Lesson 7: Explain Resiliency and Site Security Concepts Flashcards
Define a ‘acquisition/procurement’ policy
Policies and processes that ensure asset and service purchases and contracts are fully managed, secure, use authorized suppliers/vendors, and meet business goals.
Define ‘total cost of ownership (TCO)’
The initial purchase price along with the ongoing costs of maintenance, updates, and potential security incidents associated with an asset.
Define ‘Configuration management’
Ensures that each configurable element within an asset inventory has not diverged from its approved configuration.
Define ‘Change control’
The process by which the need for change is recorded and approved.
Define ‘change management’
The process through which changes to the configuration of information systems are implemented as part of the organization’s overall configuration management efforts.
Define a ‘Service Asset’
Things, processes, or people that contribute to delivering an IT service.
Define a ‘Configuration Item (CI)’
An asset that requires specific management procedures to be used to deliver the service.
Define a ‘baseline configuration’
A list of settings that an asset, such as a server or application, must adhere to.
Define a ‘Security Baseline’
Minimum set of security configuration settings a device or software must maintain to be considered adequately protected.
Define a ‘configuration management system (CMS)’
The tools and databases used to collect, store, manage, update, and report information about CIs.
Define ‘Data deduplication’
Data compression technique that identifies and eliminates redundant data.
Define ‘On-site backups’
Backup that writes job data to media that is stored in the same physical location as the production system.
Define ‘Off-site backups’
Backup that writes job data to media that is stored in a separate physical location to the production system.
How can an organization identify potential issues in their data recovery process?
Testing backups/restore capabilities and making necessary improvements.
Define a ‘Snapshot’
Image backup; Used to create the entire architectural instance/copy of an application, disk, or system at a specific point in time.
What is the purpose of a snapshot?
It is used in backup processes to restore the system or disk of a particular device at a specific time.
Define a ‘VM snapshot’
Capture the state of a virtual machine, including its memory, storage, and configuration settings.
Define a ‘Filesystem snapshot’
Capture the state of a file system at a given moment, enabling users to recover accidentally deleted files or restore previous versions of files in case of data corruption.
Define a ‘SAN snapshot’
taken at the block-level storage layer within a storage area network which capture the state of the entire storage volume.
Define ‘Replication’
Creating and maintaining exact copies of data on different storage systems or locations.
Define ‘Journaling’
A method used by file systems to record changes not yet made to the file system in an object called a journal before the file indexes are updated.
Define ‘Sanitization’
Process of removing sensitive information from storage media to prevent unauthorized access or data breaches.
Define ‘continuity of operations planning (COOP)’
Processes and procedures to ensure critical business functions can continue during and after a disruption.
What is the purpose of continuity of operations planning (COOP)?
Minimize downtime, protect essential resources, and maintain business resilience.