk controller) and duplexing (each disk has its own controller).” RAID-1 requires a minimum of 2 disks. Fault tolerance is achieved in this scheme by copying (mirroring) all the data from one disk to the second disk.
To achieve further fault tolerance, a controller can be added to each disk, the process is known as duplexing, to become fault tolerant against the controller.
What are the minimum disks you need for RAID-5, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?
RAID-5 requires a minimum of 3 disks. RAID-5 uses striping, in additional parity to create fault tolerance. RAID-5 can withstand the loss of 1 disk in its configuration of 3 disks.
What are the minimum disks you need for RAID-6, and how is fault tolerance achieved, how many disks of the minimal configuration can fail without data loss?
RAID-6 requires a minimum of 4 disks. RAID-6 uses striping, in additional parity to create fault tolerance. RAID-6 can withstand the loss of 2 disk in its configuration of 4 disks.
What are the minimum disks you need for RAID-10, and how is fault tolerance achieved?
RAID-10 requires a minimum of 4 disks. RAID-10 uses the striping of RAID-0 and the mirroring of RAID-1 to create fault tolerance.
What is the difference between Active-active and Active-passive load balancing?
Active-active: All the servers are on/active, the load balancer chooses how to balance the service load by directing traffic to any of the servers that are online. For example, this can be done in a round-robin fashion or by source address affinity.
Active-passive: Some servicers are online, and some are not. In the event a server goes out, a server that was once offline will come online and the load balancer will begin directing traffic to it.
What is NIC Teaming?
Network Interface Card (NIC) teaming is a technology (software) that groups two or more physical NIC into a single software-based virtual network adapter. It also handles load balancing for out going traffic.
What are UPSs used for?
Uninterrupted power supply (UPS) provides short-term power, giving computers time to logically shut down or stay on long enough for long-term power to be restored. UPS also helps protect against power fluctuation
What does generator provide?
Generators can provide long-term power during outages or natural disasters.
What is the benefit of using disks compared to traditional tapes for storage?
Disks provide quicker access than tapes. Disks, however, can be more expensive than tapes.
What is NAS?
Network-attached storage (NAS) is a dedicated machine (hardware) on the network primarily used for file storage. It can be read from and written to. It typically runs a stripped-down version of Linux for simplicity and to reduce cost.
What is a SAN?
A storage area network (SAN) is a dedicated high-speed network that is used for data storage. This network of machines consists of multiple disk arrays, switches, and servers that are all interconnected in this network by fiber optics.
Why are full backups the easiest and quickest to restore?
They only require the one tape that has the full backup and all the data is in one place.
What is a differential backup, and how does a full/differential backup strategy work?
Differential backup work by backing up all the data since the last full backup.
For example;
A full backup is done on Sunday night, a differential backup would back up all the changes created during Monday’s workday
On Tuesday night all the changes made during Tuesday’s workday and Monday’s backup will be backed up, and so on until the next full backup on Sunday.
In the event of a crash on Wednesday day, you would need 2 tapes, one full backup tape, and the second differential backup tape that includes both Monday’s and Tuesday’s backup.
What is an incremental backup, and how does a full/incremental backup strategy work?
Incremental backup work by backing up all the data since the last full backup or the last incremental backup.
For example;
A full backup is done on Sunday night, a incremental backup would back up all the changes created during Monday’s workday
On Tuesday night all the changes made during Tuesday’s workday are backed up and would not include Monday’s backup. The same would happen for Wednesday and so on until the next full backup on Sunday.
In the event of a crash on Wednesday day, you would need 3 tapes, 1 full backup tape, Monday’s incremental backup tape, and Tuesday’s incremental backup tape.
What does a BIA do?
A Business Impact Analysis (BIA) helps the org identify critical systems (that support mission-essential functions) and components and their impact. I also define the maximum downtimes for these systems and potential loss. BIA does not recommend solutions.
What is RTO?
Recovery Time Objective (RTO) identifies the max amount of time a mission-critical system or service can remain inoperable. If outages last longer than the time indicated by the RTO, it is considered unacceptable.
