Chapter 9: Data Protection

Corporate Computer Security, 4th Edition

Randall J. Boyle and Raymond R. Panko

Instructor’s Manual

Chapter 9

Data Protection

Answer Key

Introduction

1. a) What is the difference between data and information?

Data are raw facts. Information is meaning extracted from data.

b) How can data be protected while it is being transmitted?

It can be encrypted (e.g., using a cryptographic system).

c) How can data be protected while it is being processed?

Data can be protected by making sure applications are securely coded and hosts are hardened.

d) What are some ways that data can be attacked when it is stored?

It can be accessed by unauthorized persons, destroyed, copied without permission, and taken outside the organization (i.e., data loss).

e) How can data be protected while it is being stored?

It can be properly backed up, encrypted, and when necessary, destroyed. Restrictions on access to the data can also be implemented while it is being stored.

Data Protection: Backup

The Importance of Backup

2. a) List the ways in which data can be lost, adding some of your own.

Data can be lost by mechanical failure, environmental casualties, malware, lost or stolen devices, and human error.

b) How does backup ensure availability?

Backup will ensure availability because you will still be able to access your files from backup copies, even if your primary hard disk fails.

c) Have you ever had to use a backup to restore a file? Explain.

Student responses will vary.

Scope of Backup

3. a)Distinguish between file/directory data backup and image backup.

File/directory data backup copies data (not programs, registry settings, configurations). Image backup copies data and all those other things.

b)Why is file/directory backup attractive compared with image backup?

File/directory backup is more attractive compared to image backup because it takes up less storage space and is much faster.

c)Why is image backup attractive compared with file/directory data backup?

Image backup is attractive because it requires minimal additional work to restore a functioning, fully capable PC.

d)What is shadowing?

Shadowing frequently records a backup copy of each file actively being worked. If there is a failure, little will be lost.

e)What is the advantage of shadowing over file/directory data backup?

The advantage of shadowing is that it allows for more current file changes to be restored.

f)How is shadowing limited?

Shadowing is limited because when the capacity of the storage is exceeded, the oldest files are deleted first.

Full versus Incremental Backups

4. a)Why don’t most companies do full backup every night?

Full backups take a long time and thus companies usually only conduct full backups weekly.

b)What is incremental backup (be precise)?

Incremental backups only back up data that has changed since the most recent full backup.

c)A company does a full backup one night. Call this backup Cardiff. On three successive nights, it does incremental backups, which it labels Greenwich, Dublin, and Paris. In restoration, what backups must be restored first and second?

Cardiff, then Greenwich. (Dublin and Paris come next.)

Backup Technologies

5. a)What are the advantages of centralized backup compared with local backup?

Centralized backup alleviates the key problems associated with local backup, which are:

Limited ability to enforce backup policy

Limited ability to audit which computers were backed up per policy, how backups were done, or how data was protected

b)Define CDP.

CDP is continuous data protection. This is where two sites back up each other.

c)Why is CDP attractive?

CDP is attractive because other sites can take over very quickly in case of a disaster, with little data loss.

d)Why is it expensive?

CDP is expensive because ample bandwidth is needed between CDP sites to allow the real-time backup of data.

e)Why is backup over the Internet to a backup storage provider attractive for client PC users?

The main reason for this being attractive is because it is very convenient.

f)What security risk does it create?

There is the concern that the company owning the PC loses control over its data, which is a very large security risk.

g)What is mesh backup?

Mesh backup is peer-to-peer backup onto other client computers. It sends backup data in parcels to many other client PCs.

h)What are its technical challenges?

First, mesh backup operation must not slow down the computer on which packets are being written or from which packets are being retrieved. Second, specific client PCs are not always available for packet retrieval, so parcels need to be sent out redundantly. The most difficult technical problem is security. When a client PC receives a backup parcel, its user must not be able to read it, modify it, or delete it.

i)Why is mesh backup desirable?

Mesh backup is desirable because it could make client PC backup automatic and, thus, eliminate the human factor in failing to conduct regular backups. It also utilizes corporate PC power that is often underused, compared to expensive separate backup hardware.

Backup Media and RAID

6. a)Why is magnetic tape desirable as a backup medium?

Magnetic tape can store vast amounts of data at the lowest cost per bit of any backup medium.

b)Why is tape not desirable?

Tape is not desirable because it is painfully slow and there are many different tape formats and readers (not much standardization like optical media).

c)Why is backup onto another hard drive attractive?

This method is attractive because it is a very fast method of backup.

d)Why is it not a complete backup solution?

This is not a complete solution because it could also be lost if a computer is stolen or damaged in a fire. This method is also too expensive for long-term storage.

e)How can this limitation be addressed?

Many companies use a hybrid backup method, using additional hard drives for storage for as long as possible, then transferring to tape at a pre-determined time or data size.

f)How much data can be stored on a dual-layer DVD?

Up to 8GB

g)What is the advantage of burning backup data onto optical disks?

The advantage would be that almost all users have optical disk burners.

h)Is storing backups on optical disks for several years likely to be safe?

Probably not, because the life of optical disks is still unknown and is probably short.

Disk Arrays—RAID

7. a) How can disk arrays ensure data reliability and availability?

A system using an array of drives increases reliability because redundant data are stored on multiple disks. Failure of a single drive in the array would not precipitate data loss. An array of drives can also increase read-write performance. Disk performance is increased because data can be written to, or read from, multiple disks simultaneously.

b) Explain RAID 0.

A RAID 0 configuration increases data transfer speeds and capacity by writing simultaneously to multiple hard disks. Writing data across multiple disks is known as striping. The striped set of disks is fast, but offers no reliability. If one of the drives fails, data on all disks are lost.

c) Explain RAID 1.

In a RAID 1 configuration, the client operating system writes data to both the primary hard drive and the backup hard drive at the same time. No striping is used, so data transfer speeds remain approximately the same. Storage capacity also remains the same because the additional drive is just a mirror of the primary drive.

d) Explain RAID 5.

A RAID 5 configuration stripes data across multiple disks to increase data transfer speeds. Reliability is provided by parity bits that enable reconstruction of data stored on other disks. A RAID 5 configuration can recover from a single drive failure, but not a multi-drive failure.

Computing Parity

8. a) What is parity?

Parity bits enable reconstruction of data stored on other disks in case of failure. Parity bits are stored on disks such that they can be used to reconstruct the original parts of any lost disk in the array.

b) How does the XOR operator work?

The XOR parity bit will be a 1 if one or the other bits is a “1,” but not both bits are 1s. The parity bit will be a 0 if both bits are either “1” or “0.”

c) How can parity be used to restore lost data?

Suppose Disk 3 (of 3) experienced complete failure. Data from Disk 1 (Part 1, Part 3, and Parity 5 6), together with data from Disk 2 (Part 2, Part 5, and Parity 3 4) could be used to recalculate the lost data on Disk 3 (Part 4, Part 6, and Parity 1 2). No data would be lost. After all calculations are done, the data on new Disk 3 will be identical to the data before the fire.

d) How long would it take to recalculate the data on a lost disk?

It depends on the number of disks, size of the disks, read/write speeds, etc. It could take anywhere from several hours to several days. Rebuild times vary widely.

9. a) What are the advantages of RAID 5 over RAID 1?

A small amount of storage capacity is lost by storing the parity bits (RAID 5), but it is much less than it would be if the entire array were mirrored (RAID 1). The recovery/rebuild time on RAID 5 would be much longer than on RAID 1. No recalculation of the lost data is necessary in RAID 1.

b) Which RAID level discussed in this chapter has the fastest read-write speeds?

RAID 0

c) Is RAID 5 appropriate for home users? Why, or why not?

RAID 5 would be great for home users, but it is likely too expensive and difficult to configure. The tech-savvy end user could have a RAID 5 configuration at home, but most end users won't.

Data Storage Policies

10. a)What should backup creation policies specify?

Backup creation policies should specify what data should be backed up, frequency of backups, restoration test intervals, and other related guidance.

Policies should address different types of data and computers to ensure the right backup is provided for the resource.

b)Why are restoration tests needed?

Restoration tests are needed because if the data is important enough to spend precious time and resources to backup, it needs to be available when called upon. Not testing will almost guarantee some failure that could have been addressed with simple testing.

c)Where should backup media be stored for the long term?

Backup media should be stored on another site.

d)What should be done about backup media until they are moved?

Backup media should be stored in a fireproof and waterproof safe until they are moved.

e)Why is the encryption of backup media critical?

Encryption of backup media is critical because backup data can be lost or stolen. Encrypting the data protects the company from expensive losses of PII or trade secrets.

f)What three dangers require control over access to backup material?

The dangers of lost, stolen, or damaged backup material require control over access to the data

g)If Person A wishes to check out backup media, who should approve this?

The manager of the person requesting media should approve the checkout.

h)Why are checkouts of backup media suspicious?

Checkouts of backup media are rare, so every checkout should be examined carefully. There must be a valid operational reason for retrieving the backup media.

i)Why should business units and the legal department be involved in creating retention policies?

There are many business and legal requirements regarding the retention of certain types of data; these departments should be involved in creating retention policies.

j)What should backup audits include?

Backups, like all other processes, require audits to make sure the established policies are being followed. Backup audits should examine backups for compliance with policy, including tracing what happened to samples of data that should have been backed up.

E-Mail Retention

11. a) Why is retaining e-mail for a long period of time useful?

Retaining e-mail is useful in that it provides a history to be searched.

b) Why is it dangerous?

It is dangerous because if it can be searched, info in the e-mail could be used against you.

c) What is legal discovery?

Legal discovery is the process wherein a firm must provide records related to a lawsuit, including e-mails.

d) What are courts likely to do if it would be very expensive for a firm to discover all of its e-mail pertinent to a case?

Courts do not care; the firm will have to pay to get the e-mails recovered.

e) What can happen if a firm fails to retain required e-mail?

A firm can be fined or lose a lawsuit if they fail to retain e-mail.

f) What is accidental retention?

Accidental retention is when e-mail or other files are located on backup tapes when they were thought to be deleted.

g) How long can third-party e-mail providers keep your e-mails?

Indefinitely

h) Is there a specific law that specifies what information must be retained for legal purposes?

No, there are multiple laws that specify what information must be retained.

i) What two requirements in the U.S. Rules of Civil Procedure are likely to cause problems for firms that do not have a good archiving process?

In the initial discovery meeting, which occurs shortly after a lawsuit begins, the defendant must be able to describe what information it has and how it will provide it. This requires a good in-place archiving system.