Chp 7 Flashcards
CMDB
Configuration Management Database (CMDB) is a centralized repository that stores information about an organization’s IT assets, commonly referred to as configuration items (CIs). It helps in managing and maintaining accurate data about the IT environment, including hardware, software, network components, and documentation.
CMS
A Configuration Management System (CMS) is a tool that helps manage all of an organization’s IT assets and their configurations. It combines multiple tools and databases to keep track of hardware, software, and other IT resources.
SAN Snapshots
Storage Area Network (SAN)
Captures the exact state of data at a specific point in time, allowing for consistent backups and recovery.
Hard Disk Drives (HDDs) wipe
data wiping methods such as overwriting with zeros or multiple patterns can be effective. Involves writing new data over the existing data on the HDD. Commonly used patterns include zeros, ones, or random data. Also Overwriting
Solid-State Drives (SSDs) wipe
traditional overwriting methods are less effective due to wear leveling and bad block management. Instead, use commands such as the ATA Secure Erase, which are designed to handle the specific challenges of SSD technology by instructing the drive’s firmware to internally sanitize all stored data,
COOP
Continuity of Operations Plan (COOP) Continuity of operations primarily addresses the continuity of critical functions and services within an organization during an emergency or disaster
BC
Business Continuity (BC) Business continuity, on the other hand, takes a broader approach, considering not only the continuity of critical functions but also the overall resilience and recovery of the entire organization
Fault Tolerance
Fault Tolerance: The ability of a system to continue operating at the same (or nearly the same) level of service even when one or more of its components fail.
hot site
A fully configured alternate processing site that can be brought online either instantly or very quickly after a disaster.
A small e-commerce site with very high sales volume and critical uptime requirements might use a hot site
warm site
A warm site is partially equipped with hardware and software but requires some setup and data restoration before it can take over operations.
Recovery Time: Hours to days.
A small e-commerce site keeps a warm site ready with servers and essential applications installed. Daily backups are stored off-site. In case of a primary site failure, the warm site can be activated, and the latest data can be restored within a few hours to a day,
cold site
cold site is a basic facility with power and environmental controls but no pre-installed hardware or data. It requires significant setup time.
Recovery Time: Days to weeks.
A small e-commerce site rents a cold site facility. In case of a disaster, the business procures new servers and network equipment, installs necessary software, and restores data from backups. This process could take several days, which might be acceptable if the business can afford some downtime.
Clustering
A technique where multiple redundant processing nodes (servers) work together to provide a single, high-availability service. These nodes share data and workload, ensuring continuous service even if one node fails.
Failover
The process by which system operations are automatically transferred to a standby node if the primary node fails.
PSUs
An enterprise-class server or appliance enclosure is likely to feature two or more power supply units (PSUs)
UPSs
an uninterruptible power supply (UPS) will provide a temporary power source in a complete power loss. Uninterruptible Power Supplies (UPSs) are devices that provide backup power to electronic equipment in the event of a power outage or fluctuations. UPSs ensure continuous operation by supplying power from batteries or other sources during interruptions.
PDU
A Power Distribution Unit (PDU) is a device used to distribute electrical power to multiple devices within a data center, server rack, or other electronic equipment setups. PDUs provide a reliable way to manage and distribute power efficiently to connected devices.
Deception and disruption technologies
Deception and disruption technologies are cybersecurity resilience tools and techniques to increase the cost of attack planning for the threat actor. Honeypots, Honeynets, Honeyfiles, and Honeytokens
Honeytokens
Honeytokens are fictitious data elements or digital tokens placed within a network or database to detect unauthorized access or malicious activity. When an attacker interacts with a honeytoken, it triggers an alert, helping security teams identify and respond to potential breaches.
fake telemetry
Deception strategy that returns spoofed data in response to network probes. tricking threat actors
Parallel Processing Tests
Running primary and backup systems simultaneously to validate the functionality and performance of backup systems without disrupting normal operations.
Access Badges
Plastic cards embedded with magnetic strips, radio frequency identification (RFID) chips, or near-field communication (NFC) technology