ITPro.TV: CompTIA Security+ (SY0-601)

author: Nathan Acks
date: 2022-04-07

CompTIA Security+ Exam Cram

Today I’ll be reading Chapter 13 of the Security+ Exam Cram, “Cybersecurity Resilience”.

Redundancy

Power redundancy options:

Load Balancers

Common algorithms:

All of these can also be weighted by various factors.

“Session affinity”, which ties a particular session to a particular server in the cluster, is important here for performance and complexity reasons.

NIC Teaming

The idea here is to “bond” multiple NICs into a single logical unit. This logical unit can then be used for redundancy and load balancing in the same way that a server cluster might be.

RAID

Backups

At least some operating systems seem to have the concept of an “archive” bit which added whenever a file is changed. Full backups ignore but reset this bit. Differential backups use the archival bit but don’t reset it. Incremental backups use and reset the archival bit.

Defense in Depth

Defense in depth stems from the philosophy that complete security against threats can never be achieved; the components that comprise a layered security strategy only impede threat progress until either the attacker gives up or the organization can respond to the threat.

ITPro.TV: CompTIA Security+ (SY0-601)

Hardware Redundancy

“High availability” is considered 99.999% uptime.

RAID 0 is capped at 32 disks.

Note that all all RAID systems - even RAID 0 - write information sequentially across drives in order to maximize performance (block 1 to drive 1, block 2 to drive 2, and so on). In RAID 5 there is also a parity block that isn’t used for reads but is used to reconstruct data in the event of a disk failure. RAID 5 writes the parity block in a rotating fashion between drives (so that no two parity blocks follow each other and parity blocks are evenly distributed between drives).

Site Redundancy

(General) redundancy types: