network security ch11

Community clouds

A collaboration between a few entities for the sole benefit of those entities

Private clouds

An extension of the intranet applied to cloud computer.

true

BIA is the first major component of the CP process.

true

BIA provides the CPMT with information about systems and the threats they face.

true

Incident response focuses on immediate response to small-scale events, such as hacking attempts, malware outbreaks, and misuse of corporate assets.

BIA

Is a crucial component, given that it provides an assessment of the system operations that the organization absolutely needs to keep going during and after an event.

RAID level 2

It uses specialized parity coding mechanism known as the Hamming code to store stripes of data on multiple data drives and corresponding redundant error correction on separate error correcting drives.

true

NAS does not work well with real-time applications because of the latency of the communication methods.

RAID level 0

One large volume is used for the data, but the parity operates independently to provide error recovery.

Business Resumption Plan

DR (Disaster recovery) plan and BC (business continuity)plan are combine to make the ______.

Disaster Recovery plan

The key role of a ____ is defining how to reestablish operations at the location where the organization usually operates

Grandfather-Father-Son (GFS)

This method equalizes the wear and tear on the tapes and helps to prevent tape failure

Grandfather-Father-Son (GFS)

This method uses five media sets per week and allows recovery of data for the previous three weeks.

Infrastructure as a Service (IaaS)

Unofficially known as Everything as a Service, this provides hardware and operating systems resources to host whatever the organization desires to implement, again hosted by a third party for a fee.

RAID level 1

Uses two drives in which data is written to both drives simultaneously, providing a backup if the primary drive fails. It is a rather expensive and inefficient use of media.

false

RAID 0 improves the risk situation when using disk drives

false

RAID is a replacement for backup and recovery processes

true

RAID provides another method to ensure that data is not lost.

true

RAID serves as a valuable complement to provide high availability for data.

true

RAID uses a number of hard drives to store information across multiple drive units.

Full backup

a complete backup of the entire system, including all applications, operating systems component, and data.

Bare metal recovery

allow you to reboot the affected system from a CD ROM or other remote drive and quickly restore you operating system by providing images backed up from a know stable state.

RAID level 10

also referred to as RAID 1+0 which combines benefits of RAID 0 and RAID 1

Incremental Backups

are designed to complete the backup in the shortest elapsed time.

RAID level 1

commonly called disk mirroring

RAID level 0

commonly called disk striping

IR plan

deals with the identification, classification, response, and recovery from an incident and provides answers to questions that victims might pose in the didst of an incident.

CD Disruption Phases

define the actions that actually occur when an event becomes an incident and/or disaster.

Platform as a Service (PaaS)

development platforms are available to developers for a fee and similarly hosted by third parties

Disaster Recovery (DR) team

develops, tests, manages, and executes the plan by detecting, evaluating, and responding to disasters and by reestablishing operations at the primary business site

Incident Response (IR) team

develops, tests, manages, and executes the plan by detecting, evaluating, and responding to incidents.

Business continuity (BC) team

develops, tests, manages, and executes the plan by setting up and starting off site operations in the event of an incident or disaster

IR plan

enables the organization to take coordinated action that is either predefined and specific or ad hoc and reactive

Business Continuity plan

ensures that critical business functions can continue if a disaster occurs.

Disaster Recovery plan

entails the preparation for and recovery from a disaster, whether natural or human made

Disaster recovery plan

focuses on the reestablishment of the technical infrastructure and business operations at the primary site.

disadvantage of incremental backups

if an incident occurs, multiple backups are needed to restore the full system.

The Towers on Hanoi

is a more complex approach than the other two methods and uses statistical principles to optimize media wear. This 16 step strategy assumes that five media sets are used per week, with a backup each night.

Incident response

is a set of procedures that commences when an incident is detected.

RAID level 0

is frequently used to combine smaller drive volumes into fewer, large volumes to gain the advantages that larger volumes offer as well as increased I/O throughput.

RAID level 5

is most commonly used in organizations that balance safety and redundancy against the costs of acquiring and operating the systems.

BC plan

is most properly managed by the CEO of an organization.

RAID level 1

is often used to create duplicate copies of operating system volumes for high-availability systems.

RAID level 7

is sometimes performed by running special software over RAID 5 hardware.

Cold server

is the administrator's test platform, and it should be identically configured to the hot and warm servers.

Contingency Planning (CP)

is the process by which the information technology and information security teams position their organizations to prepare for, detect, react to, and recover from man made or natural events that threaten the security of information resources and assets.

Differential Backup

is the storage of all files that have changed or have been added since the last full backup.

DR plan

is usually managed by the IT community of interest

RAID level 5

it stripes the data across multiple drives, but there is no dedicated parity drive. Instead, segments of data are interleaved with parity data and are written across all the drives in the set.

Incremental Backup

only archives the data that have been modified since the last backup, and thus requires less space and time than a differential backup.

RAID level 6

protects against situations where a second drive fails before the first drive has been recovered.

Mirroring

provides duplication of server data storage by using multiple hard drive volumes.

Hot server

provides the services necessary to support operations.

Incremental Backup

requires less storage space.

Main goal of CP

restore normal modes of operation, with minimal cost and disruption to business activities, after a disruptive event has occurred.

Six tape rotation

rotates six sets of media, is perhaps the most simple and well known backup method. It uses five media sets per week.

Warm server

serves as an ancillary or secondary server that services requests when the primary server is busy or down

RAID level 6

similar to RAID 5; however, this level adds another layer of parity data striped across the drives.

true

some RAID configurations combine RAID 0 with RAID 5 or RAID 1 to provide both data protection and improved I/O throughput.

RAID level 7

the array works as a single virtual drive

RAID level 10

the data is stripped like RAID 0, but the stripped set is mirrored, as in RAID 1.

true

the final phase of the IR planning function is Plan Maintenance.

Disk to Disk to Tape

the problem with this technology is the lack of redundancy if both the online and backup versions fail, because of a virus or hacker intrusion. This is why the secondary data disk series should be periodically hacked up to tape or other removable media.

true

the specific processes for maintaining the IR plan vary from one organization to another.

Drawback of tape backup

the time required to store and retrieve information.

RAID level 4

uses block-level striping data

RAID level 3

uses byte-level striping of data

RAID level 2

This approach allows the reconstruction of data in the event that some of the data or redundant parity information is lost.

Software as a Service (SaaS)

Applications are provided at a fee bot hosted on third party systems and accessed over the Internet

RAID level 0

Creates one larger logical volume across several available physical hard disk drives and stores the data in segments, called stripes, across all the disk drives in the array.

Public Clouds

The most common implementation, in which a third party makes the services available to whoever needs them, over the Internet

RAID level 10

This hybrid system is really a mirror of a striped set

RAID level 2

This is a specialized form of disk striping with parity and is not widely used.

RAID level 3 and 4

These approaches use a process in which the data is stored in segments on dedicated data drives and parity information is stored on a separate drive.