Flashcards in CISA Refresher 3 Deck (27)
A clustering is
a type of software that is installed on every server in which the application runs and includes management software that permits control of and tuning the cluster behaviour
performance improvements and fault tolerent capabilities via hardware and software solutions, breaking up data and writing data to a series of multiple disks to simultaneously improve performanance and save large files
the method of routing traffic through split cable facilities or duplicate cable facilities
diverse routing, disadvantages
It is time consuming and costly. These cable facilities are usually located in the ground or basement. Ground based facilities are at great risk due to aging infrastructures of cities. And usually it share rooms with mechanical and electrical systems that can impse great risk due to human error and disastrous events.
Emergency action team
One of their primary functions is the orderly evacuation of personnel and securing human life
Emergency management team
Their function entails arranging finances of recovery, handling legal matters evolving from the disaster, and handling public relation and media inquires
Offsite storage team
Resoponsible for obtaining, packaging and shipping media and record to the recovery facilities, as well as establishing and overseeing an offsite storage schedule for information created during operations at the recovery site
serves as facilities team to locate recovery site, if one has not been predetermined and is resposible for coordinating the raansport of company employees to a distant recovery site.
Supports the efforts of the user hardware team by contacting vendors and coordinating logistics for an ongoing supplyes of necessary offices and computer supplies
Manages the relocation project. This team also makes a more detailed assessment of the damage to the facilities and equipment than was preformed initially, provides information necessary for filing insurance claims.
Coordinates the process of moving from the hot site to a new location or to the restored original location
Resoponsible for coordinating the recovery efforts across various ofices located at different geographical locations
A Crucial element of DRP
is the availability of adequate data
The most important features of the tape drives is its data interface
Disk based backup system
VTL, Host based replication, Disk array based replication, snapshots
VTL ( virtual tape libraries
The systems consist of dis storage and software that control backup and recovery data sets.
Host based replications
This replication is done at the host (server) level by a special software running on this server and on the target server. Could be done in real time.
Disk array based replication
Same as host based rplications, however the rplication is performed at the disk array level, completely hidden from servers and applications.
This technology is very flexinble, allowing making different type of momentary copies of volumes or file systems. Thid technology is especially efficient and effective while used in combination with backup and recovery software
It requires less time to restore than incremental baackups, but it is slower and require more media capacity than incremental backups because data that are backed up are cumulative.
should be performed first to establish the footperint of the target organization and search for any information leakage that would inadvertently disclose technical details about the organizations network.
involves mapping the networok services, protocols and devices and would normaly occur after the initial reconnaissance
would occur in the later stage of the assessment
Disadvantage of IDS
is its inherent inability to scan for vulnerabilities atthe application level. It cannotg break encrypted date packtes to identify the source of the incoming traffic.
In order to provide the greatest security and efficiency and IDS should be placed behind the firewall so that it will detect only those attacks / intruders that enter the firewall
System administrator account
It is not possible to lock out the system administrator account after several failed logon attempts, because it would be impossible to unlock it. Therefore it is subject to online brute force attacks.