Chapter 9: Resilience and Physical Security

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/79

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 5:39 PM on 7/3/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

80 Terms

1
New cards

Naomi wants to handle increasing load by scaling cloud-hosted resources transparently and allow upgrades without user impact. What solution should she select?

Load balancing

3 multiple choice options

2
New cards

Rick performs a backup that captures the changes since the last full backup. What type of backup is this?

Differential backup

3 multiple choice options

3
New cards

What type of recovery site has systems in place but not the data needed to take over operations?

Warm site

3 multiple choice options

4
New cards

Ben wants to test his warm site to ensure it can take over operations. What type of testing is this?

Failover

3 multiple choice options

5
New cards

Felix wants to clone a live virtual machine including its state. What should he use?

Snapshot

3 multiple choice options

6
New cards

Sally is restoring operations after a disaster. What critical document should she refer to?

Restoration order documentation

3 multiple choice options

7
New cards

Mike wants to stop vehicles from traveling toward his building entrance. What control should he use?

A bollard

3 multiple choice options

8
New cards

Alecia wants to ensure offsite backups cannot be accessed by third parties. What should she do?

Encrypt the backup data

3 multiple choice options

9
New cards

Fred wants to recover database transactions at any point in time. What additional solution should he select?

Offsite journaling

3 multiple choice options

10
New cards

Ellen is planning for resilience to handle changing loads or disasters. What should she focus on?

People, technology, and infrastructure

3 multiple choice options

11
New cards

Madhuri deployed a tool that copies data to a hot site in real time. What type of replication is this?

Synchronous replication

3 multiple choice options

12
New cards

What factor is a major reason organizations do not use security guards?

Cost

3 multiple choice options

13
New cards

Megan wants an inexpensive sensor to detect humans entering a secured room. What should she select?

An infrared sensor

3 multiple choice options

14
New cards

Kathleen wants to discourage attackers from entering her facility. Which is not a common preventive control?

Platform diversity

3 multiple choice options

15
New cards

How does technology diversity help ensure cybersecurity resilience?

All of the above

3 multiple choice options

16
New cards

Scott sends backups to a secure vault company. What type of backup solution is this?

Offsite

3 multiple choice options

17
New cards

Gabby wants to detect physical brute-force attempts. What solution is best?

Security guards

3 multiple choice options

18
New cards

Florian wants to test high-availability designs with least disruption. What scenario should he choose?

A tabletop exercise

3 multiple choice options

19
New cards

What type of physical security control uses two interlocking doors to prevent tailgating?

An access control vestibule

3 multiple choice options

<p>An access control vestibule</p><p>3 multiple choice options</p>
20
New cards

Why did Gurvinder place a redundant datacenter over 90 miles away?

Geographic dispersion

3 multiple choice options

21
New cards

What is the primary goal of resilience and recovery in security architecture?

To ensure the availability leg of the CIA triad, allowing an organization to function despite disasters, attacks, or accidents.

22
New cards

A design element where the failure of a single device or connection could stop the entire system from functioning is known as a _____

single point of failure

23
New cards

What principle involves having more than one of a system, service, or device to build resilience?

Redundancy.

24
New cards

What is the common rule of thumb for the minimum distance between geographically dispersed datacenters to prevent common natural disasters from affecting both

At least 90 miles apart.

25
New cards

What high-availability technique makes multiple systems appear as a single resource to distribute traffic and handle increased loads

Load balancing.

26
New cards

What term describes a group of computers connected to perform the same task, appearing as a single, larger system?

Clustering.

27
New cards

What is the purpose of an uninterruptible power supply (UPS) in a datacenter

To provide short-term battery backup power during an outage.

28
New cards

For longer power outages, what system is typically used after a UPS's battery is depleted?

A generator system.

29
New cards

What resilience strategy involves using different vendors, platforms, and controls to prevent a single attack or failure from having a system-wide impact?

Platform diversity.

30
New cards

In architectural design, what term describes a system's ability to handle potential disruptions without an availability issue?

Resilience.

31
New cards

What is the difference between vertical and horizontal scalability?

Vertical scalability involves making a single system more powerful (bigger), while horizontal scalability involves adding more systems (more).

32
New cards

What does RAID stand for

Redundant Arrays of Inexpensive Disks.

33
New cards

Which RAID level involves striping data across all drives for better I/O performance but offers no fault tolerance

RAID 0.

34
New cards

Which RAID level involves mirroring, where all data is duplicated to another drive, providing redundancy at the cost of using twice the storage?

RAID 1.

35
New cards

Which RAID level uses striping with parity, allowing it to tolerate the failure of a single drive?

RAID 5.

36
New cards

Which RAID level combines mirroring and striping (RAID 1+0) and requires at least four drives

RAID 10.

37
New cards

What type of backup copies the entire device or storage system

A full backup.

38
New cards

What type of backup captures only the changes made since the last full backup

A differential backup.

39
New cards

What type of backup captures only the changes made since the last backup of any type (full or incremental)

An incremental backup.

40
New cards

Between incremental and differential backups, which is typically faster to create but slower to restore?

Incremental backup.

41
New cards

What data protection method focuses on copying live data to another location as changes are made, either in real-time or near-real-time?

Replication.

42
New cards

What is the difference between synchronous and asynchronous replication?

Synchronous replication occurs in real time, while asynchronous replication occurs after the fact, though typically very regularly.

43
New cards

What data protection option creates a log of changes that can be reapplied if an issue occurs, commonly used for databases?

Journaling.

44
New cards

What is a Recovery Point Objective (RPO)?

An objective that determines the maximum acceptable amount of data loss, which in turn influences backup frequency.

45
New cards

What is a Recovery Time Objective (RTO)?

An objective that determines the maximum acceptable time to restore a system after an outage, influencing design and cost choices for recovery.

46
New cards

What type of backup captures the full state of a system, such as a virtual machine, at a specific moment in time?

A snapshot.

47
New cards

What is a 'gold master' image used for in virtual desktop infrastructure (VDI)?

It's a clean system image used to create nonpersistent systems, ensuring each user starts with the same expected state.

48
New cards

Backup storage that is not immediately available but can be retrieved without human intervention, such as a tape robot system, is known as _____ storage.

nearline

49
New cards

Cloud storage services like Amazon S3 Glacier, which offer low-cost storage with slower retrieval times, are a form of what type of storage?

Archival or offline storage.

50
New cards

What security control is critical for protecting backups both in transit and at rest in off-site or cloud storage

Encryption.

51
New cards

What is the concept of nonpersistence in system design?

The ability for systems to be spun up and shut down as needed, often reverting to a known state upon restart.

52
New cards

What is a 'live boot media' used for?

To boot a system using a known-good, trusted operating system from removable media to perform repairs or investigations on a compromised or non-functional OS.

53
New cards

Which type of disaster recovery site has all the necessary infrastructure and live data, ready to take over operations immediately?

A hot site.

54
New cards

Which type of disaster recovery site has some or all of the required systems but does not have the live data in place

A warm site.

55
New cards

Which type of disaster recovery site is the least expensive, providing only space, power, and connectivity without systems or data?

A cold site.

56
New cards

What is the purpose of a restoration order document in a disaster recovery plan

It specifies the sequence in which systems and services should be brought back online based on their criticality and dependencies.

57
New cards

What are the three key areas of focus for capacity planning according to the Security+ exam outline?

People, technology, and infrastructure.

58
New cards

What type of resilience testing involves discussions between personnel to validate a plan without any actual system changes

A tabletop exercise.

59
New cards

What type of resilience test is a drill where personnel practice what they would do in an actual event, without causing actual disruption?

A simulation exercise.

60
New cards

What resilience test involves moving processing to a backup facility to validate its performance while the primary site remains operational

A parallel processing exercise.

61
New cards

Which resilience test provides the most realistic scenario by completely shifting operations to an alternate site, but also has the greatest potential for disruption?

A failover exercise.

62
New cards

What physical security control consists of posts or obstacles designed to prevent vehicles from accessing an area

Bollards.

63
New cards

What is the purpose of an access control vestibule, also known as a mantrap?

To ensure only authorized individuals gain access and to prevent piggybacking by using a two-door system.

64
New cards

What technology is commonly used in access badges that allows them to be read by a proximity reader without being swiped

Radio Frequency Identification (RFID).

65
New cards

What is the primary drawback of relying on security guards for physical security

They are relatively expensive compared to technical controls and can be fallible to social engineering.

66
New cards

A video camera with _____ capability can be remotely controlled to change its viewing angle and zoom

pan/tilt/zoom (PTZ)

67
New cards

Which type of security sensor is inexpensive and detects changes in heat radiation, making it common for detecting human presence in smaller indoor spaces?

An infrared sensor.

68
New cards

Which type of security sensor is more sensitive than infrared, can detect motion through some materials, but is also more expensive and prone to errors?

A microwave sensor.

69
New cards

An attack that involves copying the data from an RFID card to a new card to gain unauthorized access is known as _____

RFID cloning

70
New cards

Maliciously activating a sprinkler system or targeting an organization's heating and cooling is considered what type of physical attack

An environmental attack.

71
New cards

What is the main benefit of using a multicloud system for resilience

It ensures that an outage or problem with a single cloud vendor does not take the entire organization offline.

72
New cards

The use of industrial camouflage, such as making a call center look like a nondescript office building, is an example of what security concept?

Security through obscurity.

73
New cards

A fire suppression system that has water in its pipes at all times is known as a _____

wet sprinkler system

74
New cards

In areas like datacenters where water could damage equipment, what type of fire suppression system is often used instead of sprinklers?

A gaseous agent system.

75
New cards

What is the primary purpose of using fencing as a physical security control?

To act as a deterrent and a physical defense, forming a first line of defense for a facility.

76
New cards

How does platform diversity help ensure cybersecurity resilience

It ensures that a vulnerability or failure in a single vendor's product will not compromise the entire infrastructure.

77
New cards

A company sends its backup tapes to a third-party service like Iron Mountain for storage in a secure vault. What is this type of backup solution called

Off-site storage.

78
New cards

Why is journaling alone not a complete backup solution?

The journal itself must be backed up to an external location; if it's only on the source system, a single failure can cause data loss.

79
New cards

What does a forensic image capture?

A bitwise copy of an entire storage device, with strong requirements for data validation and proof of secure handling.

80
New cards

What is a significant bandwidth-related consideration when using cloud backups?

The time required to restore data, as limited bandwidth can make restoration from the cloud a very slow process.