Sec+ Chapter 09: Resilience and Physical Security Flashcards
Redundancy
Having more than one of a system, service, device, or other component to maintain uptime
Geographic dispersal of systems
Ensures a single disaster, attack, or failure can’t disable or destroy systems
Also protects against power grid failures, network connectivity, etc
EX: Common rule of thumb for datacenters is to place them 90 miles apart, preventing most common natural disasters from disabling them
Separation of servers
Used to avoid a single server rack being a point of failure. Systems may be placed in two or more racks in case a single point of failure of a PDU (power distribution unit) or even something simple as a leak that drips into the rack.
Multipath
Use of multiple network paths to ensure a severed cable or failed device doesn’t cause a loss of connectivity
Redundant network devices
Multiple routers, firewalls, and IPSs to prevent a single point of failure.
Load balancers
Balances the load between multiple servers
Someone access the load balancer, which then decides what server is able to provide the particular requested service
Balancer is always checking in with active servers, and if one doesn’t respond the balancer will disable connections to that server and enable a standby server instead
Commonly used to allow system upgrades by redirecting traffic away while it’s being upgraded and returning it after it’s patched or upgraded
NIC Teaming
AKA: LBFO (load balancing / fail over)
Plug in and use multiple connections to a server, but instead of a primary and standby, you can use both simultaneously and aggregate bandwidth between both
Provides increased throughput and a way to have redundant paths in case one of the connections fails
On the server, configured by installing multiple NICs which look as one interface on server OS
Also configure the switch side to interpret traffic to any connections as something NIC teamed in the server
Provides redundancy as well in case of any connectivity issues
UPS
Uninterruptible power supply
An actual piece of hardware that provides battery-powered backup power options for short periods of time
Three types:
1) Offline / standby UPS: simplest, least expensive and not normally enabled unless power is lost
2) Line-interactive UPS: If the voltage is slowly diminishing on the line, this slowly ramps up backup power
3) Online / double-conversion UPS: most complex and expensive, always online and providing power
Gas generators are used for longer outages but may take a few minutes to get up to speed, so use battery UPS and generator to ensure no downtime
Managed PDU
Managed power distribution unit
Provides intelligent power management and remote control of power delivered inside server racks and other environment
Diversity of technologies
Using different vendors, cryptographic solutions, platforms, and controls can make it more difficult for a single attack or failure to have major impact.
Major cost to this, like additional training, issues when integrating disparate systems, and potential for human error as complexity increases.
RAID
Redundant array of inexpensive disks
A common solution that uses multiple disks with data either striped (spread across disks) or mirrored (copied), and technology to ensure data isn’t corrupted or lost (parity)
Ensures one or more disk failures can be handled by an array without losing data
RAID 0
Striping without parity
Data is spread across all drives in the array
Better I/O (input/output) performance (speed), all capacity used
No fault tolerance, all data lost if a drive is lost
RAID 1
Mirroring
All data is copied exactly to another drive or drives
High read speeds from multiple drives, data available if a drive fails
Uses twice the storage for the same amount of data
RAID 5
Striping with parity
Data is striped across drives, with one drive used for parity (checksum) of the data. Parity is spread across drives as well as data
Data reads are fast, data writes slightly slower. Drive failures can be rebuilt as long as only one drive fails.
Can only tolerate a single drive failure at a time. Rebuilding arrays after a drive loss can be slow and impact performance
RAID 6
Striping with double parity
Like RAID 5 but additional parity is stored on another drive
Like RAID 5 but allows for more than one drive to fail at a time
Slower write performance than RAID 5 as the additional parity data is managed. Rebuilding arrays after a drive loss can be slow and impact performance.
RAID 10
Mirroring and striping
Sometimes written RAID 1+0
Data is striped across two or more drives and then mirrored to the same number of drives
Combines the advantages and disadvantages of both RAID 0 and 1
Combines the advantages and disadvantages of RAID 0 and 1.
Full backup
Copies an entire device or storage system
Slow backup process, but faster to recover
Archive attributes cleared after backup
Incremental backup
Captures the changes since the last full backup first, and then the changes since the last incremental backup
Faster to back up, but slow to recover
Archive attributes cleared after backup
Differential backup
Captures the changes since the last full backup
Moderate to recover, moderate to back up
Archive attributes not cleared after backup
Snapshot
Captures the full state of a system of device at the time the backup is completed
These are common on VMs
Useful to clone systems, go back in time to a point before a patch or upgrade was installed, or restore a system state before an event occurred
Images
A complete copy of a system or server, typically down to the bit level for the drive
A restored image is a complete match to the system at the moment it was imaged
A backup method of choice for servers where complex configurations may be in use and where cloning or restoration in a short timeframe may be desired
Forensic images
Captures a bitwise copy of an entire storage device, although they have stronger requirements around data validation and proof of secure handling
Tape
A kind of backup media
Historically one of the lowest cost per capacity options for large scale backups
Magnetic tape remains in use in large ENTs, often in the form of tape robot systems that can load and store large numbers of tapes using a few drives and several cartridge storage slots
Disks
A kind of backup media that’s in either magnetic or SSD form
Typically more expensive for the same backup capacity as tape, but faster
Often used in large arrays in either a network attached storage (NAS) or storage area network (SAN)
Optical media
A kind of backup media like blu ray and DVDs, and specialized optical storage systems
Remains in use in some circumstances, but for capacity issues has been deprecated as a large scale backup tool
Flash media
A kind of backup media like SD cards and USB drives
Used in many places for short term copies or even long term backups
They aren’t frequently used at ENT scale
Nearline backup
Backup storage that’s not immediately available but can be retrieved within a reasonable period of time, usually without a human involved
Considerations for off site and third party backup
1) Bandwidth requirements for both the backups themselves and restoration time if the back needs to be restored partially or fully
2) Time to retrieve files and cost to retrieve files
3) Reliability
4) New security models required for backups
SAN
Storage area networks
High performance storage with builtin redundancy we can access over a high speed network
Can also duplicate data across SANs, or from one datacenter to another
Best broken down two ways:
1) A means of replicating data, where SANs use RAID to ensure that data isn’t lost. Some orgs will even run a backup SAN with all of the org’s data replicated to it in another location
2) A type of backup itself. Here, it’s seen as a network attached array of disks
Configured to look and feel like a separate storage drive on your system
Block level access, so if you need to change a portion of a large file you only need to change that portion instead of rewriting the entire file to the SAN
Response controls
Controls that allow orgs to respond to an issue, whether it’s an outage, compromise, or disaster
Recovery controls
Techniques that focus on returning to normal operations
Nonpersistence
The ability to have some systems or services that are spun up and shut down as needed
Vertical scalability
Requires a larger or more powerful system or device.
Can help when all tasks or functions need to be handled on the same system or infrastructure.
Very expensive to increase, particularly if the event that drives the need to scale isn’t ongoing or frequent.
Required at times, like with large memory footprint apps that can’t be run on smaller, less capable systems
Horizontal scaling
Uses smaller systems or devices, but adds more of them.
When designed and managed correctly, a horizontally scaled system can take advantage of the ability to transparently add and remove more resources, allowing it to adjust as needs grow or shrink.
Provides oppty for transparent upgrades, patching, and incident response.
Hot sites
An exact replica of what we’re running in our production environment
Duplicate hardware, servers, infrastructure, equipment, etc
Whenever we purchase for our production network, we purchase it for our disaster recovery network
Hot site and HQ need to be fully synchronized at all times with things like real time data transfers or periodic updates
Sometimes, orgs choose to operate them full time, splitting traffic and load between multiple sites to ensure they perform properly
Also ensures staff are in place in case of an emergency
Warm sites
Have some or all of the systems needed to perform the work required by the org, but the live data and configurations are not in place
Expensive to maintain because of the hardware costs, but they can reduce the total time to restoration because systems can be ready to go and mostly configured
Balances cost and capabilities between hot and cold sites
Cold sites
Have space, power, and network connectivity but aren’t prepared with systems or data
You must bring all that as well as personnel with you
In a disaster, an org knows they would have a place to go but would have to bring or acquire systems
Challenging because some disasters will prevent the acquisition of hardware, and data will have to be transported from another facility where it’s stored in case of disaster
Least expensive option to maintain
Restoration order
Balances the criticality of systems and services to the operation of the organization against the need for other infrastructure to be in place and operational to allow each component to be online, secure, and running properly
USB data blocker
A device used to ensure that USB cables can only be used to transfer power, not data, when chargers and other devices can’t be trusted. An alternative is a USB power-only cable.
NAS
Network attached storage
Provides access to a large storage array connected over the network
File level access, which means if you need to change any portion of a file on NAS, you have to rewrite the entire file on the device
Fire suppression types
Sprinklers
1) Wet sprinkler: Has water in it all the time
2) Dry sprinkler: Empty until needed
3) Pre-action: Detects heat or smoke, then fills with water
4) Deluge sprinkler: Empty with open sprinkler heads, but cover an entire area when activated
Chemical
1) Gaseous agents to displace oxygen, reduce heat, or prevent combustion
2) Wet agents like foam
3) Dry chemical agents like normal fire extinguishers
PDS
Protected distribution system
Protect your cables and fibers, prevent taps, prevent cuts
