CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Availability Concepts / Fault Tolerance

December 1, 2009 · Posted in Information Security, Information Systems 

Availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is the lack thereof, one example of this is a common attack known as a denial of service (DoS) attack.

For example: In 2000 Amazon, CNN, eBay, and Yahoo! were victims of a DoS attack.

Yahoo Attacked. No one knows what happened except that it was inaccesable for more than 3 hours. It was also known that the attack was co-ordinated and hence the standard firewall algorithms failed to figure out what was happening.

Source: http://en.wikipedia.org/wiki/Information_assurance

Fault Tolerance is the ability of a system to respond gracefully to an unexpected hardware or software failure. There are many levels of fault tolerance, the lowest being the ability to continue operation in the event of a power failure. Many fault-tolerant computer systems mirror all operations — that is, every operation is performed on two or more duplicate systems, so if one fails the other can take over. Source: http://www.webopedia.com/term/f/fault_tolerance.html

Planning to take the CISSP Exam?

Get a copy of my personal notes (300plus pages worth) that I used to pass the exam for only $25.00.

Click the Add To Cart Button to Purchase

Click the Add To Cart Button to Purchase

Plus you will also get copies of notes from other CISSPs.

Learn more about this package by visiting this blog entry: CISSP REVIEW NOTES I USED TO PASS THE EXAM.

CLICK BELOW TO MAKE YOUR PURCHASE NOW.

All Purchases are securely processed through Paypal. Once you click the button please check your shopping cart at the upper right hand side of the page to complete your order.

IMPORTANT NOTICE:

I MANUALLY REVIEW ALL ORDERS. SO ONCE YOU PURCHASE THE PRODUCT, THERE WILL BE SOME DELAY ON YOU RECIEVING AN E-MAIL FROM ME WITH THE LINK TO THE DOWNLOAD AREA OF THE PRODUCT. YOU WILL GET A RESPONSE FROM ME WITHIN 24-48 HOURS.

Network Availability

  • RAID – Redundant Array of Inexpensive Disks
  • Back-up Concepts
  • Manage Single Point of Failure

RAID – Redundant Array of Inexpensive Disks

  • Fault tolerance against server crashes
  • Secondary – improve system performance
  • Striping – caching and distributing on multiple disks
  • RAID – employs the technique of striping, which involves partitioning each drive’s storage space into units ranging from a sector (512 bytes) up to several megabytes. The stripes of all disks are interleaved and addressed in order
  • Hardware and software implementation

RAID Advisory Board

  • Three types
    • Failure Resistant Disk Systems (FRDS) – the only current standard;
    • Failure Tolerant Disk Systems;
    • Disaster Tolerant Disk Systems
  • FRDS
    • Provides the ability to reconstruct the contents of a failed disk onto a replacement disk
    • Enables continuous monitoring of these parts and the alerting of their failure
  • FRDS+
    • Protect from disk failure – can reconstruct disks by automatically hot swapping while server is running
    • Includes environmental controls
    • FRDS+ adds hazard warning

RAID Levels

RAID 0 – Striping

  • Creates one large disk by using multiple disks – striping
  • No redundancy
  • No fault tolerance (1 fail = all fail)
  • Read/write performance is increased

RAID 1 – Mirroring

  • Duplicates data on other disks (usually a one to one ratio)
  • Expensive (doubles cost of storage)

RAID 2 – Hamming Code Parity

  • Multiple disks
  • Parity information created using a hamming code
  • Can be used in 39 disk array 32 data and 7 recovery
  • Not used, replaced by more flexible levels

RAID 3 – Byte Level Parity / RAID 4 – Block Level Parity

  • Stripe across multiple drives
  • Parity information on a parity drive
  • Provides redundancy
  • Can effect performance with a single parity drive

RAID 5 – Interleave Parity

  • Most popular
  • Stripes data and parity information across all drives
  • Uses interleave parity
  • Reads and writes performed concurrently
  • Usually 3-5 drives – if one drive fails, can reconstruct the failed drive by using the information from the other 2

RAID 7 – Single Virtual Disk

  • Functions as a single virtual disk
  • Usually software over Level 5 hardware
  • Enables the drive array to continue to operate if any disk or any path to any disk fails

RAID Summary

  • 0 – Striping
  • 1 – Mirroring
  • 2 – Hamming Code Parity
  • 3 – Byte level parity
  • 4 – Block level parity
  • 5 – Interleave parity
  • 7 – Single Virtual Disk

Other Types of Fault Tolerance

Redundant Servers

  • Primary Server mirrors to secondary server
  • Fail-over or rollover to secondary in the event of a failure
  • Server fault tolerance can be warm or hot

Server Cluster

  • Group of independent servers managed as a single system
  • Load balancing
  • Improves performance
  • “Server Farm”
  • Microsoft Cluster Server
Bookmark and Share

Thought you should know, etc... Update

Uses for a Project Management Tool

The uses for a project management tool will vary depending on its intended purpose. The things all project management tools have in common is they are a device that will save time, money and effort by the user when applied…

The Gates of Development

On new development projects, the production stage can be the point of no return. Before it's too late, a rigorous gating process can help to ensure that development activities, teamwide input and critical stakeholder priorities are all aligned with the overall project vision.

Saying No to Say Yes

I find that I’m often inspired by the sermons at my church to write a project management article.  It seems like an odd marriage of ideas, I realize, but it somehow works for me.  Well, this past Sunday’s message was no different.  As our pastor was talking about ‘saying no to say yes’ – meaning [...

Stack Overflow's Scaling Problems

Nick Craver from the Stack Overflow team has a very interesting post on issues the team is facing with respect to handling storage space created due to higher traffic and usage...

Project Management Lite: Estimating–Specify Deliverables

In order to prepare an estimate, the specifications for what must be produced by the project must be specific, unambiguous and quantitative. This requires the estimator to work out as much detail of the conceptual solution as is feasible, consistent ...

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Comments

Leave a Reply




  • Your Shopping Cart

    Your cart is empty

  • Calendar

    December 2009
    M T W T F S S
    « Nov   Jan »
     123456
    78910111213
    14151617181920
    21222324252627
    28293031  

  • RSS From the National Vulnerability Database

    • CVE-2012-1034 (episerver_cms) February 7, 2012
      Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. […]
      nvd@nist.gov
    • CVE-2011-5076 (hdwiki) February 6, 2012
      SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information. […]
      nvd@nist.gov
    • CVE-2012-1021 (4images) February 6, 2012
      Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action. […]
      nvd@nist.gov
    • CVE-2012-1031 (episerver_cms) February 6, 2012
      Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit Mode privileges, a different vulnerability than CVE-2011-3416 and CVE-2011-3417. […]
      nvd@nist.gov
    • CVE-2012-1008 (officesip_server) February 6, 2012
      OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message. […]
      nvd@nist.gov
    • CVE-2012-0992 (openemr) February 6, 2012
      interface/fax/fax_dispatch.php in OpenEMR 4.1.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the file parameter. […]
      nvd@nist.gov
    • CVE-2012-1004 (foswiki) February 6, 2012
      Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1) text, (2) FirstName, (3) LastName, (4) OrganisationName, (5) OrganisationUrl, (6) Profession, (7) Country, (8) State, (9) Address, (10) Location, (11) Telephon […]
      nvd@nist.gov
    • CVE-2012-1019 (xwiki_enterprise) February 6, 2012
      Multiple cross-site scripting (XSS) vulnerabilities in XWiki Enterprise 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) XWiki.XWikiComments_comment parameter to xwiki/bin/commentadd/Main/WebHome, (2) XWiki.XWikiUsers_0_company parameter when editing a user profile, or (3) projectVersion parameter to xwiki/bin/view/DownloadCode/D […]
      nvd@nist.gov
    • CVE-2012-1002 (openconf) February 6, 2012
      Unspecified vulnerability in OpenConf 4.x before 4.12 has unknown impact and attack vectors. […]
      nvd@nist.gov
    • CVE-2012-1029 (tube_ace) February 6, 2012
      SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these details are obtained from third party information. […]
      nvd@nist.gov
Get Adobe Flash playerPlugin by wpburn.com wordpress themes