Lesson 20: Implementing Cybersecurity Resilience

Vocabulary flashcards covering key concepts from Lesson 20 on implementing cybersecurity resilience, including redundancy, backups, and site/change management.

Cybersecurity resilience

The ability to limit the impact of intrusions on confidentiality, integrity, and availability and to maintain high availability through redundancy, backups, site resiliency, and change/configuration management.

Redundancy

Providing multiple power, network, and storage components to avoid single points of failure and to maintain operation during failures.

High availability

A system’s ability to remain online and functional; described by uptime percentage and often expressed via MTD requirements.

Maximum Tolerable Downtime (MTD)

The maximum downtime an organization can tolerate for a given business function.

Availability

The percentage of time a system is online and accessible.

Downtime

The amount of time a system is unavailable.

Scalability

The capacity to increase resources to meet demand with similar cost growth.

Elasticity

The ability of a system to adapt to changing demand in real time without loss of service.

Scale out

Add more resources in parallel to existing ones.

Scale up

Increase the power of existing resources.

Fault tolerance

Continuing to provide service despite component failures, typically via redundancy.

Power redundancy

Measures to protect against power disturbances, ensuring continuous operation.

Dual Power Supplies

Two or more power supply units (PSUs) for redundancy, often hot-pluggable.

Power Distribution Units (PDUs)

Units that distribute power to equipment and may provide protection and remote monitoring.

Uninterruptible Power Supply (UPS)

Provides temporary power during outages to allow safe shutdown or failover.

Battery backups

Battery systems that sustain operation during short power losses.

Generators

Backup power sources for longer outages (diesel, propane, natural gas).

Renewable power

Power from renewable sources (solar, wind, geothermal, etc.) used for resilience.

NIC teaming

Combining multiple NICs/ports for higher bandwidth and redundancy.

Spanning Tree Protocol (STP)

Prevents network loops in networks with multiple paths.

Load balancer

Distributes workloads across multiple servers to maintain service availability.

RAID

Redundant Array of Independent Disks; combines disks for redundancy and/or performance.

RAID 1

Mirroring: data on two disks for redundancy; 50% storage efficiency.

RAID 5

Striping with parity across three+ disks; can survive one disk failure.

RAID 6

Double parity across disks; can survive two disk failures.

Nested RAID

Combining RAID levels (e.g., 0+1, 1+0, 5+0) for improved performance or redundancy.

Multipath I/O

Multiple paths between server and storage to provide redundancy and resilience.

SAN (Storage Area Network)

High-speed network of storage devices enabling centralized storage and replication.

Data replication

Maintaining exact copies of data at multiple locations.

Geographical redundancy

Replicating data/sites across distant locations to protect against regional disasters.

Synchronous replication

Writing data to all replicas simultaneously for consistency.

Asynchronous replication

Writing data to the primary first, then copying to replicas later.

On-premises vs Cloud

Comparison of local data centers versus cloud-based storage for resilience.

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time.

Recovery Time Objective (RTO)

The maximum acceptable downtime to restore a service after an incident.

Recovery window

The period over which data must be recovered, linked to RPO.

3-2-1 rule

Three copies of data on two media types with one offline/offsite copy.

Snapshot (Volume Shadow Copy Service - VSS)

Point-in-time copy of data used for backups and fast recovery.

Image backup

Backing up an entire OS image to enable rapid redeployment.

Master image

The default, 'gold' image used to provision new systems quickly; requires updates.