CompTIA® Security+ Exam Notes : Explain How Resiliency And Automation Strategies Reduce Risk

3. Architecture and Design

3.6 Explain how resiliency and automation strategies reduce risk

Resilient systems: Resilient systems are those that can return to normal operating conditions after a disruption. You can improve the resiliency of your systems, and thereby reduce risk associated with their failure, through the proper use of various configuration and setup strategies, such as snapshots and the capability to revert to known states, and by implementing redundant and fault-tolerant systems. Automation is used to improve efficiency and accuracy when administering machines using commands.

Automation/Scripting: Automation is the control of systems on a regular scheduled,periodic or triggered basis that does not require manual interaction. Automation includes concepts such as scheduled backups,archiving of log files,blocking of failed access attempts,. It can be implemented by scripting. Scripting is the crafting of a file of individual lines of commands that are executed one after another.

Templates: A template is a preestablished starting point . The template is likely to produce more consistent and reliable results.

Elasticity: Elasticity is the ability of a system to adapt to workload changes by allocating or provisioning resources in an automatic responsive manner. Elasticity is the common feature of cloud computing , where additional system resources or even hardware resources can be provisioned to a server when its demand for services increases.

Scalability: Scalability is the ability for a system to handle an ever-increasing level or load of work. It can also be the potential for a system to be expanded to server. In the event of failure of the primary server, the secondary or redundant server can immediately take over and replace the primary server in providing services to the network.

High Availability: Availability is the assurance of sufficient bandwidth and timely access to resources. It is the availability of a system has been secured to offer very reliable assurance that the system will be online, active, and able to respond to requests in a timely manner, and there will be sufficient bandwidth to accomplish requested tasks in the time required.

RAID: RAID short for Redundant Array of Inexpensive Disks can be used to provide fault tolerance on a computer. There are several RAID levels such as RAID 1, RAID 5, etc. RAID 1 provides disk mirroring, where as RAID 5 provides striping with parity and minimum 3 disks are required for RAID 5.

Clustering: Clustering is a technique where two or more computers are clustered and share the load. If one computer fails, the other computer's take the load off the failed computer. Clustering is more expensive and requires two or more computers.

Automation/scripting

1. Continuous Monitoring: Continuous Monitoring is used to enable rapid detection of compliance issues and security risks.

2. Continuous Validation: Continuous Validation is the extension of testing to support the software development that occurs in DevOps by team members. As code is changed in the DevOps process, the new code is tested against the existing codebase to ensure functionality and stability.

3. Continuous Integration: Continuous Integration (CI) is the practice of automating the integration of code changes from multiple contributors into a single software project. It's a primary DevOps practice, allowing developers to frequently merge code changes into a central repository where its validated and integrated.

4. Continuous Delivery: Continuous delivery is an extension of continuous integration since it automatically deploys all code changes to a testing and/or production environment after the build stage.

This means that on top of automated testing, you have an automated release process and you can deploy your application any time by clicking a button.

5. Continuous Deployment: Continuous Deployment (CD) is a software release process that uses automated testing to validate if changes to a codebase are correct and stable for immediate autonomous deployment to a production environment.

After delivery, the software may be first tested in a test bed or deployed in production environment, as decided by the project manager. For large projects, sand box deployment is done before production release.

Previous   Contents   Next


Security+ Cram Notes Contents
certexams ad

simulationexams ad