Security Architecture 5 Flashcards
What types of site resiliency are there?
Hot Site
* Exact Replica of the original site
* All processes, updates and changes will also be implemented in hot site
Cold Site
* No Hardware, Empty building
Warm Site
* Inbetween
Geographic Dispersion
- Dispersing site in case of disaster to physically different location
- Can be logistically challenging
Platform Diversity
- Every OS contains potential security issues
- Usually single OS specific
Capacrity Planning
- People
- Technology
- Infrastructure
COOP
Continuity of operations planning
* Non-technical solution if services break down
* Manual transactions, Phone calls
Recovery Testing
Tabletop Exercises
* Planspiel
Fail over
* Creation of redundant infrastructure in case of failure:
Multiple server, Firewalls, Switches
Simulations
* Phishing Email simulation
* Test of Internal security systems and user/employees
Snapshots
- Instant copy of current state of system
- Common in VM´s
- Instantly deployable
- Can be automated
Replication
- Copy Data to different locations as almost real time backup
Journaling
- Writing Data/Code first to journal before writing in memory
- Prevention in case system breaks, data can be more efficiently be recovered
How to mitigate power resilience
UPS
* Uninterruptible power supply
* Short-term backup power
Types:
Offline/Standby UPS
Line-interactive UPS
On-Line/Double-conversion UPS
Generator
* Long-Term power Backup
* Fuel storage required
* Power an entire Building