3.4 - CompTIA Security+

High availability

Load balancing vs. clustering

• Load balancing: Use of a central load balancer to distribute load/client demand between individual servers.

• Server clustering: Use of multiple servers configured to work as one large server, allowing for improved fault tolerance and resource management across the cluster.

Site considerations

Hot

• Hot site: A hot site is a fully equipped duplicate of the primary site, with live data and systems ready to take over operations immediately in case of a disaster.

Cold

• Cold site: A cold site is an alternate location that does not have any operational systems or data (an empty building) but is equipped with the necessary infrastructure (e.g., power and lighting) to restore operations after a disaster.

Warm

• Warm site: A warm site is a backup location that is partially equipped with hardware and services, allowing for quicker recovery time than a cold site, as it can provide a more rapid restoration of operations with some pre-installed systems and data.

Geographic dispersion

• Geographic dispersion: Use of recovery sites that are far away from the main location to minimize the risk of total system failure due to localized disasters.

Platform diversity

• Platform diversity: The practice of using multiple operating systems, hardware, or software types to minimize the risk of a single point of failure associated with a single platform.

Multi-cloud systems

• Multi-cloud systems: Use of different cloud providers to provide resilience and prevent vendor lock-in, ensuring that if one provider experiences downtime, services can be maintained through alternatives.

Continuity of operations

• Continuity of operations/COOP: A written plan for recovering one or more information systems at an alternate facility in response to a major hardware or software failure or destruction of facilities.

Capacity planning

• Capacity planning: Security architecture concept that focuses on ensuring an organization’s resources are properly equipped to handle the anticipated workload/performance demands.

People

• People (capacity planning): Hiring the correct number of employees to meet demand, and giving them the appropriate training to effectively handle organizational resources.

Technology

• Technology (capacity planning): Using the correct technology to meet anticipated workload - look for scalable technology that can increase or decrease capacity based on demand.

Infrastructure

• Infrastructure (capacity planning): Using the correct quantity/capacity of resources to meet anticipated workload, including storage, application servers, and network connectivity (for apps), or physical equipment to ensure optimal performance without over-provisioning.

Testing

• Recovery testing: This involves simulating a disaster scenario to ensure that systems can be restored to a functional state within an acceptable timeframe, verifying the effectiveness of backup/remediation processes.

Tabletop exercises

• Tabletop exercise: A discussion-based session where team members review and discuss their roles and responses during a simulated incident, allowing for identification of gaps in current plans and improving overall preparedness.

Fail-over

• Fail-over test: An exercise to ensure that redundant configurations can function/take over in the case of system failure.

Simulation

• Simulation: Imitations/interactive demonstrations of security issues or processes (e.g., phishing attacks, password resets).

Parallel processing

• Parallel processing: Use of multiple CPUs/processes to handle transactions (e.g., a multi-core CPU, server cluster for transactions).

Backups

• Backups: Strategies to ensure data recovery and integrity, including full, incremental, and differential backups.

Onsite/offsite

• On-site backup: Backups are stored locally at the organization's premises, allowing for quick recovery in case of data loss, but may be vulnerable to physical disasters.

• Off-site backup: Backups stored at a remote location, providing protection against local disasters and ensuring data security, though recovery may take longer due to data transfer times.

Frequency

• Backup frequency: The routine/regularity of how data is backed up - this can significantly affect recovery times and data integrity. Backup frequency should balance data protection needs with minimal downtime and operational efficiency.

Encryption

• Encryption: The process of encoding data into an unreadable format to prevent unauthorized access - use for backups to prevent data leakage, even if the physical/logical media is stolen.

Snapshots

• Snapshots: Backup method for virtual machines/cloud-based infrastructures that captures the state of a system at a specific point in time, allowing for quick recovery in case of data corruption or loss. Snapshots should be made every 24 hours.

Recovery

Replication

• Replication: The process of copying and maintaining data in multiple locations simultaneously to ensure availability and disaster recovery. This method provides redundancy and can reduce recovery time objectives (RTO) during system failures.

Journaling

• Journaling:

Power

Generators

Uninterruptible power supply (UPS)