Domain 5 Operations

Question 1

Temperature and Humidity

Answer 1

Temperature: 64-80 F
Humidity: 40-60%

Question 2

Design Standards

Answer 2

BISCI: cabling for data systems

IDCA: Infinity Program comprehensive data center design framework

NFPA: Fire protection standard

Uptime Institute: Data Center Tiers and typologies.

Question 3

Uptime Institute Tiers

Answer 3

Tier 1:
- Little redundancy, space for systems, UPS for line conditioning

Tier 2:
-Some redundancy, critical operation do not have to be interrupted for maintenance, unplanned failures may result in downtime

Tier 3:
Concurrently maintainable site infrastructure, dual power supplies.

Tier 4:
- Fault tolerant site infrastructure.

Question 4

iSCSI

Answer 4

. Most prevalent protocol for network based storage.

. allows use of block level storage that looks and behaves like a SAN over TCP

. Recommended to be run over its own segregated network

. Does not support encryption, must be protected by other means

Question 5

KVM

Answer 5

. MFA recommended

. Comprehensive audit and logging program should be in place

. KVM connectivity should be isolated on its own specific physical channel.

. should be configured to allow access to one host at a time.

. No transfer of data between host via KVM

Question 6

TLS

Answer 6

X.509 certificated

• TLS Handshake Protocol: negotiates and established TLS connections and enables the secure channel to handle communications
• TLS Record Protocol: responsible for the ecryptions and authentications of packets throughout their transmission an between the parties.
• Transport layer

Question 7

IPSEC

Answer 7

• Operates at the network layer

- Performs both authentication and negotiation of security policies and maintains throughout the communication

Question 8

Distributed Resource Scheduling (DRS)

Answer 8

used within clustered systems to provide high availability, scaling, management ,workload distribution and balancing of jobs.

Question 9

Dynamic Optimization (DO)

Answer 9

process through which the cloud environment is constantly maintained to ensure resources are available when and where needed and that physical nodes do not become overloaded or near capacity while others are underutilized.

Question 10

Maintenance mode

Answer 10

Physical hosts

no virtual machine can be run

logging should be maintained.

Question 11

4 key areas of a physical cloud environment

Answer 11

CPU,
memory,
disk
network

Question 12

Orchestration

Answer 12

pertains to the use of automation for task such as
provisioning
scaling
allocation of resources
customer billing and reporting

Question 13

Incident management

Answer 13

Incident- an event that can lead to a disruption of an organizations service or operations

Incident management-focused on limiting the impact of the events on an organization and returning their state to full operation as quickly as possible

Question 14

Problem management

Answer 14

Focus is to analyze and identify potential issues and put processes and mitigations in place to prevent predictable problems from occurring.

Question 15

Incident response cycle and process

Answer 15

1. Incident Occurs
2. Classified
3. Determine Resolution
4. Implement Resolution

Question 16

Assessing Risk

Answer 16

1. Determine the specific threats the organization and their systems face.
2. Assess the vulnerabilities of a particular system
3. Evaluate the potential harm that an attack can cause to an organization’s systems, data, operations and reputation
4. Determine the likelihood of a successful attack and the harm that it could cause.

Question 17

Quantitative Assessment

Answer 17

SLE = Asset value X Exposure Factor

ALE = SLE x Annual Rate of Occurrence