Continuity Flashcards
What is CONOPS?
___ of _____
Concept of Operations (Cloud SP)
How does CONOPS help organization ?
Helps ___ to document in ___ ____ what is _____ built for IS
Helps org to document in plain language what is Required & built for Information System
Which of the following statements correctly depicts the use of a Concept of Operations (CONOP) document?
A. Mandatory document required by ISO 27001 related
to security operations
B. Mandatory document required by ISSO 27023 related
to security operations
C. It helps an org to document in plain language what is
required and what should be built for an information
system
D. It provide requirements for an org to implem security
mgmt related to identity and access mgmt.
C. It helps an org to document in plain language what is
required and what should be built for an information
system
Bus Continuity contains 3 key elements?
_____ bounce back
_____ Planning
_____ Restore
- Resilience (Bounce back)
- Contingency (Planning)
- Recovery (Restore)
Which of the following actions should a company take if a cloud computing provider ceases to uphold their contract?
A. Consult the company’s exit plan.
B. Move the company data to the backup provider that was selected earlier.
C. Re-host all critical applications on the company’s internal servers.
D. Evaluate the company’s strategic options for an alternative provider
A. Consult the company’s exit plan.
Which of the following actions should a company take if a cloud computing provider ceases to uphold their contract?
A. Consult the company’s exit plan.
B. Move the company data to the backup provider that was selected earlier.
C. Re-host all critical applications on the company’s internal servers.
D. Evaluate the company’s strategic options for an alternative provider
A. Consult the company’s exit plan.
What (4) concerns do you consider with Bus Continuity Outage Support?
____ _____
____ of Data can afford to ____
How quickly you need to restore ____ _____
How vulnerable are ____ to _______
- Most Critical Processes
- Amount of data can afford to lose?
- How quickly do you need to restore Critical
Processes? - How Vulnerable are operations to disasters?
What (2) do you consider for BIA Business Impact Analysis
Identify all ___ ____
Assign level of ____ to each _____
- Identify all Bus function
2. Assign level of importance to each func
With Bus Continuity in Cloud what 4 benefits are there with using the cloud? (4) Resource \_\_\_\_\_, \_\_\_\_\_\_ \_\_ \_\_\_\_\_\_\_\_ service \_\_\_\_\_ of service Service \_\_\_\_\_\_\_
- Resource pooling & elasticity
- Self-serve ON DEMAND service
- Quality of service
- Selection of service location
What are the 7 steps of Bus Continuity Plan (BCP)(7)?
Document ___ ______
Work ___ _____
External ________ ie: Utility, municipal, police, fire, water, hospital, post office, office
Critical (2) _____ & _____
Contingency (2) ____ & ______
Create ___ __ ______
__________, stakeholders, members, impact by CBP
- Document key personnel
- (WORK ANY LOCATION) Telecommute / work
anywhere - External Suppliers – Utility, municipal, office, police,
fire, water, hospital, post office - Critical (2) equipment and docs
Equipment – Fax, Copy, printers
Documents - Contingency (2) equipment and location
Equipment
Location - Create HOW to instructions
- Communication – stakeholders, members, impact by
CBP
What are the PROS for Cloud Bus Continuity Plan (BCP)? (5)
- _____
- _______ _______
- Save __, __, ______
- Working _____
- Access data _______
- Storage, BU
- Offsite locations
- Save HW, SW, Infrastructure
- Remote Working
- Access data anywhere
What are the CONS for Cloud Bus Continuity Plan (BCP)?
- Existing BCP, could be ______
- Need clear _____
- Choose appropriate ___ to ____
- Consider ______
- Ensure relationship w/ ___
- Take time, careful to _______
- If org has existing BCP, chg plans could be expensive
- Need a CLEAR SLA
- Choose appropriate services to bus
- Consider policy
- Ensure credible relationship w/ SP
- FIPS 42 / ISO 9001
- Use small steps to implemlement
A company would like to move an application to the cloud which resides on a single physical server in their data center. The server has two drives, one of which hosts the operating system, and the other hosts the application data. The operating system has been showing errors recently and the application data was corrupted last Friday at 4:00PM. Data is backed up every day at 1:00AM. Which of the following would be the BEST option for migrating this application to the
cloud?
A. Setup a server in the cloud, install an operating system, install the application, and copy the data
to the cloud server from last Friday’s backup
B. Setup a server in the cloud, install an operating system, install and configure the application, and
copy the data to the cloud server from last Thursday’s backup
C. Clone or P2V the server with both drives to the cloud platform
D. Clone or P2V the server with the application drive to the cloud platform and copy the operating
system to the cloud server
A. Setup a server in the cloud, install an operating system, install the application, and copy the data
to the cloud server from last Friday’s backup
Which of the following is a negative business impact of cloud computing?
A. It lowers the company’s overall application processing availability.
B. It is difficult to implement problem management.
C. It is more difficult to ensure policy compliance.
D. It slows down the company’s ability to deal with server capacity issues.
C. It is more difficult to ensure policy compliance.
What are the 6 Common causes data losses occur due to disaster
- Natural Disasters
- Application failure
- System failure
- Network failure
- Network Intrusion
- Hacking or Malicious code
RPO
Recovery Point Objective
What is RPO?
Data Loss measured in _____
If RPO = 1 hrs and it is noon, then recovery must include all data up to ____ AM or PM
Recovery Point Objective
Data LOSS measured in time
If RPO = 1 hrs … and it is noon, then recovery must incl all data up to 11AM
RTO
Recovery Time Objective
What is RTO?
______________________
If RTO = 8 hrs … and it is noon, then the back uptime must be ______ AM or PM
Recovery Time Objective
Downtime: Back up restoration
If RTO = 8 hrs … and it is noon, then the back uptime must by 8PM
MTO
Max Tolerable Outage
What is MTO?
Means: ___ ___ down before _________ org object
Max tolerable Outage
Max amount time sys down before compromise org object
MTTR
Mean Time to Repair
What is MTTR?
____ ____ to repair device
measured by: _____ time / # ______
Mean Time to Repair
Average time to repair device (incl latency)
Maintenance time / # actions
MTBF
Mean Time Before Failure
What is MTBF?
______ time for failure of device
measured by: Total ____ hrs expected before ______
Mean Time Before Failure
Expected time for failure of device
Total unit hours expected
What is difference between MTTR versus MTBF?
MTTR is ___ time to fix, and MTBF is the ______ ____ of the device before it quits.
MTTR is the AVG time to fix, and MTBF is the expected life of the device before it quits.
Which of the following technologies are related to Web services? A. HTML, IDM, JSON B. HTML, IDM, XML C. HTML, JSON, XML D. DM, JSON, XML
C. HTML, JSON, XML
How does cloud computing improve business flexibility?
A. Easier access by users outside of the organization
B. Faster deployment of applications
C. Rapidly growing and shrinking capacity
D. All of the above are correct
D. All of the above are correct
7 Areas to look for when considering cloud?
- Storage
- Scalability
- Uptime/ Availability
- DR
- Security
- Compliance i.e.: HIPPA
- Support – multi channel i.e.: phone, chat, Email ,
Social Media
KPI
Key Performance Indicator
Why are KPI important in Cloud?
Cloud sys are built to handle changing workloads.
It is important to state your ______, __ ____, and KPIs to know the workload can grow w/o impacting responsiveness, _______, or ________
Because cloud systems are built to handle changing workloads in a flexible manner, it is important to
state your requirements, service levels, and KPIs so that we can confirm the ability of workloads to
grow without impacting responsiveness, throughput, or availability.
What should those KPI performance requirements be for the Cloud?(5)
__________ handle 6K trxn per min w/ 95% response
__________ response, util, avail, resolution
__________ Meas goals supports SLA
__________ Supported by agreement
__________ %time sys avail/down during avail WIN
- Performance / Scalability Requirements ie: handle 6K
transaction per min with 95% response time not to
exceed 5 min. - Service Levels - response, utilization, avail, service
level, problem turnaround - SLO service level objective - measurable goals
supports SLA - SLA Supported by agreement
- KPI Key Performance Indicators - % time sys was
available (down) during available window
What is Cloud Container?
Container is form of __ _____ that is more efficient than __ _________
Alt to __ level ________
Runs multiple _____ ____ on single host
Uses 1 kernel per ____, vs FM 1 kernel per ____
* RHEL has ___ ____ same kernel technology
- Container is form of OS virtualization that is more
efficient than HW virtualization - Alt to OS level virtualization
- Used to run multiple isolated sys on single host
- Uses same kernel (1) per container vs VM (1) kernel
per VM - RHEL has OPEN-SHIFT (same kernel technology)
What are benefits of Containers vs OS level virtualization (VMs)
- NO _____ ______
- Containers based on ______
- Cloud native applic work in ___ ___ vs using ____ ___
- No kernel isolation – just sys lib(s) and binaries to
allow isolation btw containers - Containers are based on LINUX
- Cloud native applications work in real time vs using
VM services
Containers by default are ?
- ______
- Containers cannot be accessed by ___ ____
why: ? Need __ #, ____ - _ _ _ containers , tokens, access key + secret access key
- Secure - Sandboxed
- Containers cannot be accessed by
outside sources!!! Need port #, packaged - API – containers, tokens
(access key ID + secret access key
Virtualization vs Containerization
Which eliminates boot time / starts in seconds and why?
______ are ______ programs in one ____
Containers start in seconds, because they are not added VMs, they are compiled programs in one unit.
Virually all PaaS sys has _______ foundation for running their platform tools.
Container foundation built in
Virtualization vs Containerization
Which on e has Emulation of devices?
What does the other have?
Virtualization
Containers uses ACLs Plus Sys call
Virtualization vs Containerization
Which one has Svc Deployment (individual components)
Containers
A container is a form of 1__ 2_____ that is more efficient than typical HW Virtualization.
1 OS
2 Virtualization
Containers can be used as alt to OS level Virtualization to ?
run multiple isolated systems on single host
Which of the following character associated to OS-level Virtualization and not Containers? A. Applying limits per process B. Single Network file system caching C. Emulation of devices D. Single kernel
C. Emulation of devices
*OS level virtualization is based on emulation of devices (imitating another sys); whereas containers uses ACLs Plus syscall.
What is DOCKER? (Moby)
Docker is ____ ____ engine w/ deployment any applic as ____ ____
Create lightweight private ____ environment
Docker is OPEN-Source engine w/ deployment any application as portable container that runs virtually anywhere.
Examples:
- Same container in Development tests on laptop at
scale, in Prod, on VMs, bare-metal servers,
OpenStack clusters, public instances, or combination
of these.
- Useful for deployment package of applications
- Creation lightweight private PaaS environment
- Automatic test/ continuous deployment
- Deploying/Scaling web apps, Db, backend services
*Red Hat supports Docker
What is BIG DATA
Any collection of data sets so ____/______ it becomes difficult to process using DBMS
i.e.: _____ ______, _____ Source SW for storage
Datasets on ________ of HW
Any collection of data sets so large/complex becomes difficult to process using on-hand DB Mgmt tools
Examples:
- Apache Hadoop OPEN-Source SW for storage (large
scale processing)of datasets on clusters of
commodity HW.
- MapReduce used for BigData on clusters
BIG DATA Challenges are same as traditional data Data \_\_\_ Data \_\_ \_\_\_ Data \_\_\_ Data \_\_\_\_ Data \_\_\_\_\_\_ Data \_\_\_\_\_
- Data Location
- Data at Rest
- Data Loss
- Data Classification
- Data Reminisce
- Data Security
What is Software Security Assurance?
Helps ___ / ____ SW that protects the data / resource
Helps design / implement Software that protects the data / resources contained in and controlled by the Software.
APP Service Governance = (2 streams)
___ Mgmt + ____ Governance
API Mgmt + SOA Governance
APIs are used for?
____ of ____
Integration of Services becoming channel for revenue
API (application program interface) How does it differ from SOA ? All Services use _ _ _ _ All services \_\_\_\_ from \_\_\_\_ \_\_ Barrier to use verbs/actions Services use \_\_\_\_ \_\_\_ \_\_\_
All Services use REST
All services discover-able from portal
Low Barrier to use verbs/actions
Services use defacto Sec Standards
SOA (Software Oriented Architecture)
How does it differ from API?
All Services use _ _ _ _ / _ _ _ _ interface
All services ______ from _ _ _ _____/Repos
___ Barrier to use verbs/actions
Services should use _ _ * Security
All Services use SOAP/WSDL interface
All services discover-able from SOA registry / Repos
High Barrier to use verbs/actions
Services should use WS-* Security
What is not a char of SOA?
A. All components should be exposed as services
B. All services should use SOAP/WSDL interfaces
C. All services are discoverable from a portal
D. All services should use WS-* security
C. All services are discoverable from a portal
DR TIER Data Storage (5)
Tier Data Recovery Restoration
0 0 offsite NO DR Plan Weeks/unsuccess
1 BU no hot site Need Config Time laboring
2 BU w/ hot site standby server
3 Electronic vault BU to hot site Netwk accessible
4. Pt in time copy Use remote site Netwk accessible
5. Trxn Integrity BEST. (=) PROD No loss of data
Tier 0
No offsite data. No DR Plan/ No saved data Recovery: Weeks / unsuccessful
Tier 1
Data BU w/o Hot site. Recovery: Need configuration / time laboring
Tier 2
Data BU w/ hot site. Hot BU site Recovery: Can run application at stand by servers
Tier 3
Electronic Vault. BU data accessible to hot site. Recovery: Network access is accessible
Tier 4
Point in time copies. Uses remote site. Recovery: Accessible by network
Tier 5
Transaction Integrity. BEST. Integrity means transaction are consistent btw PROD and recovery sites
Recovery: Should be no loss of data
Consider the context of data center avail and physical Sec. Which Tier ensures highest AVAILABILITY
Tier I
Tier II
Tier III
Tier IV
Tier IV
How many tiers should an ISCM per NIST 800-137 have:
A. 2 – Tier 1 (Org Bus Process), Tier 2 (Cloud Computing
Strategy Implem)
B. 2 – Tier 1 (Cloud Computing Strategy Implem), Tier 2
(Org Bus Process)
C. 3 – Tier 1 (Org Bus Process), Tier 2 (ICSM Strategy)
Tier 3 (Cloud Computing Strategy Implem)
D. 3 – Tier 1 (Cloud Computing Strategy Implem), Tier 2
(Org Bus Process), Tier 3 (ICSM Strategy)
C. 3 – Tier 1 (Org Bus Process), Tier 2 (ICSM Strategy)
Tier 3 (Cloud Computing Strategy Implem)DR TIER Data Storage
What Tier is Point in Time Copy?
Uses _____ site?
Is it netwk accessible?
- Tier 4
- Uses (Remote) site
- Yes Network Accessible
DR TIER Data Storage
Which is best of Tier 0 - 2?
Why?
Tier 2
because it has a hot site and standby server
DR TIER DATA Storage
What is best Tier? 0 - 5
Why? (3)
_____ _____. ______ ______, NO _____ ____
Tier 5
Trxn Integrity, it matches production, no loss of data
