Security Architecture 3.4 Flashcards
High Availability
Reducing downtime, always on, always available, High availability almost always means higher cost. Upgraded power, higher quality server components.
Load Balancing
Maintains and distributes traffic/load across multiple servers. The load balancer adds or removes devices. May remove any server which is not responding.
Server Clustering
Combine two or more servers appears to operate as a signal large server. Easily increase capacity and availability.
There is often a shared storage between the servers.
Site resiliency
Recovery site is prepped. Data is synchronised at the recovery site and the business processes failover to the alternate processing site.
A hot site
An exact replica of the data centre. Applications and software are constantly updated - automated replication. Anything purchased in the normal base of operation must also be purchased and put into the hot site.
A cold site
Has no hardware, no data and no people. You have to bring in all of the infrastructure to run the site in the event of a site wide failure. A cold site would be used if risk of failure is very rare.
A geographic dispersion.
The site should be in completely different areas. If a tornado or flood disrupts production of a primary location the the secondary site shouldn’t be impacted.
Warm site
Somewhere between cold and hot site.
Platform Diversity
Different vulnerabilities exist within different operating systems. Spreading your operation over multiple operating systems will help to mitigate the risk.
Multi-cloud systems
There are many could providers.
Amazon Web service, Microsoft Azure, Google Cloud
Continuity of operations planning.
A fail back method. Non technical way to provide the same service. Manual transaction, paper receipts, phone call for transactions approvals.
Capacity Planning
Match supply to the demand.
Considerations:
Having enough people
Technology - Use of load balancers to increase servers if demand suddenly increases. Additional cloud services.
Recovery Testing
Test yourself before an actual event. Use of well-defined rules of engagement. Very specific scenario.
Can be very expensive.
Fail over (test)
Back up systems would be engaged to back up infrastructure to perform the fail over.
Simulation
Test with a simulated event. Phishing attack, password requests, data breaches.
Create a phishing email attack, send to your actual user community.
Does the phishing email get past the filter.
Parallel Processing
Split the process, A single computer with multiple CPU cores or multiple physical CPU’S.
Improved Recovery, Take the faulty device out of the list of available processors, Continue operating with the remaining processors.
Backups
A back up allows you to recover important and valuable data to plan for a disaster.
- Type of backup
-Backup media
-Storage location
-Backup recovery software
-What day of the week are we going to be performing the back up.
Onsite vs Offsite Backup
No Internet link required, Data is immediately available. Generally less expensive than off site.
An off site backup over the internet. Data is available after the disaster. Restoration can be performed from anywhere.
Frequency - backups
How often to backup?
Encryption - backups
Everything on the backup media is unreadable if encrypted . The recovery key is required to restore data.
A snapshot.
Very useful in cloud environments. Take a snapshot of an entire system. Save the current configuration data. Snapshots may be taken every day
Recovery Testing - backups
Can tests can be recovered. Restore from back up. Confirm the restoration, Test the restored application data.
Replication
An ongoing, almost real time back up. Keep data synchronised in multiple locations.
Replicated data can be used at a moments notice. Will likely be used at a hot site.
Journaling
First writing the data into the journal before applying it to the data base so that if there is a power outage
Power resiliency
Power should be available. There should always be a way to mitigate power issues.
UPS
Uninterruptible power supply. Short-term backup power.
Blackouts, Brownouts (Drop in voltage), Surges.
UPS types
Offline/Standby UPS (Uses main source power untill their is a black out and then it switches to use battery)
Line-interactive UPS (Will begin to increase the amount of voltage in the event of a brown out)
On-line/double conversion UPS (Always run from battery power).
Generator
Long term-power back up
Power an entire building
May take a few minutes for the generator to get up to speed.
