Chapter 9 Flashcards
Defense in Depth
The use of multiple layers of security to protect resources
Control diversity and vendor diversity are two methods organizations implement to provide defense in depth
Control Diversity
The use of different security control types, such as technical controls, administrative controls, and physical controls
Compare with Vendor Diversity
Vendor Diversity
The practice of implementing security controls from different vendors to increase security
Compare with control diversity
Perimeter
Filler
Buildings
Filler
Secure Work Areas
Filler
Server and Network Rooms
Filler
Hardware
Filler
Airgap
A physical security control that provides physical isolation
Systems separated by an airgap don’t typically have any physical connections to other systems
Proximity Cards
Small credit card-sized cards that activate when they are in close proximity to a card reader
They are often used by authorized personnel to open doors
Tailgating
A social engineering attack where one person follows behind another person without using credentials
Mantraps help prevent tailgating
Mantrap
A physical security mechanism designed to control access to a secure area
A mantrap prevents tailgating
Bollards
Short vertical posts that act as a barricade
Bollards block vehicles but not people
Hot and Cold Aisles
A method commonly used in data centers to keep equipment cool
Cool air flows from the front of the cabinets to the back, making the front aisle cooler and the back aisle warmer
Faraday Cage
A room or enclosure that prevents signals from emanating beyond the room or enclosure
Redundancy
The process of adding duplication to critical system components and networks to provide fault tolerance
Fault Tolerance
The capability of a system to suffer a fault, but continue to operate
Said another way, the system can tolerate the fault as if it never occured
Single point failure
A component within a system that can cause the entire system to fail if the component fails
Disk
Filler
Server
Filler
Power
Filler
RAID
Redundant array of inexpensive disks
Multiple disks added together to increase performance or provide protection against faults
Common types include RAID-1, RAID-5, RAID-6, RAID-10
High Availability
A term that indicates a system or component remains available close to 100 percent of the time
Load Balancer
Hardware or software that balances the load between two or more servers
Scheduling methods include source address IP affinity and round-robin
Round-Robin
A scheduling method used with load balancers
It redirects each client request to servers in a predetermined order
Affinity
A scheduling method used with load balancers
It uses the client’s IP address to ensure the client is redirected to the same server during a session
Full Backup
A type of backup that backs up all the selected data
A full backup could be considered a normal backup
Differential Backup
A type of backup that backs up all the data that has changed or is different since the last full backup
Incremental Backup
A type of backup that backs up all the data that has changed since the last full or incremental backup
Snapshots
A copy of a virtual machine (VM) at a moment in time
If you later have problems with the VM, you can revert it to the state it was in when you took the snapshots
Some backup programs also use snapshots to create a copy of data at a moment in time
Full Backup
A type of backup that backs up all the selected data
A full backup could be considered a normal backup
Time
Filler
Money
Filler
BIA
Business Impact Analysis is a process that helps an organization identify critical systems and components that are essential to the organization’s success
Privacy Threshold Assessment
An assessment used to help identify if a system is processing PII
Compare with privacy impact assessment
Privacy Impact Assessment
An assessment used to identify and reduce risks related to potential loss of PII
Compare with Privacy Threshold Assessment
RTO
Recovery time objective is the maximum amount of time it should take to restore a system after an outage
It is derived from the maximum allowable outage time identified in the BIA
RPO
Recovery point objective is a term that refers to the amount of data you can afford to lose by identifying a point in time where data loss is acceptable
It is often identified in BIA
MTBF
Mean time between failures is a metric that provides a measure of a system’s reliability and is usually represented in hours
The MTBF identifies the average time between failures
MTTR
Mean time to recover is a metric that identifies the average time it takes to restore a failed system
Organizations that have maintenance contracts often specify the MTTR as part of the contract
Continuity of Operations Planning
The planning process that identifies an alternate location for operations after a critical outage
It can include a hot site, cold site, or warm site
Recovery Site
An alternate location for business functions after a major disaster
Hot Site
An alternate location for operations
A hot site typically includes everything needed to be operational within 60 minutes
Compare with cold site and warm site
Cold Site
An alternate location for operations
A cold site will have power and connectivity needed for activation, but little else
Compare with hot site and warm site
Warm Site
An alternate location for operations
A compromise between an expensive hot site and a cold site
Compare with Cold Site and Hot Site
Tabletop Excersize
A discussion-based exercise where participants talk through an event while sitting at a table or in a conference room
It is often used to test business continuity plans
