Chapter 9 – Operations Management Flashcards
What is OS Logging?
Integral toolsets for monitoring performance and events; set OS logs to alert admins when usage approaches a level of capacity utilization, performance degradation, CPU usage, memory usage, disk space, disk I/O timing.
What is the ASHRAE recommended temperature range for data centers?
64-81 degrees F.
What is the ASHRAE recommended humidity range for data centers?
Dew point 42-59 degrees F; 60% relative humidity.
What is Maintenance Mode?
All operational instances are removed from the system/device before entering this mode; prevent all new logins; ensure logging is continued; begin enhanced logging.
What does CI/CD stand for?
Continuous Integration/Continuous Delivery; incorporates heavy use of automation to shorten software delivery pipeline; includes administrative and technical controls.
What is ISO/IEC 20000-1?
Defines a set of operational controls and standards organizations can use to manage IT services; used to manage ITSM using approaches of ITIL and ISACA COBIT framework.
What is the goal of IT Service Management (ITSM)?
To identify user needs, design IT service to meet those needs, deploy it, then enter a cycle of continuous improvements.
What is the focus of Business Continuity (BC) efforts?
Maintaining critical operations.
What is the focus of Disaster Recovery (DR) efforts?
Resumption of operations due to disaster.
What is the difference between an event and a disaster?
An event is an unscheduled impact to the operating environment lasting three days or less; disasters last longer.
What is the most important planning and effort in BC/DR?
Health and human safety; notification, evacuation, protection, and egress will need to be prioritized.
What does MAD stand for?
Maximum Allowable Downtime; how long an interruption will stop operations.
What is MTTR?
Mean Time to Repair; average amount of time it takes to repair a system/device that is down.
What is RTO?
Recovery Time Objective; BC/DR goal for recovery of operation, measured in time; must be less than the MAD.
What is RPO?
Recovery Point Objective; BC/DR goal for limiting loss of data from unplanned event, measured in time.
Example: An organization resumes critical operations at an alternate operating site with the last full backup; if they back up every day, RPO will be 24 hours.
What is ALE?
Annual Loss Expectancy; amount an organization should expect to lose annually based on any one type of incident; ARO x SLE = ALE.
What does ARO stand for?
Annual Rate of Occurrence; rate of occurrence of a specific event/incident.
What does SLE stand for?
Single Loss Expectancy; amount of expected damage/loss from any single specific security incident.
What is the purpose of a UPS?
Should last long enough for graceful shutdown of affected system, can provide line conditioning, adjusting power to optimize for the devices it serves and smooth power fluctuations.
What is the role of generators in power supply?
Supply close to immediate power when utility electricity is interrupted and have automatic transfer switches; minimum of 12 hours of fuel for all generators.
What is Tabletop Testing?
Essential participants work together at a scheduled time; InfoSec equivalent of role-playing games; least impact on production of testing alternatives.
What is a Dry Run?
Whole organization takes part in a scenario at a scheduled time; impacts productivity.
What is a Full Test?
Entire organization takes part in an unscheduled, unannounced practice scenario, performing full BC/DR activities; includes system failover, facility evacuation, used for detecting shortcomings in the plan; greatest impact on productivity.