network security ch11
Community clouds
A collaboration between a few entities for the sole benefit of those entities
Private clouds
An extension of the intranet applied to cloud computer.
true
BIA is the first major component of the CP process.
true
BIA provides the CPMT with information about systems and the threats they face.
true
Incident response focuses on immediate response to small-scale events, such as hacking attempts, malware outbreaks, and misuse of corporate assets.
BIA
Is a crucial component, given that it provides an assessment of the system operations that the organization absolutely needs to keep going during and after an event.
RAID level 2
It uses specialized parity coding mechanism known as the Hamming code to store stripes of data on multiple data drives and corresponding redundant error correction on separate error correcting drives.
true
NAS does not work well with real-time applications because of the latency of the communication methods.
RAID level 0
One large volume is used for the data, but the parity operates independently to provide error recovery.
Business Resumption Plan
DR (Disaster recovery) plan and BC (business continuity)plan are combine to make the ______.
Disaster Recovery plan
The key role of a ____ is defining how to reestablish operations at the location where the organization usually operates
Grandfather-Father-Son (GFS)
This method equalizes the wear and tear on the tapes and helps to prevent tape failure
Grandfather-Father-Son (GFS)
This method uses five media sets per week and allows recovery of data for the previous three weeks.
Infrastructure as a Service (IaaS)
Unofficially known as Everything as a Service, this provides hardware and operating systems resources to host whatever the organization desires to implement, again hosted by a third party for a fee.
RAID level 1
Uses two drives in which data is written to both drives simultaneously, providing a backup if the primary drive fails. It is a rather expensive and inefficient use of media.
false
RAID 0 improves the risk situation when using disk drives
false
RAID is a replacement for backup and recovery processes
true
RAID provides another method to ensure that data is not lost.
true
RAID serves as a valuable complement to provide high availability for data.
true
RAID uses a number of hard drives to store information across multiple drive units.
Full backup
a complete backup of the entire system, including all applications, operating systems component, and data.
Bare metal recovery
allow you to reboot the affected system from a CD ROM or other remote drive and quickly restore you operating system by providing images backed up from a know stable state.
RAID level 10
also referred to as RAID 1+0 which combines benefits of RAID 0 and RAID 1
Incremental Backups
are designed to complete the backup in the shortest elapsed time.
RAID level 1
commonly called disk mirroring
RAID level 0
commonly called disk striping
IR plan
deals with the identification, classification, response, and recovery from an incident and provides answers to questions that victims might pose in the didst of an incident.
CD Disruption Phases
define the actions that actually occur when an event becomes an incident and/or disaster.
Platform as a Service (PaaS)
development platforms are available to developers for a fee and similarly hosted by third parties
Disaster Recovery (DR) team
develops, tests, manages, and executes the plan by detecting, evaluating, and responding to disasters and by reestablishing operations at the primary business site
Incident Response (IR) team
develops, tests, manages, and executes the plan by detecting, evaluating, and responding to incidents.
Business continuity (BC) team
develops, tests, manages, and executes the plan by setting up and starting off site operations in the event of an incident or disaster
IR plan
enables the organization to take coordinated action that is either predefined and specific or ad hoc and reactive
Business Continuity plan
ensures that critical business functions can continue if a disaster occurs.
Disaster Recovery plan
entails the preparation for and recovery from a disaster, whether natural or human made
Disaster recovery plan
focuses on the reestablishment of the technical infrastructure and business operations at the primary site.
disadvantage of incremental backups
if an incident occurs, multiple backups are needed to restore the full system.
The Towers on Hanoi
is a more complex approach than the other two methods and uses statistical principles to optimize media wear. This 16 step strategy assumes that five media sets are used per week, with a backup each night.
Incident response
is a set of procedures that commences when an incident is detected.
RAID level 0
is frequently used to combine smaller drive volumes into fewer, large volumes to gain the advantages that larger volumes offer as well as increased I/O throughput.
RAID level 5
is most commonly used in organizations that balance safety and redundancy against the costs of acquiring and operating the systems.
BC plan
is most properly managed by the CEO of an organization.
RAID level 1
is often used to create duplicate copies of operating system volumes for high-availability systems.
RAID level 7
is sometimes performed by running special software over RAID 5 hardware.
Cold server
is the administrator's test platform, and it should be identically configured to the hot and warm servers.
Contingency Planning (CP)
is the process by which the information technology and information security teams position their organizations to prepare for, detect, react to, and recover from man made or natural events that threaten the security of information resources and assets.
Differential Backup
is the storage of all files that have changed or have been added since the last full backup.
DR plan
is usually managed by the IT community of interest
RAID level 5
it stripes the data across multiple drives, but there is no dedicated parity drive. Instead, segments of data are interleaved with parity data and are written across all the drives in the set.
Incremental Backup
only archives the data that have been modified since the last backup, and thus requires less space and time than a differential backup.
RAID level 6
protects against situations where a second drive fails before the first drive has been recovered.
Mirroring
provides duplication of server data storage by using multiple hard drive volumes.
Hot server
provides the services necessary to support operations.
Incremental Backup
requires less storage space.
Main goal of CP
restore normal modes of operation, with minimal cost and disruption to business activities, after a disruptive event has occurred.
Six tape rotation
rotates six sets of media, is perhaps the most simple and well known backup method. It uses five media sets per week.
Warm server
serves as an ancillary or secondary server that services requests when the primary server is busy or down
RAID level 6
similar to RAID 5; however, this level adds another layer of parity data striped across the drives.
true
some RAID configurations combine RAID 0 with RAID 5 or RAID 1 to provide both data protection and improved I/O throughput.
RAID level 7
the array works as a single virtual drive
RAID level 10
the data is stripped like RAID 0, but the stripped set is mirrored, as in RAID 1.
true
the final phase of the IR planning function is Plan Maintenance.
Disk to Disk to Tape
the problem with this technology is the lack of redundancy if both the online and backup versions fail, because of a virus or hacker intrusion. This is why the secondary data disk series should be periodically hacked up to tape or other removable media.
true
the specific processes for maintaining the IR plan vary from one organization to another.
Drawback of tape backup
the time required to store and retrieve information.
RAID level 4
uses block-level striping data
RAID level 3
uses byte-level striping of data
RAID level 2
This approach allows the reconstruction of data in the event that some of the data or redundant parity information is lost.
Software as a Service (SaaS)
Applications are provided at a fee bot hosted on third party systems and accessed over the Internet
RAID level 0
Creates one larger logical volume across several available physical hard disk drives and stores the data in segments, called stripes, across all the disk drives in the array.
Public Clouds
The most common implementation, in which a third party makes the services available to whoever needs them, over the Internet
RAID level 10
This hybrid system is really a mirror of a striped set
RAID level 2
This is a specialized form of disk striping with parity and is not widely used.
RAID level 3 and 4
These approaches use a process in which the data is stored in segments on dedicated data drives and parity information is stored on a separate drive.