I was recently asked for some clarification on Security+ redundancy and Security+ disaster recovery. Some people think they are the same, but they aren’t.
If you’re planning to take the Security+ exam, you should know the difference between the two.
Check out this post for information on Security+ disaster recovery.
Security+ Redundancy
Redundancy adds duplication to critical systems and provides fault tolerance. If a critical component has a fault, the duplication provided by the redundancy allows the service to continue without interruption. In other words, a system with fault tolerance can suffer a fault, but tolerate it and continue to operate.
A common goal of fault tolerance and redundancy techniques is to remove each single point of failure (SPOF). If an SPOF fails, the entire system can fail. For example, if a server has a single drive, the drive is an SPOF because its failure takes down the server.
Here are some common examples of fault-tolerance and redundancy techniques :
- Disk redundancies. Fault-tolerant disks such as RAID-1, RAID-5, and RAID-6 allow a system to continue to operate even if a disk fails.
- Server redundancies. Failover clusters include redundant servers and ensure a service will continue to operate, even if a server fails. In a failover cluster, the service switches from the failed server in a cluster to an operational server in the same cluster. Virtualization can also increase availability of servers by reducing unplanned downtime.
Failover Cluster - Load balancing. Load balancing uses multiple servers to support a single service, such as a high-volume web site. It can increase the availability of web sites and web-based applications.
- Site redundancies. If a site can no longer function due to a disaster, such as a fire, flood, hurricane, or earthquake, the organization can move critical systems to an alternate site. The alternate site can be a hot site (ready and available 24/7), a cold site (a location where equipment, data, and personnel can be moved to when needed), or a warm site (a compromise between a hot site and cold site).
- Backups. If personnel back up important data, they can restore it if the original data is lost. Data can be lost due to corruption, deletion, application errors, human error, and even hungry gremlins that just randomly decide to eat your data. Without data backups, data is lost forever after any one of these incidents.
- Alternate power. Uninterruptible power supplies (UPSs) and power generators can provide power to key systems even if commercial power fails.
- Cooling systems. Heating, ventilation, and air conditioning (HVAC) systems improve the availability of systems by reducing outages from overheating.
Remember this
Availability ensures that systems are up and operational when needed and often addresses single points of failure. You can increase availability by adding fault tolerance and redundancies, such as RAID, failover clusters, backups, and generators. HVAC systems also increase availability.
Check out this post for information on Security+ disaster recovery.
Or check out this post for some free practice test questions on Security+ redundancy.
This blog post was derived from the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide, which has helped thousands of people pass the Security+ exam the first time they took it. It can help you too.