Lesson 20 Cyber Security Resilience Flashcards
DNS Sinkhole
A sinkhole is a defense mechanism typically used against DDoS attacks. When a network device or server detects an incoming attack the “sinkhole” function attempts to send the malicious traffic to a honeypot/net (sandbox) for analysis, away from the originally indented target.
RAID
Redundant Array of Independent Disks
- provides redundancy for storage devices
many disks can act as backups for each other to increase reliability and fault tolerance
RAID levels are fault tolerance levels
RAID 1, level 1
Level 1 - RAID 1
- Mirrored drives
- all drives are identical, ie mirrored
- provides redundancy
- Drawback is storage capacity is 50% of entire disk array
- Not for performance, ie no speed increase
- only level to use mirroring, no stripping
RAID 5 - level 5
RAID 5 - level 5
- striped drives with one parity bit
- minimum of three disks
- speed of level 0 and redundancy
- fault tolerance of 1
- one disk can fail without losing data
- size all disks together minus 1
RAID 6 - Level 6
RAID 6 - Level 6
- striped drives with two distributed parity bits
- allows for two disk failures without losing data
- minimum of four disks
- speed and more redundancy than level 5
- size add all disks together then subtract two
RAID 0 - Level 0
RAID 0 - Level 0
- striping without parity
- data written across several disks simultaneously
- no redundancy
- minimum of 2 disks
- good for streaming media
- zero redundancy, if one disk fails all data is lost
- size is all disks added together
RAID 10 - Level 10
RAID 10
Minimum of 4 disks with Mirrored strips
data is striped over half the drives and then mirrored to the remaining disks
no parity bits
increased speed and redundancy than level 6
has to have even number of disks
has mush less space
- half of all disks combined (add all together and divide by 2)
High Availability
Percentage of time the system is online, measured over a defined period typically one year
Also means system is able to cope with rapid growth in demand
Converse is downtime, think MTD (max tolerable downtime)
Scalability vs Elasticity
Scalability is the capacity to increase resources to meet demand within similar cost ratios
two types of scalability
-able to scale out - add more resources in parallel with existing resources
-able to scale up - increase the power of existing resources
Elasticity is the systems ability to handle changes on demand in real time
- quicker scalability demand in real time
- high elasticity means the system can handle a sudden demand in real time
Fault Tolerance - meaning of and how to achieve
A fault tolerant system means the system can experience failures and still provide the same or nearly the same level of service
Fault tolerance is achieved through provisioning redundancy for critical components or single points of failure (SPoF)
Power Redundancy
Protecting systems against power events which could harm system
Dual Power Supplies
Managed Power Distribution Units (PDUs)
Battery Backups and Uninterruptible Power Supplies (UPSs)
Generators
NIC Teaming
Network Interface Card (NIC) Teaming to provide network redundancy at the adapter level
Means a server is installed with multiple NICs or NICs with multiple ports allowing each port to a separate network cable. Four 1 GB cables allow the network to have an overall bandwidth of 4 GB
Provides for high-bandwidth link in normal operation but if a one NIC or cable has a problem the network connection can still work but at a reduced speed
Switching and Routing Redundancy
Design network cabling to allow for multiple paths between switches and routers allowing failure of one part of the network to not affect the rest of the network
Requires use of Spanning Tree Protocol (STP) to prevent loops
Load Balancers
Service Level solutions to balance loads across devices/system
Load balancing switch will distribute workloads between available servers
Load balancing cluster will share data and session information between the cluster of servers to maintain a consistent service
multipath I/O for disk redundancy
focused on the path/bus between the server and the storage devices or RAID
ensures there is controller redundancy and/or multiple paths to the storage devices