09/12/2022

Shabika V
shabikasr474@gmail.com

Assignment No 2

1. What is a load balancer? What is the main purpose of load balancing

servers in cybersecurity?
In general load balancing is a process of distribution of various tasks among
a set of resources. This kind of process increases the performance of the resources
as it can optimize the response time. A load balancer is a device that performs the
load balancing process, for example, this device sits between the servers and the
routers and evenly distributes the multiple client requests among the various
servers in order to improve the time efficiency that results in great performance.
The three types of load balancers are:
● Application load balancers
● Network load balancers
● Classic load balancers
The major purpose of load balancing servers in cybersecurity is to distribute
network traffic among multiple servers that ensures the distribution of work evenly
and improves application’s responsiveness.

2. What do you mean by Safes & Platforms in CyberArk? Mention the

installation/upgradation sequence of CyberArk components after v10.7 and
also state the reason for change between before v10.7 and after v10.7 sequence
order?
Safes enables the organization to store the users accounts based on the
requirements of an organization by using the methodology called Segregation of
Duty. Safe is known as the access control system of CyberArk as it controls every
individual account and their access to every server as per segregation(i.e., L1, L2,
L3). It also allows safe permissions as per the user level.

Platforms are defined as the technical settings for the user accounts. Also
described as shared characteristics for multiple accounts. It is used for the settings
purpose such as credential management policies and timeframe. For example, the
CPM component of CyberArk uses this platform methodology to frequently rotate
or change the passwords of the accounts for security purposes. Basically CPM is an
example for platform settings that consists of three settings such as:
● Password change
● Password verification
● Password reconciliation

The installation/upgradation sequence of CyberArk components after v10.7 is

shown below:
● Enterprise Password Vault (EPV)
● Password Vault Web Access (PVWA)
● Central Policy Manager (CPM)
● Privileged Session Manager (PSM)
The reason for change between before v10.7 and after v10.7 sequence order is
because one of the CPM services known as CPM Scanner Service depends on API
and HTTPS communication with PVWA for accounts discovery feature.

3. What is Disaster Recovery EPV and why do we require it? Also, explain DR
replication in your own words?
Disaster Recovery EPV is a passive or standby component of CyberArk that
acts as a supportive component if there occurs a sudden failure of Prod EPV which
usually remains active. This helps the CyberArk technology to stick with their
important aspect that is the continuous functioning of the CyberArk Vault even
during severe failures in case of any cyber attacks or any other issues.

DR Replication:
● It is the process where the data being recorded in either
video(.avi) or text(.txt) format will be continuously replicated
or backed up from the Prod EPV to DR EPV in real time.
Usually the recordings in PSM are stored temporarily and are
permanently stored in the EPV.

● The DR EPV constantly talks with the Prod EPV through the
Heartbeat Mechanism (it is a mechanism that monitors the connectivity or
 communication channels between the agent and the agent’s primary
management server. A packet data is being sent from the agent to the server on
asking it if it's alive or
regular intervals of 60 seconds through port 5723)
not. If it is found out not to be alive then the DR EPV takes up
as the active vault and the Prod EPV becomes the new DR
Vault.

4. How is the backup and restoration of CyberArk servers being taken?

Explain different types of backup being taken in CyberArk as well as how the
password recovery is achieved in case of unreachable CyberArk URL?
The backup and restoration of CyberArk servers are being taken care by the
following three utilities:
● Backup Utility - PA(Private Ark) Replicate.exe
○ It is used for backing up of safes, platforms, passwords,
user details, PSM recordings and other metadata.
● Restore Utility - PA Restore.exe
○ It is used to restore the CyberArk data in case of
migration to a new server or a complete disaster scenario.
● Recover Utility - Recover.exe
○ It is used to recover the privileged accounts passwords in
case of any downtime of EPV during certain activities.

The different types of Backup Utility are:

● Incremental Backup - This occurs on a daily basis. It backups only the
new data.
○ Say if there is a backup done on day1’s data on day 1. On the
second day only day2’s data will be backed up.
● Full Backup - This occurs on a weekly basis. It backups both new and
the old data.
○ Say if there is a backup done on day1’s data on day 1. The next
day that is day 2 both the day1’s and day2’s data are backed up.

The password recovery is achieved by the use of a recovery utility that helps
to recover the privileged accounts passwords in case of any downtime of EPV
during certain activities such as patching, etc.
5. What is LDAP? Can you explain the purpose of using LDAP in an
organization? Also, mention about the different types of directory services?
LDAP is abbreviated as the Lightweight Directory Access Protocol which is
an open, vendor-neutral, industry standard software protocol for accessing and
maintaining the distributed directory information services over an Internet Protocol
network. It enables anyone to locate data about organizations, individuals and other
resources such as files and devices in a network.

LDAP is an open and cross platform protocol used for directory services
authentication whose purpose is to provide communication language that
applications use to communicate with other directory services servers.

The types of directory services are:

● Standards-based Lightweight Directory Access Protocol (LDAP),
● Novell's Novell Directory Services (NDS),
● Microsoft's Active Directory.