10 Questions
What are some of the operational complexities that large organizations face when responding to security incidents?
Maintaining state across teams and handing off incident management at the boundaries of work shifts, and balancing the need to involve all essential parties with the need to restrict information sharing on a need-to-know basis.
What is the primary goal of Incident Management at Google (IMAG)?
To establish a standard, consistent way to handle all types of incidents, from system outages to natural disasters, and organize an effective response.
Why is it essential to have a clear chain of command and a solid set of checklists, playbooks, and protocols during a crisis?
To ensure an effective response and maintain control during a crisis.
What is the purpose of Google's Disaster Recovery Testing (DiRT) program?
To regularly simulate various internal system failures and force teams to cope with these types of scenarios.
What is the double-edged sword of having the capability to push changes quickly to fix a vulnerability?
It can help close vulnerabilities quickly, but it can also introduce bugs or performance issues that cause a lot of damage.
What is the primary consideration when deciding whether to push fixes slowly or quickly?
A risk assessment and a business decision.
What is the goal of a robust fleet recovery system?
To have a reliable representation of every machine's current and desired state, and to provide backstops to ensure that state is never rolled back to an obsolete or unsafe version.
What is the primary challenge of responding to security incidents in a large organization?
Maintaining state across teams and handing off incident management at the boundaries of work shifts.
What is the benefit of using Incident Management at Google (IMAG) even for small incidents?
It prompts teams to regularly exercise emergency tools and processes.
Why is it important to have reliable recovery mechanisms in place?
To allow for quick changes and updates without compromising reliability, and to catch potential problems before they cause a widespread outage.
Learn about the cascading failures in Google's internal service caused by a password manager announcement and how a power drill was used to recover from the failures. Discover how Google's internal password manager works and its importance in storing and sharing secrets for third-party services.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
