Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTia Security+ SY0-601 Definitions > 2.5 - Implement Cybersecurity Resilience > Flashcards

2.5 - Implement Cybersecurity Resilience Flashcards

1
Q

Redundancy

A
  • Duplicate parts of the system
  • If a part fails, the redundant part can be used
  • Usually a reaction to some sort of failure that has occured
  • Goal is for an organization to continue to be up and running
  • Ex: Hardware (mother board fails)
  • Ex: Software (bug in software that causes service to crash)
  • Need to maintain up time and services
  • Building networks where the network stays up and running even when part of the network may fail
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Geographic Dispersal

A
  • Bad things can happen in a local area
  • Ex: Hurricane, tornados, natural disaster
  • Disperse technologies to different geographic
  • Use multiple data centers in different locations
  • May be part of normal operations (ex: East and West coast operation centers)
  • Or it may be part of a disaster recovery plan (Ex: If Florida is hit, fire up Denver)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Disk Redundancy

A
  • Multipath I/O (input / output)
  • Allows us to create multiple routes on the network for work arounds
  • Especially useful for network - based storage sub systems
  • Ex: Multiple fibre channel interfaces with multiple switches
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

RAID

A
  • Redundant Array of Independent Disks
  • Example of Disk Redundancy
  • Most redundancy comes from using multiple disks for a single array
  • You have separate pieces of array data on other disks
  • System admins will replace bad drive behind the scenes, users usually don’t know
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RAID 0

A
  • “Striping without parity”
  • High performance, no fault tolerance
  • No redundancy
  • Good performance to read/write to array, but if something happens, there is no redundancy
  • Most companies don’t use this
  • This is a type of redundancy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

RAID 1

A
  • “Mirroring”
  • Take 1 physical drive and duplicated it on another physical drive
  • Duplicates data for fault tolerance, but requires twice the disk space
  • Most companies will start with this as a bare minimum
  • This is a type of redundancy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

RAID 5

A
  • “Striping with parity”
  • Fault tolerant, only requires an additional disk for redundancy
  • Putting pieces of information on other drives and then parity of information on the last drive
  • If you lose anything it will rebuild based on the parity on last drive
  • This is a type of redundancy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Combination RAIDS

A
  • Can combine RAID types and customize redundancy to be prepared for drive failures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Load Balancing

A
  • Balance loads b/n multiple servers
  • Person makes a server request and the load balancer decides which server will answer request
  • Some servers are active (others are on standby)
  • Always sending hello messages to check in
  • If an active server fails, the load balancer will decide to use a standby (passive) server
  • Many load balancers will remember which server a particular user used, and if the user sends another request, the load balancer will route them to the same server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Active Servers

A
  • In a load balancing, these servers will actively respond to request once passed through the load balancer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Standby servers

A
  • In a load balancing, up and running, but are waiting, load balancer won’t send any traffic to them
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

NIC Teaming

A
  • Even if you don’t have a load balancer, you can provide redundancy to a server using multiple network interface cards
  • allows us to use multiple connections to a server, but instead of having a primary and standby connection, you can use both together and aggregate the bandwidth
  • this increases the throughput and a way to have redundant paths should one path
  • On the server, this usually involves installing multiple network interface cards on the server, the cards are bound together to look like one
  • Configure the switch side of things so that any traffic going in b/n the connections is labeled as ‘NIC teamed’ in the server
  • NICs talk to each other (like load balancers send hello messages), usually over multicast connection
  • if a connection becomes unavailable, the server will recognize that the card is not responding and it will administratively turn it off and use another NICs to provide redundancy (you can then configure these NICS to talk to two different switches to provide more redundancy)
  • aka Load Balancing / Fail Over (LBFO)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

LBFO

A
  • Load Balancing / Fail Over
  • aka NIC Teaming
  • allows us to use multiple connections to a server, but instead of having a primary and standby connection, you can use both together and aggregate the bandwidth
  • this increases the throughput and a way to have redundant paths should one path
  • Another way to provide redundancy without a load balancer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

UPS

A
  • Uninterruptible Power Supply
  • Has batteries inside and if power goes, it goes to batteries (temporary power source)
  • Perhaps the primary resource we need to operate computers, laptops, mobile devices is power
  • during brown outs
  • Useful tools for temp power outages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

UPS Types

A
  • Uninterruptible Power Supply
  • Offline/ Standby UPS
  • Line-interactive UPS
  • On-line/ Double-conversion UPS
  • These three get more expensive as you go down the list
  • Different devices have different models (ex: auto shutdown, battery capacity, outlets, phone line suppression)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Offline / Standby UPS

A
  • Simplest, cheapest
  • Not normally enabled unless power is lost
  • Therefore, short lag time frame when the time is lost to when it switches to UPS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  • Line-interactive UPS
A
  • If voltage is slowly diminishing, then the UPS can slowly ramp up
  • During brown outs, it can fill in the difference
  • “midway option” b/n the UPS’s
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  • On-line/ Double-conversion UPS
A
  • Top of the line, always online and providing power to devices
  • no lag time b/c you’re already on battery powered
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Generator

A
  • Long-term power backup
  • Fuel storage required
  • Can often power entire buildings or a number of outlets (usually marked to show they can provide power during an outage)
  • Usually a 10 or 15 sec wait when generator will wait to see if power is restored
  • During this 10 sec lag, need some other system
  • Might combine UPS + Generator to close the gap
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Dual- power supplies

A
  • This creates redundancy
  • Internal server power supplies
  • external power circuits
  • Might want to have a server that has multiple power supplies (where you can plug in multiple power sources)
  • Designed so that each individual power supply can support the power for the entire power for the server 100%
  • If you plug in both, then each power supply provides 50%
  • Often hot-swappable, so if one fails, you can pull one out and plug another one in
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

PDU

A
  • Power Distribution units
  • Looks like a surge protector (connects to an ethernet)
  • Provide multiple power outlets
  • Usually in a rack
  • Have monitoring capabilities so can monitor power loads across PDU and network
22
Q

SAN replication

A
  • Storage Area Network
  • Specialized, high-performance network of storage devices
  • Built in redundancy, can usually access over very high speed networks
  • Share data between different devices
  • If one device fails, you can still work with the data
  • VERY fast recovery times compared to traditional backups
  • Ex: Common for computing engine to be separated from where data is stored. If data is stored somewhere where multiple front ends can access you have redundancy (if you lose a front end you have others can can acces it)
23
Q

SAN to SAN replication

A
  • Can replicate areas between Storage Area Networks
  • Can duplicate data from one data center to another
  • You can have a primary and secondary SAN or both can be active simultaneously
  • Constantly replicating data b/n each other to replicate data b/n the two
  • If a data center becomes unavailable or want to migrate a whole data center, you’ll have a complete copy of a data center
24
Q

SAN Snapshot

A
  • Create a state of data based on a point in time
  • Copy that state to other SANs
  • Snap shot can be taken at interval of your choosing
  • If there’s an outage you only lose the delta b/n the last snap shot
25
Q

VM Replication

A
  • Virtual Machine
  • Cloud based apps rely heavily on VMs (and running VMs simultaneously)
  • Maintain one VM, replicate to all others (allows us to maintain consistently b/n all VMs once primary VM is updated) Also acts as a backup.
  • Very efficient (if you make a change in a VM you only have to copy the changes to the other VMs) = don’t have to duplicate all other data
  • The VM is really just one big file
26
Q

On premises vs. cloud redundancy

A
  • When replicating data, consider these factors (advantages and disadvantages to both)
  • Speed (Local devices are connected over very fast networks and cloud connections are almost always slower)
  • Money (purchasing your own storage is expensive capital investment. Cloud tends to have a lower cost entry point and then you can scale up from there)
  • Security (local data is private, data stored in the cloud requires additional security controls)
27
Q

Archive Attribute

A
  • in Microsoft, there is a bit associated with every attribute called the “Archive Attribute”
  • It turns on whenever a file is modified (go to properties, under advanced, “file is ready for archiving”)
  • You can see what files have changed since the last backup occurred
28
Q

Full backup

A
  • Backup everything on the system
  • 1st backup step
  • Store everything in OS and store in backup and then backup is clear
  • will take a lot of time to backup, but restoration time is relatively low b/c only need the 1 backup tape
  • archive attribute cleared
29
Q

Incremental Back-up

A
  • Will occur after the full back-up
  • all files changed since the last INCREMENTAL backup and last full backup
  • Usually smaller than full backup
  • backup sizes can vary depending on how much data was changed
  • This is important during restoration
  • Restoration requires: Full backup + every incremental backup that has been made since the full backup occurred
  • Backup speed is high (only taking the difference but the restoration time is high b/c it’s multiple tape sets
  • Archive attribute cleared
30
Q

Differential Backup

A
  • Like an incremental backup, occurs after a full backup
  • But only files that are backed up are the ones that have changed since the last FULL backup
  • Every backup will get bigger since you’re adding differential backups onto one another (ex: if full backup is monday then Tuesday’s backup is just tuesday, Wednesday is Tuesday + Wednesday, thursday is Tuesday, wenesday + thursday, etc..)
  • For restoration: Full backup + last differential backup since the last full backup
  • Back up speed Moderate (but each day it grows, b/c every day it grows) , and restoration time is moderate (only ever need 2 sets of backups, full + last differential)
  • Archive attribute NOT cleared b/c the nettime you backup you’ll perform a differential backup
31
Q

Magnetic Tape

A
  • Traditional backup media option
  • Sequential storage device b/c have to forward through tapes to find data you’re looking for
  • size range: 100GB to multiple TB per cartridge
  • Advantage: Easy to ship / store, good archive medium esp if offside
32
Q

Disk backup

A
  • Many enterprises have moved from tape to disk b/c the cost of hard drives has dropped so much
  • Faster than magnetic tape
  • Deduplicate and compress (more efficient backup than magnetic tape)
  • faster to read/write than magnetic tape
33
Q

Copy backup

A
  • Image of a system, exact duplicate of system at a particular point in time
  • may not allow for versioning, but can be used for restoration from an offisite location
  • A useful strategy
  • May not include versioning
  • May need to keep offsite
34
Q

NAS

A
  • Network Attached Storage
  • One of two popular mechanisms to store drives over a network (other being SAN)
  • Connect to a shared storage device across a network
  • “File level access “ - if you need to change any portion of file, need to rewrite the entire file (this can be cumbersome when re-writing an large file)
  • Like SAN, need a lot of bandwidth (may use isolated network and high-speed network technologies)
35
Q

SAN

A
  • Storage Area Network
  • Looks and feels like a local storage device
  • Could be considered more efficient than a NAS
  • Very efficient reading / writing
  • “Block level access” - if you need to change a single portion of a file, you only need to change that portion (instead of re-writing the whole file)
  • Like NAS , need a lot of bandwidth (may use isolated network and high-speed network technologies)
36
Q

Cloud backup

A
  • Take files on local and back them up in the cloud
  • Supports many devices
  • May be limited by bandwidth (need enough bandwidth)
37
Q

Image backup

A
  • Instead of backing up individual files, capture an exact replica of everything on a storage drive
  • Restore everything on a partition, including operating system files and user documents
  • Restore an exact duplicate of system, simultaneously
38
Q

Backup locations

A
  • Offline or online
39
Q

Offline Backup

A
  • Back up to local devices
  • fast and secure
  • Must be protected and maintained
  • Often requires offsite storage for disaster recovery
40
Q

Online Backup

A
  • Updated constantly throughout the day
  • Remote network-connected third party
  • Usually over an encrypted channel
  • Accessible from anywhere (able to access back from from mobile/ laptop )
  • Speed is limited by bandwidth
41
Q

Non-persitence

A
  • Application instances are constantly built and torn down

- unusual in a cloud environment to have any service that is permanently available

42
Q

Snapshot

A
  • Preserve the complete state of a device, or just the configuration
  • Ex: If you want to create an instance for a short time and tear it down but then reference it later, you can take a snapshot (can restore from snap shot)
  • if you take multiple snapshot, you have multiple versions, especially useful if you upgrade software and run into an issue, you can revert to a known state (a previous snapshot)
  • Can separate Data from Configuration (Ex: don’t modify the data but use a previous configuration)
43
Q

Live boot media

A
  • Run the OS from a removable media
  • very portable
  • some systems will allow a backup from a boot drive on removable media
44
Q

High Availablity

A
  • Always on, always available
  • Usually, if you have redundancy it means you have options in case of failure. (However, redundancy doesn’t always mean availablity or maintain uptime).
  • There may be a lag (Ex: may need to be powered on manually to take advantage of redundancy)
  • However, High availablity is different
  • Might have multiple components working together (multiple firewalls workign with multiple routers, etc. the multiples tend to beget more multiples )
  • HA means higher cost, upgraded power, high-quality server components
45
Q

Order of Restoration

A
  • Different application components will likely need to be restored in a specific order
  • DB before application usually
  • back-up specific (incremental vs differential backup)
46
Q

Diversity of technologies

A
  • key to providing uptime
  • Ex: a 0 day could provide an outage of one OS, but if you’re running multiple OS you could still have uptimes
  • Multiple security components (ex: Firewall, with IPS, with spam filter)
    problems in a timely manner
  • Can be combined with Diversity of Vendors
47
Q

Diversity of vendors

A
  • Vendors - Single vendor can become a disadvantage, no options during annual renewals, a bad support team may not be able to resolve
  • flexibility during purchase process
  • Should be combined with Diversity of Technologies
48
Q

Diversity of Cryptography

A
  • Cryptography of today will ultimately be temporary as brute force hacks can increase with larger CPUs
  • Diverse certificate authorities (if one CA is breached, then have another CA to use)
49
Q

Diversity of Controls

A
  • Controls ( administrative, physical, technical, combine them together = “defense in depth” )
  • Ex: locks on doors, authentication, etc.. are combined
50
Q

Defense in Depth

A
  • Combining security controls to create a stronger system (ex: locks on doors + authentication, etc..) don’t rely on just one!

CompTia Security+ SY0-601 Definitions (47 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions