Cloud+ Outline – Module 10

If you wish to have all the perks of being certified with the exam, you should checkout the Cisco 300-410 Dumps offered in the ITCertDumps’s Bootcamp Program.

Module 10: Security and RecoveryAccess ControlAuthentication

  • Something you know
    • Something you have
    • Something you are

Single Sign-On

  • Allows a shared login to many networks

Federation

  • Uses SSO to allow users or devices to other network resources
  • When 2 companies agree that users can login to 1 network and access info from another server

Role Based Access Controls (RBAC)

  • Most commonly used with Active Directory
  • Groups and/or roles manage the permissions
  • Permissions are inherited
  • Groups permissions is called implicit permissions
  • Users permissions is called explicit permissions

Mandatory Access Controls (MAC)

  • Permissions are determined by policies (local group policy/GPOs)
  • The OS enforces the policies

Discretionary Access Controls (DAC)

  • The OS or applications do not have power over the permissions
  • Permissions are allowed/managed only by the owner of the data
  • Resources have an access control list (ACL) (who has access to the resource)

Information Security

  • Symmetric Encryption
  • Uses one key that encrypts and decrypts data
  • Used to encrypt files
  • VPN and Wi-Fi networks can be secured
  • PGP

Asymmetric Encryption

  • Uses two keys that encrypts and decrypts data (keys offered by GAL – global access list)
  • A public key and a private key
  • Keys are stored in an account database or on a smartcard
  • Public key is shared
  • Private key is saved by the owner of the key

Common Ciphers

  • AES – 256 WiFi
  • DES – 56 however 3DES is 56+56+56=168
  • RC4 – 128 old WiFi (WEP/WPA, but not WPA2) and Radius
  • Network Security

Layered Security

  • DMZ
  • IDS/IPS Host and Network
  • Firewall
  • Denial of Service (DoS)
  • Distributed Denial of Service (DDoS)
  • Ping of Death (PoD)
  • Ping Flood

Hardening

  • Unnecessary software
  • Firmware
  • Control account access
  • Disable unneeded network ports
  • Antivirus software

Penetration Testing

  • Simulates an attack on the network
  • Designed to look for vulnerabilities in the network
  • Exploits security vulnerabilities

Vulnerability Assessments

  • Finds vulnerabilities and weakness in a network
  • Designed to fix vulnerabilities and keep the network secure

Secure Storage

  • Most important part of any network
  • Encryption
  • Backups

The process of becoming a networker isn’t considered for the faint-hearted. It requires lots of hard work and nice and trustworthy Cisco 350-401 Dumps, like that offered at the ITCertDumps, to clear this grueling exam.

ccnp exam

Training and up-to-date tools

  • Needed to keep the IT staff up-to-date with current technologies
  • Allows the IT staff to release software that keep the network safe
  • Gives admins the ability to perform job functions and respond to incidents
  • Rapid deployment allows admins to release solutions as quick as possible

High Availability

  • Fault Tolerance
  • Allows a device to function after a hardware failure
  • Hard drives are the most common fault tolerance device
  • Geo Clustering connects multiple computers in different geographic locations

Multipathing

  • Multipathing gives multiple paths to a device
  • Allows redundancy for the system
  • Usually used with storage devices
  • Load Balancing
  • Distributes the workload

Recovery

  • Disaster Recovery Methods
  • Mean Time Between Failures (MTBF)
  • How long a device will function it fails (i.e. projector)
  • Mean Time to Repair (MTTR)
  • The typical amount of time it takes to repair a failed component (i.e. few minutes)
  • Recovery Time Objective (RTO)
  • The time in-between an outage and the restoration (i.e. Exchange)
  • Recovery Point Objective (RPO)
  • The max time that data can be missed due to an incident

Multisite Configuration

  • Cold Site (physical move to another site)
  • Hot Site (take nothing, all is in place prior)
  • Warm Site (a few items may be required to continue working, minimal downtime)

Backups and Recovery

  • Backup is used to copy data in the event of a failure
  • Four different backup functions
  • Full (on Sunday)

Incremental (on Monday, Tuesday, Wednesday…) keeps sizes small in betweenOnly restore Full, then M, T, Wk – ?FIII must be restored) Differential (on Monday, Tuesday, Wednesday…)sizes compound between Full, less downtimeOnly restore Full (Sunday) and Wednesday (last taken)Image – complete image of the server Snapshots

  • Used with VM
  • Captures the state of a VM (specific VM)
  • Is not a replacement for backups
  • Has all data and files in the VM
  • Used for short term recovery (no more than a month)

Unit SummaryDescribed Access ControlDescribed Information SecurityDescribed Network SecurityDescribed High AvailabilityDescribed Recovery 

We would be discussing the ways for clearing. I would suggest you focus on the below-mentioned resources and also check out the Cisco 350-501 Dumps offered at the ITCertDumps, they are the best when it comes to Certifications Vendor.

Related Posts

Be the first to reply

Leave a Reply

Your email address will not be published.