Security Architecture 3.4

Question 1

High Availability

Answer 1

Reducing downtime, always on, always available, High availability almost always means higher cost. Upgraded power, higher quality server components.

Question 2

Load Balancing

Answer 2

Maintains and distributes traffic/load across multiple servers. The load balancer adds or removes devices. May remove any server which is not responding.

Question 2

Server Clustering

Answer 2

Combine two or more servers appears to operate as a signal large server. Easily increase capacity and availability.

There is often a shared storage between the servers.

Question 2

Site resiliency

Answer 2

Recovery site is prepped. Data is synchronised at the recovery site and the business processes failover to the alternate processing site.

Question 3

A hot site

Answer 3

An exact replica of the data centre. Applications and software are constantly updated - automated replication. Anything purchased in the normal base of operation must also be purchased and put into the hot site.

Question 4

A cold site

Answer 4

Has no hardware, no data and no people. You have to bring in all of the infrastructure to run the site in the event of a site wide failure. A cold site would be used if risk of failure is very rare.

Question 5

A geographic dispersion.

Answer 5

The site should be in completely different areas. If a tornado or flood disrupts production of a primary location the the secondary site shouldn’t be impacted.

Question 5

Warm site

Answer 5

Somewhere between cold and hot site.

Question 6

Platform Diversity

Answer 6

Different vulnerabilities exist within different operating systems. Spreading your operation over multiple operating systems will help to mitigate the risk.

Question 7

Multi-cloud systems

Answer 7

There are many could providers.
Amazon Web service, Microsoft Azure, Google Cloud

Question 8

Continuity of operations planning.

Answer 8

A fail back method. Non technical way to provide the same service. Manual transaction, paper receipts, phone call for transactions approvals.

Question 9

Capacity Planning

Answer 9

Match supply to the demand.
Considerations:
Having enough people
Technology - Use of load balancers to increase servers if demand suddenly increases. Additional cloud services.

Question 10

Recovery Testing

Answer 10

Test yourself before an actual event. Use of well-defined rules of engagement. Very specific scenario.
Can be very expensive.

Question 11

Fail over (test)

Answer 11

Back up systems would be engaged to back up infrastructure to perform the fail over.

Question 12

Simulation

Answer 12

Test with a simulated event. Phishing attack, password requests, data breaches.

Create a phishing email attack, send to your actual user community.
Does the phishing email get past the filter.

Question 13

Parallel Processing

Answer 13

Split the process, A single computer with multiple CPU cores or multiple physical CPU’S.

Improved Recovery, Take the faulty device out of the list of available processors, Continue operating with the remaining processors.

Question 14

Backups

Answer 14

A back up allows you to recover important and valuable data to plan for a disaster.
- Type of backup
-Backup media
-Storage location
-Backup recovery software
-What day of the week are we going to be performing the back up.

Question 15

Onsite vs Offsite Backup

Answer 15

No Internet link required, Data is immediately available. Generally less expensive than off site.

An off site backup over the internet. Data is available after the disaster. Restoration can be performed from anywhere.

Question 16

Frequency - backups

Answer 16

How often to backup?

Question 17

Encryption - backups

Answer 17

Everything on the backup media is unreadable if encrypted . The recovery key is required to restore data.

Question 18

A snapshot.

Answer 18

Very useful in cloud environments. Take a snapshot of an entire system. Save the current configuration data. Snapshots may be taken every day

Question 19

Recovery Testing - backups

Answer 19

Can tests can be recovered. Restore from back up. Confirm the restoration, Test the restored application data.

Question 20

Replication

Answer 20

An ongoing, almost real time back up. Keep data synchronised in multiple locations.

Replicated data can be used at a moments notice. Will likely be used at a hot site.

Question 21

Journaling

Answer 21

First writing the data into the journal before applying it to the data base so that if there is a power outage

Question 22

Power resiliency

Answer 22

Power should be available. There should always be a way to mitigate power issues.

Question 23

UPS

Answer 23

Uninterruptible power supply. Short-term backup power.
Blackouts, Brownouts (Drop in voltage), Surges.

Question 24

UPS types

Answer 24

Offline/Standby UPS (Uses main source power untill their is a black out and then it switches to use battery)

Line-interactive UPS (Will begin to increase the amount of voltage in the event of a brown out)

On-line/double conversion UPS (Always run from battery power).

Question 25

Generator

Answer 25

Long term-power back up
Power an entire building
May take a few minutes for the generator to get up to speed.