Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
47 Cards in this Set
- Front
- Back
|
Redundancy |
Having more than one of a system, service, device, or other components. Common Elements: Geographic dispersal Separation of servers Multiple network paths Redundant network devices Protection of power Storage and system Diversity of technologies |
|
|
Load Balancers |
Make multiple systems or servers appear to be a single resource, allowing both redundancy and increased ability to handle loads by distributing it to more than one system |
|
|
NIC Teaming |
Combines multiple network cards into a single virtual network connection. Used in tandem with redundant network interface cards to ensure connectivity in situations where a system’s availability is important |
|
|
UPS |
Uninterruptible power supply provide battery or other backup power options for short periods of time. Generator |
|
|
PDU |
Power distribution units are used to provide intelligent power management and remote control of power delivered inside server racks and other environments |
|
|
RAID |
Redundant array of inexpensive disks, is a common solution that uses multiple disks with data either striped or mirrors and technology to ensure that data is not corrupted or lost (parity) RAID 0: Striping, data spread across all drives in the array RAID 1: Mirroring, data copied exactly to another drive RAID 5: Striping with parity RAID 6: Striping with double parity RAID 10 or 1+0: Mirroring and Striping |
|
|
Full Backup |
Copies the entire device or storage system |
|
|
Incremental backup |
Captures the changes since the last backup and is faster to back up but slower to recover |
|
|
Differential backup |
Captures the changes since the last full backup and is faster to recover but slower to backup |
|
|
Snapshot |
Captures the dull state of a system or device at the time the backup is completed. Common in virtual machines where they allow the machine state to be restored at the point int time that the snapshot was taken |
|
|
Image |
Similar concept to snapshots, but most often the refer to a complete copy of a system or server, typically down to the bit level for the device. |
|
|
Tape |
One of the lowest cost per capacity options for large scale backups. |
|
|
Disks |
Either in magnetic or solid state drive form are typically more expensive for the same backup capacity as tape but are often faster |
|
|
Optical |
Blu-ray or DVD’s still in use but for capacity reasons they are not in common use as a large scale backup tool |
|
|
Flash |
MicroSD cards and USB thumb drives are used for short term copies and even longer term backups. Not frequently used at the enterprise level. |
|
|
Online vs Offline |
Online backups are always available as offline are not. Offline need to be retrieved making online a quick retrieval option, but offline can be kept in a secure location without power and other expense and ensure that organizations cannot have a total data loss |
|
|
Off-Site Storage |
Either at a site they own and operate or through a third part service. It forms a geographic diversity and helps ensure that a single disaster cannot destroy an organization’s data entirely |
|
|
SAN |
Storage Area Network, provides block level access to its storage making it look like a physical drive. Viewed as both a way to replicate data using RAID and as a type of backup. |
|
|
NAS |
Network attacked storage, usually present data as files considered more as a smaller storage device |
|
|
Cloud and Third Party Storage |
Have become increasing common. Considerations need to be taken when exploring these options. Bandwidth: for both backing up and restoring Time to retrieve and cost to retrieve files Reliability New security models required for backups |
|
|
Nonpersistence |
The ability to have systems or services that are spun up and shut down as needed. |
|
|
Scalability |
The ability to respond to high demand scenarios as well as to failures in individual systems. Common design element designed to scale across many servers instead of requiring a larger server to handle more workload. |
|
|
Vertical Scalability |
Requires a larger or more powerful system or device. Can help when all tasks or functions need to be handled on the same system or infrastructure. Very expensive to increase |
|
|
Horizontal Scalability |
Uses smaller systems or devices but adds mor of them. It can take advantage of adding and removing resources allowing it to shrink and grow as needs change. |
|
|
Hot Sites |
Have all the infrastructure and data needed to operate the organization. Operated full time and makes sure staff are in place, but very expensive |
|
|
Warm Sites |
Have some or all of the systems needed to perform the work required by the organization, but the live data is not in place. Expensive to maintain but they can reduce the time to restoration |
|
|
Cold Sites |
Have space, power, and often network connectivity but they are not prepared with systems or data. Presents challenges of transporting and acquiring hardware during disasters but the least expensive option |
|
|
Restoration Order |
Decisions to balance the criticality of systems and services to the operation of the organization against the need for other infrastructure to be in place and operational to allow each component to be online, secure, and otherwise running properly. |
|
|
Industrial Camouflage |
Security through obscurity by having a building in a nondescript location rather than making it visible allowing angry customers to seek out. |
|
|
Fences |
Act as a deterrent by both making it look challenging to access a facility and as an actual physical defense. Barbed wire and razor wire are commonly used as well |
|
|
Bollards |
Posts or other obstacles that prevent vehicles from moving through an area |
|
|
Lighting |
Plays a part in exterior and interior security by not leaving showed areas and automated lights to show movement inside and outside a building |
|
|
Badges |
Be used for entry access via magnetic stripe and RFID they also often include a picture and other information that can quickly allow personnel and guards to determine if a person is who they say they are and what areas they are allowed to be in |
|
|
Alarms |
Are used to detect and alert about issues, including unauthorized access, environmental problems, and fires. Can be monitored remotely or locally and need to be properly configured as to not cause false positives |
|
|
Fire suppression systems |
Help with resilience by reducing the potential for disastrous fires. There are several types of systems: Water based sprinklers, Gaseous agents, and Chemical agents |
|
|
Sinage |
Effective signage can serve a number of purposes. It can remind authorized personnel that they are in a secure area and that others who are not authorized should not be permitted to enter and should be reported if they are seen. |
|
|
Access Control Vestibules |
Used to prevent piggyback attacks by requiring authentication to enter a room and then requiring it again to leave that room to enter a secure facility |
|
|
Locks |
Are the most common physical security control. They are not a real deterrent for most deterred attackers since they can be bypassed in many different ways and are not considered a genuine physical access control |
|
|
Guards |
Used in areas where human interaction is either necessary or helpful. They can make decisions that technical control systems cannot and provide both detection and response capabilities, but are expensive and fallible. |
|
|
Cameras |
Allows security to view events in real time or from the past and come in many different forms and features including motion recognition and object detection. Considered a sensor |
|
|
Sensor Systems |
Motion, noise, moisture, and temperature detection sensors |
|
|
Hot/Cold Aisles |
Play into the ability to safely house servers and other devices by placing air intakes and exhausts on alternating aisles to ensure proper airflow |
|
|
Faraday Cage |
Blocks electromagnetic fields. Enclosure made up of conductive mesh that distributes charges from wireless device signals thus stopping them |
|
|
DMZ |
Demilitarized Zone is a screened subnet that can logically or physically segment a network to separate the outside world. They rely on firewalls to prove segmentation that limits the flow of traffic into and out of the screened subnet, thus keeping higher security zones secure |
|
|
Protected Cable Distribution |
A scheme that comes into play if organizations are concerned about attacks that tap into cables or that attempt to access them through any means. It is rarely deployed except for government installations and other high security facilities |
|
|
Secure Data Destruction |
When data reaches the end of its lifespan destroying the media that contains it is an important security measure. It can be done several ways: Burning Shredding Pulping Pulverizing Degaussing: magnetically wiping |
|
|
Air Gap |
A system that is not physically connected to another system |
