Lesson 7: Explain Resiliency and Site Security Concepts Flashcards
What are common asset inventory methods?
Manual inventory.
Network scanning tools (e.g., Nmap).
Asset management software (e.g., Lansweeper).
Mobile Device Management (MDM) solutions.
Cloud Asset Discovery tools (e.g., AWS Config).
What are the Asset Protection Concepts?
Standard naming conventions aid tracking and management.
Configuration Management Baselines define required settings.
Techniques such as RFID tags help with physical tracking.
What is the purpose of data backups?
Regular backups safeguard data integrity and availability.
What are key features of enterprise backups?
Support for physical, virtual, and cloud environments.
Data deduplication to optimize storage.
Granular restore and ransomware protection.
Validation testing to ensure recovery reliability.
What is replication and journaling used for?
Replication: Creates consistent data copies across locations.
Journaling: Logs data changes for precise rollback and recovery.
What are snapshots, and how are they used?
VM Snapshots: Restore virtual machine states.
Filesystem Snapshots: Revert file systems.
SAN Snapshots: Protect large datasets.
How is backup encryption and secure data destruction achieved?
Encryption ensures backup confidentiality.
Secure sanitization techniques include overwriting and degaussing.
What is the purpose of COOP (Continuity of Operations)?
Focuses on maintaining critical business functions during a crisis.
Tied to broader Business Continuity (BC) plans that address overall organizational resilience.
What methods are used in capacity planning, and what does this address?
Trend analysis, simulation modeling, and benchmarking.
Addresses both underutilization (cost inefficiency) and overutilization (performance risks).
What risks are associated with underutilization and overutilization in capacity planning?
Underutilization leads to cost inefficiency.
Overutilization causes performance risks.
What does High Availability (HA) do, and how is it measured?
Ensures uptime with fault-tolerant hardware and clustered systems.
Measured as availability percentages (“nines”).
What is the difference between scale-up and scale-out in scalability?
Scale-up: Add resources to existing infrastructure.
Scale-out: Add parallel resources.
What resiliency testing methods are used, and what is the purpose?
Tabletop exercises, failover tests, simulations, and parallel processing.
Strengthens incident response effectiveness and highlights vulnerabilities.
How do clustering and virtual IPs differ between Active/Passive and Active/Active setups?
Active/Passive (A/P): Standby node remains idle until needed.
Active/Active (A/A): All nodes work simultaneously, sharing workloads.
What principles guide physical security controls?
Authentication, Authorization, and Accounting (AAA).
How does site layout and design enhance physical security?
By using fencing, lighting, and bollards to deter unauthorized entry, and channeling movement with secure entry/exit points.
What types of locks are commonly used for physical security?
Physical, electronic (PIN/keyless), and biometric locks.
What is an access control vestibule (mantrap)?
A physical security control that allows entry to one individual at a time.
What are the functions of access badges?
Serve as identification, access keys, and log events for auditing.
How do surveillance systems enhance physical security?
Human Guards: Visible deterrence with clearance and screening.
Cameras: Smart systems use AI for motion recognition and object detection.
Drones: Provide wide-area surveillance.
What types of alarms and sensors are used for physical security?
Circuit-based alarms.
Motion detection alarms.
Noise detection alarms.
Duress alarms.
Sensors like infrared, pressure, microwave, and ultrasonic.
