Are you planning to take the Security+ exam? If so you should know how to select the appropriate control to meet different security goals. This includes protecting data and performing a test restore.
For example, can you answer this question?
Q. An organization needs to improve fault tolerance to increase data availability. However, the organization has a limited budget. Which of the following is the BEST choice to meet the organization’s needs?
A. RAID
B. Backup system
C. Cluster
D. UPS
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Protecting Data with Backups
Backups are copies of data created to ensure that if the original data is lost or corrupted, it can be restored. Maybe I should restate that. Backups are copies of data created to ensure that when the original data is lost or corrupted, it can be restored. The truth is, if you work with computers long enough, you will lose data. The difference between a major catastrophe and a minor inconvenience is the existence of a backup.
It’s important to realize that redundancy and backups are not the same thing. Protecting data with a RAID-1 or RAID-6 does not negate the need for backups. If a fire destroys a server, it also destroys the data on the RAID. Without a backup, all of the data is gone. Forever.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Test Restore
I’ve heard many horror stories in which personnel are regularly performing backups thinking all is well. Ultimately, something happens and they need to restore some data. Unfortunately, they discover that none of the backups holds valid data. People have been going through the motions, but something in the process is flawed.
The only way to validate a backup is to perform a test restore. Performing a test restore is nothing more than restoring the data from a backup and verifying its integrity. If you want to verify that you can restore the entire backup, you perform a full restore of the backup. If you want to verify that you can restore individual files, you perform a test restore of individual files. It’s common to restore data to a different location other than the original source location, but in such a way that you can validate the data.
As a simple example, an administrator can retrieve a random backup and attempt to restore it. There are two possible outcomes of this test, and both are good:
- The test succeeds. Excellent! You know that the backup process works. You don’t necessarily know that every backup tape is valid, but at least you know that the process is sound and at least some of your backups work.
- The test fails. Excellent! You know there’s a problem that you can fix before a crisis. If you discovered the problem after you actually lost data, it wouldn’t help you restore the data.
An additional benefit of performing regular test restores is that it allows administrators to become familiar with the process. The first time they do a restore shouldn’t be in the middle of a crisis with several high-level managers peering over their shoulders.
Protecting Backups
If data is important enough to be backed up, it’s important enough to protect. Backup media should be protected at the same level as the data that it holds. In other words, if proprietary data enjoys the highest level of protection within an organization, then backups of this data should also have the highest level of protection.
Protecting backups includes:
- Storage. This includes using clear labeling to identify the data and physical security protection to prevent others from easily accessing it while it’s stored.
- Transfer. Data should be protected any time it is transferred from one location to another. This is especially true when transferring a copy of the backup to a separate geographical location.
- Destruction. When the backups are no longer needed, they should be destroyed. This can be accomplished by degaussing the media, shredding or burning the media, or scrubbing the media by repeatedly writing varying patterns of 1s and 0s onto the media.
Remember this
Test restores are the best way to test the integrity of a company’s backup data. Backup media should be protected with the same level of protection as the data on the backup.
Q. An organization needs to improve fault tolerance to increase data availability. However, the organization has a limited budget. Which of the following is the BEST choice to meet the organization’s needs?
A. RAID
B. Backup system
C. Cluster
D. UPS
Answer is A. A redundant array of inexpensive disks (RAID) system would provide fault tolerance for disk drives and increase data availability if drives fail.
A backup system improves data availability because you can restore data after data is lost or corrupt. However, a backup system does not provide fault tolerance.
A cluster provides fault tolerance at the server level and ensures a service continues to operate even if a server fails. However, a cluster is more expensive than a RAID.
An uninterruptible power supply (UPS) provides short-term power after a power failure but does not directly increase data availability.
