9. Resilience & Physical security

Question 1

What are the key components of physical security?

Answer 1

• Bollards
• Access control vestibule
• Fencing
• Video surveillance
• Security guard
• Access badge
• Lighting
• Sensors

These components work together to enhance the overall security posture of an organization.

Question 2

What types of physical attacks are mentioned?

Answer 2

• Brute force
• Radio frequency identification (RFID) cloning
• Environmental

Understanding these types of attacks is crucial for implementing effective security measures.

Question 3

What are the considerations for security architecture?

Answer 3

• Availability
• Resilience
• Cost
• Responsiveness
• Scalability
• Ease of deployment
• Risk transference
• Ease of recovery
• Patch availability
• Inability to patch
• Power
• Compute

These factors influence the effectiveness and efficiency of security systems.

Question 4

What is the difference between load balancing and clustering?

Answer 4

Load balancing distributes workloads across multiple resources while clustering involves connecting multiple computers to work together as a single system.

Both techniques are important for achieving high availability.

Question 5

What are the types of site considerations for resilience?

Answer 5

• Hot
• Cold
• Warm
• Geographic dispersion

These site types help organizations plan for disaster recovery and continuity of operations.

Question 6

What is included in capacity planning?

Answer 6

• People
• Technology
• Infrastructure

Effective capacity planning ensures that an organization can handle expected workloads and emergencies.

Question 7

What are the different types of testing methods for resilience?

Answer 7

• Tabletop exercises
• Failover
• Simulation
• Parallel processing

These methods help organizations prepare for and respond to incidents.

Question 8

What are key aspects of backups?

Answer 8

• Onsite/offsite
• Frequency
• Encryption
• Snapshots
• Recovery
• Replication
• Journaling

Backups are essential for data preservation and recovery during failures.

Question 9

What is the role of power management in resilience?

Answer 9

• Generators
• Uninterruptible power supply (UPS)

Reliable power sources are critical for maintaining operations during outages.

Question 10

True or False: Resilience is a part of the availability leg of the CIA triad.

Answer 10

True

The CIA triad stands for Confidentiality, Integrity, and Availability.

Question 11

Fill in the blank: Physical access to systems, networks, and devices is one of the easiest ways to ______ security controls.

Answer 11

[bypass]

This highlights the importance of physical security measures.

Question 12

What are response and recovery controls designed to ensure?

Answer 12

They help to ensure that an organization can remain online and recover from issues.

These controls are vital for maintaining business continuity.

Question 13

What is the importance of establishing restoration order for systems and devices?

Answer 13

It ensures that critical systems are prioritized during recovery processes.

This helps minimize downtime and impact on operations.

Question 14

What are the three components of the CIA triad?

Answer 14

Confidentiality, Integrity, Availability

Question 15

Why is availability critical for an organization’s security?

Answer 15

Systems that are offline or unavailable do not meet business needs.

Question 16

What is continuity of operations?

Answer 16

Ensuring that operations continue despite issues like system failures or natural disasters.

Question 17

What is a common method to build resilience in systems?

Answer 17

Redundancy

Question 18

Define single point of failure.

Answer 18

A point where the failure of a single device or connection can disrupt the entire system.

Question 19

What is geographic dispersion in the context of redundancy?

Answer 19

Placing datacenters at least 90 miles apart to prevent disasters from disabling multiple facilities.

Question 20

What is the purpose of load balancing?

Answer 20

To distribute loads among multiple systems or services, providing redundancy and increasing performance.

Question 21

What does clustering refer to in system design?

Answer 21

Groups of computers connected to perform the same task, providing redundancy through scale.

Question 22

What is the role of uninterruptible power supply (UPS) systems?

Answer 22

To provide backup power options for short outages.

Question 23

What is platform diversity?

Answer 23

Using different technologies and vendors to make systems less vulnerable to attacks or failures.

Question 24

What are the architectural considerations for security design?

Answer 24

Availability targets, resilience, cost, responsiveness, scalability, ease of deployment, risk transference, ease of recovery, patch availability, and power consumption.

Question 25

What is RAID used for?

Answer 25

To use multiple disks for data protection, ensuring data is not lost during disk failures.

Question 26

Describe RAID 0.

Answer 26

Data is striped across all drives for better I/O performance but is not fault tolerant.

Question 27

What is the advantage of RAID 1?

Answer 27

High read speeds and data availability if a drive fails.

Question 28

What does RAID 5 provide?

Answer 28

Striping with parity, allowing for recovery from a single drive failure.

Question 29

What is the difference between full, incremental, and differential backups?

Answer 29

Full: copies entire system; Incremental: captures changes since last backup; Differential: captures changes since last full backup.

Question 30

What is replication in data management?

Answer 30

Copying live data to another location or device continuously as changes are made.

Question 31

Define journaling.

Answer 31

Creating a log of changes that can be reapplied if an issue occurs.

Question 32

True or False: Journaling eliminates the need for backups.

Answer 32

False

Question 33

What are recovery point objectives (RPOs)?

Answer 33

Determinations of how much data loss is acceptable.

Question 34

What are recovery time objectives (RTOs)?

Answer 34

Determinations of how long recovery can take without significant damage.

Question 35

What is a snapshot in data backup?

Answer 35

A complete capture of the state of a system at a specific point in time.

Question 36

What is the primary use of forensic images?

Answer 36

To capture a bitwise copy of an entire storage device with data validation.

Question 37

What is a gold master image?

Answer 37

A non-modified image used for creating nonpersistent systems in virtualization.

Question 38

Fill in the blank: Backup frequency should be determined by the rate of change, the organization's tolerance for _______.

Answer 38

data loss

Question 39

What is a gold master image in virtualization systems?

Answer 39

A gold master image is a base image used to create nonpersistent systems that remain unchanged after shutdown.

Question 40

Why is it important to validate backup copies?

Answer 40

Validation ensures that the backup matches the original file, confirming its integrity.

Question 41

What factors should organizations consider when choosing backup media?

Answer 41

* Capacity * Reliability * Speed * Cost * Expected lifespan * Reusability

Question 42

Which backup media option has historically been one of the lowest-cost-per-capacity?

Answer 42

Tape

Question 43

What are the advantages of using disks for backup over tape?

Answer 43

Disks are typically faster, although more expensive for the same capacity as tape.

Question 44

True or False: Optical media like Blu-ray discs are commonly used for large-scale backups.

Answer 44

False

Question 45

Fill in the blank: Flash media like microSD cards and USB thumb drives are often used for _______.

Answer 45

short-term copies and longer-term backups

Question 46

What is the key difference between online and offline backups?

Answer 46

Online backups are always available, while offline backups need to be retrieved from a storage location.

Question 47

What are nearline backups?

Answer 47

Backup storage that is not immediately available but can be retrieved within a reasonable time, often without human involvement.

Question 48

What type of cloud backup provides lower prices for slower access times?

Answer 48

Long-term archival storage models like Amazon's S3 Glacier.

Question 49

How has the changing model for backups affected what is backed up?

Answer 49

Instead of backing up systems, the code that defines them and key data is backed up.

Question 50

What is off-site storage?

Answer 50

A method of storing backup media at a location separate from the primary site to ensure data safety.

Question 51

What are some risks associated with poorly executed off-site storage?

Answer 51

Lack of distance from the primary site, inadequate security during transit, and lack of encryption.

Question 52

What bandwidth considerations should organizations keep in mind for off-site backups?

Answer 52

Bandwidth for backups and restoration time, especially for low bandwidth locations.

Question 53

What is a key security consideration for backups in remote storage?

Answer 53

Encryption of data both at rest and in transit.

Question 54

What role do encryption keys play in backup recovery?

Answer 54

They are critical for restoring backups; losing access to keys means losing the backups.

Question 55

True or False: Cloud providers often have lower reliability rates than local tape or disk options.

Answer 55

False

Question 56

What types of controls are necessary for using third-party backup services?

Answer 56

Separation of accounts, additional controls, and encryption of data.

Question 57

What are response controls?

Answer 57

Controls used to allow organizations to respond to an issue, whether it is an outage, a compromise, or a disaster.

Question 58

What is the main focus of recovery controls?

Answer 58

Returning to normal operations.

Question 59

Define nonpersistence in the context of response controls.

Answer 59

The ability to have systems or services that are spun up and shut down as needed.

Question 60

How do systems revert to a known state?

Answer 60

Using snapshots in a virtualization environment or other tools that track changes.

Question 61

What is a last-known good configuration?

Answer 61

A state that allows returning to a previous configuration before an issue occurred.

Question 62

What is live boot media?

Answer 62

A bootable operating system that can run from removable media like a thumb drive or DVD.

Question 63

What are high-availability solutions?

Answer 63

Solutions like load balancing, content distribution networks, and clustered systems that respond to high-demand scenarios.

Question 64

What is vertical scalability?

Answer 64

Requires a larger or more powerful system or device.

Question 65

What is horizontal scaling?

Answer 65

Uses smaller systems or devices and adds more of them.

Question 66

List the three major types of disaster recovery sites.

Answer 66

* Hot sites * Warm sites * Cold sites

Question 67

What is a hot site?

Answer 67

A site with all the infrastructure and data needed to operate the organization.

Question 68

What is a warm site?

Answer 68

A site that has some systems needed but lacks live data.

Question 69

What is a cold site?

Answer 69

A site with space, power, and connectivity but not prepared with systems or data.

Question 70

What is the restoration order?

Answer 70

The sequence in which systems and services are restored after a disaster.

Question 71

What key issue was highlighted by the aftermath of 9/11 regarding disaster recovery?

Answer 71

The need to ensure staff availability during a disaster.

Question 72

What is geographic dispersion?

Answer 72

The practice of building infrastructure across multiple geographic regions to avoid disasters impacting multiple sites.

Question 73

What are the three areas of focus for capacity planning?

Answer 73

* People * Technology * Infrastructure

Question 74

What is the purpose of tabletop exercises?

Answer 74

Discussions to validate the disaster recovery plan with personnel assigned roles.

Question 75

What is a simulation exercise?

Answer 75

Drills where personnel simulate actions they would take in an actual event.

Question 76

What is a parallel processing exercise?

Answer 76

Moving processing to a backup system to validate its performance.

Question 77

What is a failover exercise?

Answer 77

Testing full failover to an alternate site or system.

Question 78

Why is it important to take notes during testing exercises?

Answer 78

To review what worked and did not work, and to apply lessons learned.

Question 79

What are physical security controls?

Answer 79

Measures like fences, lighting, and locks that protect systems, facilities, and networks from unauthorized access.

Question 80

What is the purpose of site security?

Answer 80

To implement a security plan based on threats and risks relevant to specific locations.

Question 81

What is security through obscurity?

Answer 81

The belief that hiding resources and data will prevent or persuade malicious actors from attacking.

Question 82

How do fences contribute to physical security?

Answer 82

They act as a deterrent and provide a physical barrier against unauthorized access.

Question 83

What are bollards?

Answer 83

Posts or obstacles that prevent vehicles from moving through an area.

Question 84

How does lighting enhance security?

Answer 84

Bright lighting discourages intruders and helps staff feel safer.

Question 85

Fill in the blank: Drones can be used to capture images, deliver a payload, or _______.

Answer 85

[take action like cutting a wire or blocking a camera]

Question 86

What are antidrone systems designed to do?

Answer 86

Detect and counteract drones using various technologies like radar and infrared sensors.

Question 87

True or False: Locks are a genuine physical security control.

Answer 87

False

Question 88

What role do access badges play in physical security?

Answer 88

They are used for entry access and to verify identity and authorization.

Question 89

What are access control vestibules also known as?

Answer 89

Mantraps

Question 90

What types of fire suppression systems are commonly used?

Answer 90

* Wet sprinkler systems * Dry sprinklers * Pre-action sprinklers * Deluge sprinklers

Question 91

What are the main types of alarm systems?

Answer 91

* Locally monitored * Remotely monitored

Question 92

What is a common phrase among security professionals regarding locks?

Answer 92

"Locks keep honest people honest."

Question 93

What is a key challenge of using security guards?

Answer 93

Humans can be fallible and susceptible to social engineering.

Question 94

What are the types of cameras used in video surveillance?

Answer 94

* Black and white * Infrared * Color

Question 95

What is the purpose of motion recognition cameras?

Answer 95

To activate when motion occurs, conserving storage space.

Question 96

What are the four specific types of sensors mentioned?

Answer 96

* Infrared sensors * Pressure sensors * Microwave sensors * Ultrasonic sensors

Question 97

What are indicators of malicious activity for physical attacks?

Answer 97

Require in-person observation or detection using a camera system.

Question 98

What is a brute-force attack in the context of physical security?

Answer 98

Breaking down doors, cutting off locks, or applying force for physical entry.

Question 99

What is an environmental attack?

Answer 99

Targeting an organization's heating and cooling systems or maliciously activating a sprinkler system.

Question 100

What is the key part of ensuring the availability of your systems and services?

Answer 100

Building a resilient infrastructure with the ability to recover from issues.

Question 101

What types of systems help provide resilience?

Answer 101

Redundant systems, networks, and other infrastructure and capabilities.

Question 102

Name a technique that helps maintain organizational online status during disasters.

Answer 102

Geographic dispersal.

Question 103

What is the purpose of high-availability designs?

Answer 103

To handle scaling and system/component failures.

Question 104

What are multicloud systems used for?

Answer 104

To avoid a vendor's outage or failure from causing broader issues.

Question 105

What backup systems help control power-related events?

Answer 105

Generators and UPS systems.

Question 106

What are the three types of backups you should know?

Answer 106

* Full backup * Differential backup * Incremental backup

Question 107

What is a snapshot in the context of backups?

Answer 107

A copy of the state of a system at a point in time.

Question 108

What is the function of journaling in backup systems?

Answer 108

Records changes, allowing for them to be replicated if needed.

Question 109

How can the response to an outage impact an organization?

Answer 109

It can make the difference between being back online quickly or being offline for an extended period.

Question 110

What are key parts of being ready for an issue?

Answer 110

* Capacity planning * Testing * Designing for continuity of operations

Question 111

What are the three types of disaster recovery sites?

Answer 111

* Hot sites * Warm sites * Cold sites

Question 112

What is a hot site?

Answer 112

A disaster recovery site built and fully ready to go.

Question 113

What does knowing the restoration order during a restoration event help with?

Answer 113

Bringing systems and services online in an order that makes sense based on dependencies and criticality.

Question 114

What does site security involve?

Answer 114

* Using controls to make facilities less likely to be targeted * Fences * Bollards * Lighting * Access badges * Entry access systems

Question 115

True or False: Detecting physical attacks requires less care than automated detection.

Answer 115

False

Question 116

What is the role of sensors in physical security?

Answer 116

To detect issues and events and to trigger responses.

Question 117

What does CASB stand for?

Answer 117

Cloud Access Security Broker

Question 118

What is the primary function of a cloud access security broker?

Answer 118

Security policy enforcement point positioned between enterprise users and cloud service providers