Security Architecture 5

Question 1

What types of site resiliency are there?

Answer 1

Hot Site
* Exact Replica of the original site
* All processes, updates and changes will also be implemented in hot site

Cold Site
* No Hardware, Empty building

Warm Site
* Inbetween

Question 2

Geographic Dispersion

Answer 2

• Dispersing site in case of disaster to physically different location
• Can be logistically challenging

Question 3

Platform Diversity

Answer 3

• Every OS contains potential security issues
• Usually single OS specific

Question 4

Capacrity Planning

Answer 4

• People
• Technology
• Infrastructure

Question 5

COOP

Answer 5

Continuity of operations planning
* Non-technical solution if services break down
* Manual transactions, Phone calls

Question 6

Recovery Testing

Answer 6

Tabletop Exercises
* Planspiel

Fail over
* Creation of redundant infrastructure in case of failure:
Multiple server, Firewalls, Switches

Simulations
* Phishing Email simulation
* Test of Internal security systems and user/employees

Question 7

Snapshots

Answer 7

• Instant copy of current state of system
• Common in VM´s
• Instantly deployable
• Can be automated

Question 8

Replication

Answer 8

• Copy Data to different locations as almost real time backup

Question 9

Journaling

Answer 9

• Writing Data/Code first to journal before writing in memory
• Prevention in case system breaks, data can be more efficiently be recovered

Question 10

How to mitigate power resilience

Answer 10

UPS
* Uninterruptible power supply
* Short-term backup power

Types:
Offline/Standby UPS
Line-interactive UPS
On-Line/Double-conversion UPS

Generator
* Long-Term power Backup
* Fuel storage required
* Power an entire Building