Network Security Flashcards
Redundancy
The concept of redundancy is to design systems with duplicate components so that if a failure were to occur, there would be a backup. This can apply to the data center as well.
Cloud Computing
Cloud computing is usually associated with an internet-based set of computing resources, and typically sold as a service, provided by a cloud service provider (CSP).
Cloud computing services
Types of cloud computing service models include Software as a Service (SaaS) , Platform as a Service (PaaS) and Infrastructure as a Service (IaaS).
SaaS
Software as a Service (SaaS): A cloud provides access to software applications such as email or office productivity tools. SaaS is a distributed model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources.
PaaS
Platform as a Service (PaaS): A cloud provides an environment for customers to use to build and operate their own software.PaaS is a way for customers to rent hardware, operating systems, storage and network capacity over the internet from a cloud service provider. The service delivery model allows customers to rent virtualized servers and associated services for running existing applications or developing and testing new ones.
IaaS
Infrastructure as a Service (IaaS): A cloud provides network access to traditional computing resources such as processing power and storage. IaaS models provide basic computing resources to consumers. This includes servers, storage, and in some cases, networking resources. Consumers install operating systems and applications and perform all required maintenance on the operating systems and applications.
Deployment Models
There are four cloud deployment models. The cloud deployment model also affects the breakdown of responsibilities of the cloud-based assets. The four cloud models available are public, private, hybrid and community.
Public
Public clouds are what we commonly refer to as the cloud for the public user. It is very easy to get access to a public cloud.
MSP
A managed service provider (MSP) is a company that manages information technology assets for another company.
SLA
The cloud computing service-level agreement (cloud SLA) is an agreement between a cloud service provider and a cloud service customer based on a taxonomy of cloud computing– specific terms to set the quality of the cloud services delivered. It characterizes quality of the cloud services delivered in terms of a set of measurable properties specific to cloud computing (business and technical) and a given set of cloud computing roles (cloud service customer, cloud service provider, and related sub-roles).
Network Segmentation
Network segmentation involves controlling traffic among networked devices. Complete or physical network segmentation occurs when a network is isolated from all outside communications, so transactions can only occur between devices within the segmented network.
Demilitarized Zone
A DMZ is a network area that is designed to be accessed by outside visitors but is still isolated from the private network of the organization. The DMZ is often the host of public web, email, file and other resource servers.
VLAN
VLANs are created by switches to logically segment a network without altering its physical topology.
VPN
A virtual private network (VPN) is a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an untrusted network.
Defense in depth
Defense in depth uses multiple types of access controls in literal or theoretical layers to help an organization avoid a monolithic security stance.
