System Resiliency

CompTIA Security+ Certification (SY0-501) Chapter 5 - Securing Individual Systems
11 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$99.99
List Price:  $139.99
You save:  $40
€91.73
List Price:  €128.43
You save:  €36.69
£78.50
List Price:  £109.90
You save:  £31.40
CA$135.42
List Price:  CA$189.60
You save:  CA$54.17
A$152.22
List Price:  A$213.12
You save:  A$60.89
S$133.77
List Price:  S$187.28
You save:  S$53.51
HK$781.89
List Price:  HK$1,094.68
You save:  HK$312.79
CHF 88.30
List Price:  CHF 123.63
You save:  CHF 35.32
NOK kr1,058
List Price:  NOK kr1,481.24
You save:  NOK kr423.24
DKK kr684.10
List Price:  DKK kr957.77
You save:  DKK kr273.66
NZ$164.15
List Price:  NZ$229.81
You save:  NZ$65.66
د.إ367.20
List Price:  د.إ514.09
You save:  د.إ146.89
৳10,978.23
List Price:  ৳15,369.96
You save:  ৳4,391.73
₹8,290.53
List Price:  ₹11,607.08
You save:  ₹3,316.54
RM471.80
List Price:  RM660.54
You save:  RM188.74
₦156,534.34
List Price:  ₦219,154.34
You save:  ₦62,620
₨27,950.66
List Price:  ₨39,132.05
You save:  ₨11,181.38
฿3,595.26
List Price:  ฿5,033.51
You save:  ฿1,438.25
₺3,229.78
List Price:  ₺4,521.83
You save:  ₺1,292.04
B$499.40
List Price:  B$699.18
You save:  B$199.78
R1,883.20
List Price:  R2,636.56
You save:  R753.35
Лв179.42
List Price:  Лв251.19
You save:  Лв71.77
₩133,286.20
List Price:  ₩186,606.01
You save:  ₩53,319.81
₪365.03
List Price:  ₪511.06
You save:  ₪146.02
₱5,561.09
List Price:  ₱7,785.75
You save:  ₱2,224.66
¥14,911.76
List Price:  ¥20,877.07
You save:  ¥5,965.30
MX$1,670.32
List Price:  MX$2,338.52
You save:  MX$668.19
QR364.82
List Price:  QR510.77
You save:  QR145.94
P1,359.04
List Price:  P1,902.71
You save:  P543.67
KSh13,398.66
List Price:  KSh18,758.66
You save:  KSh5,360
E£4,718.65
List Price:  E£6,606.31
You save:  E£1,887.65
ብር5,656.15
List Price:  ብር7,918.84
You save:  ብር2,262.68
Kz83,512.74
List Price:  Kz116,921.18
You save:  Kz33,408.44
CLP$93,810.03
List Price:  CLP$131,337.80
You save:  CLP$37,527.76
CN¥710.61
List Price:  CN¥994.89
You save:  CN¥284.27
RD$5,917.87
List Price:  RD$8,285.25
You save:  RD$2,367.38
DA13,435.55
List Price:  DA18,810.31
You save:  DA5,374.76
FJ$226.69
List Price:  FJ$317.37
You save:  FJ$90.68
Q780.94
List Price:  Q1,093.35
You save:  Q312.40
GY$20,949.18
List Price:  GY$29,329.69
You save:  GY$8,380.51
ISK kr13,659.63
List Price:  ISK kr19,124.03
You save:  ISK kr5,464.40
DH1,002.67
List Price:  DH1,403.78
You save:  DH401.11
L1,768.33
List Price:  L2,475.73
You save:  L707.40
ден5,652.42
List Price:  ден7,913.61
You save:  ден2,261.19
MOP$805.88
List Price:  MOP$1,128.27
You save:  MOP$322.38
N$1,866.55
List Price:  N$2,613.25
You save:  N$746.69
C$3,681.10
List Price:  C$5,153.70
You save:  C$1,472.59
रु13,266.49
List Price:  रु18,573.62
You save:  रु5,307.13
S/368.83
List Price:  S/516.39
You save:  S/147.55
K382.06
List Price:  K534.91
You save:  K152.84
SAR375
List Price:  SAR525.02
You save:  SAR150.01
ZK2,508.19
List Price:  ZK3,511.57
You save:  ZK1,003.37
L456.04
List Price:  L638.48
You save:  L182.43
Kč2,310.02
List Price:  Kč3,234.13
You save:  Kč924.10
Ft36,211.46
List Price:  Ft50,697.50
You save:  Ft14,486.03
SEK kr1,038.11
List Price:  SEK kr1,453.39
You save:  SEK kr415.28
ARS$85,066.49
List Price:  ARS$119,096.49
You save:  ARS$34,030
Bs691.23
List Price:  Bs967.75
You save:  Bs276.52
COP$389,029.38
List Price:  COP$544,656.70
You save:  COP$155,627.31
₡50,979.09
List Price:  ₡71,372.77
You save:  ₡20,393.67
L2,470.17
List Price:  L3,458.33
You save:  L988.16
₲730,160.41
List Price:  ₲1,022,253.79
You save:  ₲292,093.37
$U3,841.23
List Price:  $U5,377.88
You save:  $U1,536.64
zł395.31
List Price:  zł553.46
You save:  zł158.14
Already have an account? Log In

Transcript

Resiliency is the ability of something to withstand a negative impact. And what I want to talk about this episode in particular is system resiliency. So what can we do to make individual systems resilient to whatever naughtiness is that take place out there? Now the first thing that we want to stress more than anything else, when people think about resiliency on a system, they tend to say the word backups now backups are important. And I would not argue that they aren't a part of what resiliency means. But it's a lot more than just backup.

So there's going to be some terms you're going to see on security plus, and I want to make sure we got these covered. So what I want to do to get started is let's imagine, what we want to do is come up with ways to create resiliency. So one of the things we can do is scalability. No, you don't just make the machine bigger. What you can do is that let's say for example, that that machine is a server, and that server is serving up some new Mike Meyers widget All of a sudden, lots of people want to attack that server, they want to get to that server rack, they just want to order widgets. Scalability simply means we can add more servers, we can just keep piling them up until we have enough servers to take care of the demand of whatever might be taking place.

Now let's go back to our one little machine one more time, because the next term I want to talk about is elasticity. elasticity, let's go with that same analogy of web servers, except these web servers are selling tickets to a really, really popular musical group. I'm not going to name any because I'm old. So what's going to happen here is that when a show comes up, we're going to have to scale up and all of a sudden here come lots of new servers, they're ready to take care of it. But plasticity is different than scalability. And that lasticity also means that after the sale, we can drop down to as little as another single server again, because we just don't have that many orders.

The important thing about scalability and elasticity is that it sounds almost empty. possible. I mean, how would we do that? Well, the beautiful part is things like infrastructure as a service. And Software as a Service make these things fairly easy. For example, Amazon s3 tools allow us to with the simple turn of a knob and some drainage on my credit card, to be able to quickly populate new servers that are absolutely identical to my virtualized server that I'm already hosting on that service.

So that place, it works really, really well. Now, similar to this is something that is called redundancy. Now, if you've been watching other episodes, you know that redundancy just means more than one of the exact same thing. So redundancy is very, very important. So if I've got some, let's make it a little bit simpler. In this case, let's say I've got a domain controller here in my office.

If that domain controller goes out, I'm in trouble. So what we can do is add a second domain controller or even the third if we wanted to, and then that way, if any one of those go out We have a redundant system ready to go. Now, the only downside to redundancy is that it doesn't define much more than having more than one. So let's say we have another situation where we have accounts receivable databases. And I have a far flung company that's all over the United States. And we'll say we're based out of Houston, Texas.

So if I just have one server in Houston, Texas, everybody all over the country, so people from California, and people from New York, as well as people from Texas, are all trying to get to that server. Now. I could make more servers, that's easy enough to do. But what would might be even better is if I perform a distributed allocation, really, that's a nice word of saying more than one server be redundant, but spread them out so that there's, if I had a bad hurricane here in Houston, we would still have good redundancy, but we would also have geographical distance. So in this case, I could put a server in California Keep my server in Houston and put another one on the east coast. And I now have really good distributed allocation.

Now, these are all really, really important things. But there's one more aspect to system resiliency that I want to talk about. And that is the very interesting topic of non persistence. Non persistence simply means that it isn't persistent. And when I say persistent, I mean, permanent. Within the IT world, many configurations and setups, once established, don't really have a way for you to take them away, other than wiping things clean reinstalling or if we're lucky, returning from a backup.

So if we can avoid these more aggressive steps and create non persistence within our systems, it gives us great resiliency. Now, there's a gazillion ways to do non persistence. The exam talks about just a few of them. So let's go through those very, very quickly. The first one is the term a snapshot. a snapshot simply means to take the current state of something at a binary level, and keep a copy of it.

Now, this happens in a lot of different aspects within systems. But probably the most common is within a virtual machine. Now, if you take a look at my VM right here, so I've got this VM, it's a boon to and it's up and running, I've got a terminal open. I've got certain pieces of software installed on here, I've got this configured the way I want. And I want to keep a copy of this just like it is. So what I can do here is I go over to settings, and I can take a snapshot.

So I give it some name. Mike's perfect setup. This is actually a snapshot I do a lot with VMs. Once I've got a new VM configured just where I want it, I'll tend to take a snapshot of it. And I'll put in here just fine. Now what I'm going to do is just hit OK. And what I've done here is I'm saving a copy of this system exactly as it is.

Now this notice this system still running the snapshot is a second copy. And I can go ahead and install software, do whatever I want to do. If anything happens from this point forward, I can just fall back to that original snapshot. So I'm going to just close this ugly way. And when I go back into here, this is Mike's perfect setup. If you take a look, here, it's under machine tools.

Under snapshots, I can just go here right now. And I can fire this snapshot back up, I can say, fire up the VM, but don't use what I have revert to a snapshot. So snapshots are incredibly powerful, and especially within the world of VMs. They're pretty standard equipment. Now, non persistence isn't limited to simply things like snapshots another great example is if I've got something in a known state. And I'd like to get back to that now you think, well, Mike, isn't that a snapshot, a snapshot tends to talk about an entire machine.

What we're talking about in this particular case, is one small aspect of a machine. So a great example of that would be here on my system right here, I've got Windows Update. Now, Microsoft does a pretty good job with updates, but old codgers like me can tell you stories about five or six Microsoft updates that came out over the years that we ended up going, Oh, please take this update off so we can get back to a known working state. And Windows has always had this I'm using Windows 10 here, but if you take a look, I can click under view installed update history. And I can actually go in and uninstalled any particular updates I might have installed. So it's a very great way to simply be able to go back to a known state to do whatever you need to do.

Now in no way is this limited to just windows operating systems. In other places on all my Cisco routers, when I set up a Cisco router, I store everything in one configuration file. And I keep that configuration file. If I make changes on the router, I make a copy of the configuration file. So I've got a copy of the old configuration. That way, if I ever have a problem, I can just restart the router by using one of the older configuration files.

So that's another great example of where you can return to a known state. The last term we see on the security plus is something called rollback. Now, rollback tends to zero in on a very, very small part of the system. So within the windows world, probably the most classic rollback is good old drivers. Now, if you take a look here on Device Manager under display adapters, so I've got this old Intel Don't tease me about my old driver here. My old graphics card the drivers fine.

So if I take a look under properties, all I have to do is look at driver here. You'll see I have an option called rollback driver. I'm going to be in scenarios where I've installed a driver. And suddenly things aren't going the way I want them to Windows and not just windows. other operating systems are pretty good about this too, I can simply go into an individual driver, and I can roll it back. Even some applications will have this where you update a particular application, and suddenly you've got a problem.

Even applications will often have a rollback feature, which simply lets you go back to the previous version. Now, there's one more really great example of non persistence and to take a look at that. We need something called a live CD. So let me pull up for you. Right here what you're looking at, let me make this big so we can see it. What I've done is I've started up a virtual machine, and I threw in a boon to installation disk Well, not really a disk, I'm using an ISO file, but what we can Do with installation media for operating systems is I can throw one of these in and generate what I'm going to call a live CD.

What we're talking about that is live CD or doesn't have to be a CD, it could be a thumb drive. Also, you have this live boot media. So what's happening here, if you take a look on the screen, it says, try Ubuntu on one side and install Ubuntu on the other. If I install Ubuntu, I am creating persistence, it's going to actually install itself onto the hard drive. And it's just going to be that way. However, if I want to, I can just run it from the live media.

It will literally boot this operating system Ubuntu in this case, it'll use my RAM, it'll use everything but my hard drive. The only downside is, is if I shut that system down, it's going to disappear. But it's a great way if you just want to try something or if you don't want to put hard drives into a system. These are really great ways to provide non persistent states for good system resiliency.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.