Physical Security and Disaster Recovery

Flashcards about Physical Security and Disaster Recovery

What is often overlooked by security professionals but is just as important as technological security?

Physical security.

Name four examples of physical controls.

Perimeter and building grounds, building entry points, inside the building, data centers or server room security, and computer equipment protection.

What should all entrances and exits have?

Camera monitoring.

What is a Class A fire extinguisher used for?

Ordinary combustibles such as wood or paper.

What is a Class B fire extinguisher used for?

Flammable liquids such as grease, oil, or gasoline.

What is a Class C fire extinguisher used for?

Electrical Equipment.

What is a Class D fire extinguisher used for?

Flammable Metals.

Which type of water based fire suppression system always contains water and is the most popular and reliable?

Wet pipe.

Which type of water based fire suppression system has no water in the pipe and is preferred for computer installations?

Dry pipe.

Which type of water based fire suppression system is most recommended for computer rooms and combines both dry and wet pipes?

Pre-action.

What does CPTED stand for?

Crime Prevention Through Environmental Design.

What is a disaster?

Any natural or man-made event that disrupts the operations of a business in such a significant way that a considerable and coordinated effort is required to achieve a recovery

What is a Disaster Recovery Plan (DRP)?

A plan that includes locating alternative facilities, getting equipment to those facilities, installing and configuring software, setting up the network at the new facility, and contacting staff, vendors, and customers.

What is a Business Continuity Plan (BCP)?

A plan designed to get minimal business functions up and running at least some level, using temporary solutions where needed.

What is maximum tolerable downtime (MTD)?

The total amount of time the system can be inoperable before the organization experiences irreparable harm.

What is Recovery time objective (RTO)?

The targeted duration of time and a service level within which a business process must be restored after a disaster or disruption in order to avoid unacceptable consequences associated with a break in business continuity.

What is Recovery point objective (RPO)?

The maximum acceptable period in which data might be lost from an IT service due to a major incident.

Name five types of tests for DRP and BCP.

Document review/checklist, Walkthrough/Tabletop, Simulation, Parallel, Cut-off/Full interruption

What are three primary backup types?

Full, Differential, and Incremental.

What does RAID stand for?

Redundant array of inexpensive disks.

What type of RAID distributes data across multiple disks in a way that decreases access time, but offers NO fault tolerance?

RAID 0 (striped disks).

What type of RAID duplicates the contents of the disks, making a form of 1:1 ratio real-time backup and is also called mirroring?

RAID 1.

What RAID type combines three or more disks in a way that protects data against loss of any one disk?

RAID 3 or 4 (striped disks with dedicated parity).

What RAID combines three or more disks in a way that protects data against the loss of any one disk, and the parity is interspersed across the drive array?

RAID 5 (striped disks with distributed parity).

What RAID type combines four or more disks in a way that protects data against loss of any two disks?

RAID 6 (striped disks with dual parity).

What RAID type is a mirrored data set (RAID 1), which is then striped (RAID 0)?

RAID 1+0 (or 10).