reflection 4

profiletamerrabee3
sy0-601-20v1.0.pptx

Implementing Cybersecurity Resilience

Lesson 20

1

Implement Redundancy Strategies

Topic 20A

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

2

2

2.5 Given a scenario, implement cybersecurity resilience

Syllabus Objectives Covered

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

3

High Availability

Maximum tolerable downtime (MTD)

Scheduled service intervals versus unplanned outages

Scalability

Increase capacity within similar cost ratio

Scale out versus scale up

Elasticity

Cope with changes to demand in real time

Fault tolerance and redundancy

Availability Annual Downtime
99.9999% 00:00:32
99.999% 00:05:15
99.99% 00:52:34
99.9% 08:45:36
99.0% 87:36:00

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

4

Power Redundancy

Power problems

Spikes and surges

Blackouts and brownouts

Dual power supplies

Component redundancy for server chassis

Managed power distribution units (PDUs)

Protection against spikes, surges, and brownouts

Remote monitoring

Battery backups and uninterruptible power supply (UPS)

Battery backup at component level

UPS battery backups for servers and appliances

Generators

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

5

Network Redundancy

Network interface card (NIC)/adapter teaming

Adapters with multiple ports

Multiple adapters

More bandwidth (except during failover)

Switching and routing

Design network with multiple paths

Load balancers

Load balancing switch to distribute workloads

Clusters provision multiple redundant servers to share data and session information

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

6

Disk Redundancy

Redundant array of independent disks (RAID)

RAID 1

Mirroring

50% storage efficiency

RAID 5 and RAID 6

Striping with distributed parity

Better storage efficiency

Nested RAID

Better performance or redundancy

(RAID 0)

Multipath

Controller and cabling redundancy

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

7

Replication context

Local storage (RAID)

Storage area network (SAN)

Database

Virtual machine (VM)

Geographic dispersal

Asynchronous and synchronous replication

Synchronous (must be written at both sites—expensive)

Asynchronous (one site is primary and the others secondary)

Optimum distances between sites

On-premises versus cloud

Geographical Redundancy and Replication

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

8

Redundancy Strategies

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

9

Review Activity

Implement Backup Strategies

Topic 20B

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

10

10

2.5 Given a scenario, implement cybersecurity resilience

Syllabus Objectives Covered

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

11

Backups and Retention Policy

Short term retention

Version control and recovery from corruption/malware

Long term retention

Regulatory/business requirements

Recovery window

Recovery point objective (RPO)

Screenshot used with permission from Acronis.

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

12

Backup Types

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

13

Snapshots

Snapshots

Feature of file system allowing open file copy

Volume Shadow Copy Service (VSS)

VM snapshots and checkpoints

Image-based backup

System images

Screenshot used with permission from Acronis.

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

14

Backup Storage Issues

Backup security

Access control and encryption

Offsite storage

Distance consideration

Physical transfer

Network/cloud backups

Online versus offline backups

Speed of restore operations

Risk to online backup data

3-2-1 rule

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

15

Backup Media Types

Disk

SOHO backups

Lack enterprise-level capacity and manageability

Network attached storage (NAS)

File-level/protocol-based access

No offsite option

Tape

Enterprise-level capacity and manageability

Storage area network (SAN) and cloud

Block-level access to storage devices

Highly configurable

Mix storage technologies to implement performance tiers

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

16

16

Restoration Order

Power delivery systems

Switch infrastructure then routing appliances and systems

Network security appliances

Critical network servers

Backend and middleware and verify data integrity

Front-end applications

Client workstations and devices and client browser access

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

17

Non-Persistence

Separate compute instance from data

Snapshot/revert to known state

Rollback to known configuration

Live boot media

Provisioning

Master image

Automated build from template

Configuration validation

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

18

Backup Strategies

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

19

Review Activity

Assisted Lab

Backing Up and Restoring Data in Windows and Linux

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

20

Lab Activity

Implement Cybersecurity Resiliency Strategies

Topic 20C

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

21

21

2.1 Explain the importance of security concepts in an enterprise environment

2.5 Given a scenario, implement cybersecurity resilience

5.3 Explain the importance of policies to organizational security

Syllabus Objectives Covered

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

22

Configuration Management

Service assets

Configuration items (CIs)

Assets that require configuration management

Baseline configuration

Configuration management system (CMS)

Creating and updating diagrams

Workflows

Physical and logical network topologies

Network rack layouts

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

23

23

Inventory/asset management database

Asset identification and standard naming conventions

Barcodes and RFID tags

Standard naming conventions for asset IDs

Attribute fields and tags

Internet protocol (IP) schema

Static allocation versus DHCP ranges

IP address management (IPAM) software suites

Asset Management

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

24

24

Change Control and Change Management

Change control

Assess whether a change should be made

Classifying change (reactive, proactive, risk)

Request for Change (RFC)

Change Advisory Board (CAB)

Change management

Ensure changes are applied with minimum disruption

Rollback plan

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

25

Site Resiliency

Alternate processing sites/recovery sites

Provide redundancy for damage to resources stored on the primary site

Failover to alternate processing site (or system)

Hot site

Instantaneous failover

Warm site

Some delay or manual configuration before failover occurs

Cold site

Significant delay and configuration before failover can occur

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

26

Diversity and Defense in Depth

Layered security and defense in depth

Technology and control diversity

Provision different classes and types of controls

Mix technical, administrative, and physical controls

Deploy controls to prevent, deter, detect, and correct

Vendor diversity

Use more than one supplier

Crypto diversity

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

27

Asymmetry of attack and defense

Active defense

Fake/decoy assets

Honeypots, honeynets, and honeyfiles

Breadcrumbs

Disruption strategies

Bogus DNS records

Decoy directories and resources

Port spoofing to return fake telemetry/monitoring data

DNS sinkholes

Deception and Disruption Strategies

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

28

Cybersecurity Resiliency Strategies

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

29

Review Activity

Summary

Lesson 20

CompTIA Security+ Lesson 20 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org

30

30