Fault Tolerance & Cybersecurity - Complete Interactive Lesson
Part 1: Core Concepts
🛡️ Fault Tolerance & Security
Part 1 of 7 — Redundancy, Encryption, and Network Security
Fault Tolerance
Fault tolerance is the ability of a system to continue operating when a component fails.
Redundancy
The primary method for achieving fault tolerance is redundancy — having backup components or paths.
| Type | Description | Example |
|---|---|---|
| Path redundancy | Multiple routes between nodes | Internet routing around a failed link |
| Data redundancy | Multiple copies of data | Cloud backups, RAID drives |
| Hardware redundancy | Backup equipment | Redundant servers, power supplies |
Internet Redundancy
A ---- B ---- C
| | |
D ---- E ---- F
If the link between B and C fails, data can route A → B → E → F → C or A → D → E → F → C. Multiple paths ensure no single failure brings down the network.
🔑 The Internet was designed with redundancy so that no single point of failure can take down the entire network. Packets automatically reroute around failed links.
Concept Check 🎯
Cybersecurity Fundamentals
Encryption
Encryption transforms readable data (plaintext) into unreadable data (ciphertext) to protect it from unauthorized access.
| Type | Keys | Speed | Use Case |
|---|---|---|---|
| Symmetric | One shared key for encrypt and decrypt | Fast | Encrypting stored data |
| Asymmetric | Public key (encrypt) + Private key (decrypt) | Slower | Secure communication, HTTPS |
How HTTPS Uses Both
- Browser gets web server public key (asymmetric)
- Browser encrypts a session key with the public key
- Server decrypts session key with its private key
- Both sides use the session key (symmetric) for fast communication
Common Threats
| Threat | Description |
|---|---|
| Phishing | Fake emails/sites tricking users into giving up passwords |
| Malware | Software designed to damage or gain unauthorized access |
| DDoS | Distributed Denial of Service — flooding a server with traffic |
Applied Recall ✍️
-
Having multiple backup paths or components so a system continues working after a failure is called _______.
-
Encryption that uses one shared key for both encryption and decryption is called _______ encryption.
-
An attack that tricks users into revealing passwords through fake emails or websites is called _______.
Security Classification 🔍
AP Exam Strategy: Fault Tolerance & Security
- Redundancy is the #1 fault tolerance mechanism — multiple paths and backups
- Know symmetric (one key, fast) vs asymmetric (two keys, secure key exchange)
- HTTPS uses BOTH: asymmetric for initial handshake, symmetric for ongoing communication
- Know common attacks: phishing, malware, DDoS, man-in-the-middle
- A single point of failure means the system is NOT fault tolerant at that point
- More connections in a network = more redundancy = more fault tolerant
AP-Style Application 🎯
Part 2: Key Processes
🛡️ Fault Tolerance & Security
Part 2 of 7 — Key Processes
Fault Tolerance: Working Despite Failures
A fault-tolerant system continues operating correctly when a component fails. The key idea: redundancy plus a way to detect and recover from failures.
| Technique | How it tolerates faults |
|---|---|
| Redundancy | Multiple copies of data or compute. |
| Replication | Same data in many locations. |
| Failover | Automatic switch to a backup. |
| Retries | Try again when a request fails. |
| Graceful degradation | Reduce functionality instead of crashing. |
Concept Check 🎯
Why The Internet Survives Failures
The original Internet design (1960s ARPANET) assumed parts of the network would fail. Packet switching + dynamic routing means traffic can flow around broken links automatically.
| Failure | Mitigation |
|---|---|
| Cable cut | Routers find alternate paths. |
Part 3: Patterns & Examples
🛡️ Fault Tolerance & Security
Part 3 of 7 — Patterns & Examples
Security Has Three Goals: CIA
| Goal | Meaning |
|---|---|
| Confidentiality | Only authorized parties can read. |
| Integrity | Data isn't altered without detection. |
| Availability | The service keeps responding. |
Different threats target different goals; defenses are different for each.
Concept Check 🎯
Common Threats And Defenses
| Threat | Defense |
|---|---|
| Eavesdropping | TLS / encryption in transit. |
| Tampering | Digital signatures, message-authentication codes (MAC). |
| Phishing | User awareness, MFA, anti-phishing tools. |
| Malware | Updates, sandboxing, antivirus, code signing. |
| DDoS | Rate limiting, CDNs, scrubbing. |
| SQL injection |
Part 4: Connections & Interactions
🛡️ Fault Tolerance & Security
Part 4 of 7 — Connections & Interactions
Security & Fault Tolerance Connect Across CSP
| Connection | Why |
|---|---|
| Security ↔ Networks | Most attacks come over the network. |
| Fault tolerance ↔ Systems | Systems fail; designs must adapt. |
| Security ↔ Data | Data must be protected throughout its lifecycle. |
| Security ↔ Impact | Breaches have human consequences. |
Concept Check 🎯
Defense In Depth
No single defense is enough. Layer them:
| Layer | Defense |
|---|---|
| Perimeter | Firewall, DDoS scrubbing. |
| Network | TLS, segmentation. |
| Host | Patching, hardening. |
| App | Input validation, least privilege. |
| Data | Encryption-at-rest, backups. |
| Identity | MFA, strong auth. |
Part 5: Change Over Time
🛡️ Fault Tolerance & Security
Part 5 of 7 — Change Over Time
How Security & Fault Tolerance Have Evolved
| Era | Defining shift |
|---|---|
| 1990s | Anti-virus, basic firewalls. |
| 2000s | TLS adoption; widespread cyberattacks. |
| 2010s | Cloud-scale DDoS, ransomware, MFA mainstream. |
| 2020s | Supply-chain attacks, AI-assisted phishing, post-quantum prep. |
Concept Check 🎯
Notable Modern Shifts
| Shift | Effect |
|---|---|
| Cloud everywhere | Big providers handle base infra; devs share responsibility. |
| Zero trust | Don't trust any network; verify every request. |
| Ransomware | Backups + segmentation + plan = recoverability. |
| AI-assisted attacks | Phishing/spam quality is rising. |
| Open-source dependencies | Strong upside; supply-chain risk. |
"Security Through Obscurity" Doesn't Work
Part 6: Problem-Solving Workshop
🛡️ Fault Tolerance & Security
Part 6 of 7 — Problem-Solving Workshop
Fault Tolerance & Security Workshop
Concept Check 🎯
Worked: Designing An Outage-Resistant Service
| Layer | Plan |
|---|---|
| Servers | Multiple instances behind a load balancer. |
| Region | Multi-region with automatic DNS failover. |
| Data | Replicated DB + nightly backups + retention plan. |
| Code | Blue/green or canary deploys to enable rollback. |
| Monitoring | Alerts on errors, latency, saturation. |
| People | On-call rotation + runbooks + post-incident review. |
Worked: A Phishing Triage
- Don't click.
- Check sender domain (often misspelled).
- Hover URLs to see the actual destination.
- Verify out-of-band (call the company at a known number).
- Report to IT / mark as phishing.
Worked: Choosing Authentication
| Use case | Recommendation |
|---|---|
| School portal |
Part 7: AP Review
🛡️ Fault Tolerance & Security
Part 7 of 7 — AP Review
AP Exam Recap — Fault Tolerance & Security
Concept Check 🎯
Final Vocab
| Term | Definition |
|---|---|
| Fault tolerance | Continues operating during failures. |
| Redundancy / replication / failover | Mechanisms enabling fault tolerance. |
| Backup | Point-in-time data snapshot. |
| CIA | Confidentiality, Integrity, Availability. |
| Symmetric / asymmetric encryption | One key vs. key pair. |
| Hash | One-way digest. |
| MFA | Multi-factor authentication. |
| Phishing / DDoS / ransomware | Common threats. |
| Defense in depth | Layered defenses. |
| Zero trust | Verify every request. |
| Supply-chain attack | Compromise a trusted dependency. |
Common Pitfalls
- Confusing replication and backup.
- Storing passwords in plaintext or reversible encryption.