Читаем CISSP Practice полностью

An exercise, reflecting real-world conditions, that is conducted as a simulated adversarial attempt to compromise organizational missions and/or business processes to provide a comprehensive assessment of the security capability of the information system and the organization itself.

Reduced sign-on (RSO)

The RSO is a technology that allows a user to authenticate once and then access many, but not all, of the resources that the user is authorized to use.

Redundancy

(1) A concept that can constrain the failure rate and protects the integrity of data. Redundancy makes a confidentiality goal harder to achieve. If there are multiple sites with backup data, then confidentiality could be broken if any of the sites gets compromised. Also, purging some of the data on a backup device could be difficult to do. (2) It is the use of duplicate components to prevent failure of an entire system upon failure of a single component and the part of a message that can be eliminated without loss of essential information. (3) It is a duplication of system components (e.g., hard drives), information (e.g., backup and archived files), or personnel intended to increase the reliability of service and/or decrease the risk of information loss.

Redundant array of independent disk (RAID)

A cluster of disks used to back up data onto multiple disk drives at the same time, providing increased data reliability and increased input/output performance. Seven classifications for RAID are numbered as RAID-0 through RAID-6. RAID storage units offer fault-tolerant hardware with varying degrees. Nested or hybrid RAID levels occur with two deep levels. A simple RAID configuration with six disks includes four data disks, one parity disk, and one hot spare disk. Problems with RAID include correlated failures due to drive mechanical issues, atomic write semantics (meaning that the write of the data either occurred in its entirety or did not occur at all), write cache reliability due to a power outage, hardware incompatibility with software, data recovery in the event of a failed array, untimely drive errors recovery algorithm, increasing recovery times due to increased drive capacity, and operator skills in terms of correct replacement and rebuild of failed disks, and exposure to computer viruses (Wikipedia).

RAID-0: A block-level striping without parity or mirroring and has no redundancy, no fault-tolerance, no error checking, and a greater risk of data loss. However, because of its low overhead and parallel write strategy, it is the fastest in performance for both reading and writing. As the data is written to the drive, it is divided up into sequential blocks, and each block is written to the next available drive in the array. RAID-0 parameters include a minimum of two disks. The space efficiency is 1 and it has a zero fault tolerance disk.

RAID-1: Mirroring without parity or striping and offers the highest level of redundancy because there are multiple complete copies of the data at all times (supports disk shadowing and disk duplexing). Because it maintains identical copies on separate drives, RAID-1 is slow in write performance and fast read performance, and it can survive multiple (N-1) drive failures. This means, if N is three, two drives could fail without incurring data loss. RAID-1 parameters include a minimum of two disks. The space efficiency is 1/N, and it has a (N-1) fault tolerance disks.

RAID-2: Bit-level striping with dedicated hamming-code parity. RAID-2 parameters include a minimum of three disks; space efficiency is (1- 1/N). Log2 (N-1), and recover from one disk failure. A minimum of three disks must be present for parity to be used for fault tolerance because the parity is an error protection scheme.

RAID-3: Byte-level striping with dedicated parity. RAID-3 parameters include a minimum of three disks. The space efficiency is (1- 1/N), and it has one fault tolerance disk.

RAID-4: A block-level striping with dedicated parity. RAID-4 parameters include a minimum of three disks. The space efficiency is (1- 1/N), and one fault tolerance disk.

RAID-5: A block-level striping with distributed parity. It combines the distributed form of redundancy with parallel disk access. It provides high read-and-write performance, including protection against drive failures. The amount of storage space is reduced due to the parity information taking 1/N of the space, giving a total disk space of (N-1) drives where N is the number of drives. A single drive failure in the set can result in reduced performance of the entire set until the failed drive has been replaced and rebuilt. A data loss occurs in the event of a second drive failure. RAID-5 parameters include a minimum of three disks. The space efficiency is (1- 1/N) and it has one fault tolerance disk.