Network Services and Cloud (Chapter 8) Flashcards
Can a DHCP server run with no scope?
No, it must at least have one.
Whats the difference between a NAS and SAN?
NAS is a standalone device with its own software to provide file access.
SAN is a collection of servers dedicated to storage and file management.
N is at the end of SAN, meaning its a network of servers
What is UTM?
Unified threat management
Security solution that integrates multiple security features, such as firewall, antivirus, intrusion detection, and content filtering, into a single device, most often centralized on one interface.
What is PaaS?
Platform as a Service
Provides a platform for developing, running, and managing applications without dealing with the underlying infrastructure
What is SaaS?
Software as a Service
Software applications are delivered over the internet on a subscription basis
Users access them via a web browser without managing the underlying infrastructure (ex. Google Docs)
What is the highest level of the three cloud computing models?
SaaS. It includes everything in IaaS and PaaS.
What is a private cloud?
A company’s individual cloud set up within their own network
Main benefit is security control
Removes the benefit of rapid elasticity/scalability
Example: Microsoft Azure, vSphere
What are the 4 main characteristics of cloud computing?
- On-demand self-service
- Broad network access (a variety of devices can use it)
- Resource pooling (provider’s resources are divided up among clients)
- Rapid elasticity (scale up and down as needed)
- Measured/metered service
What servers should be placed in a screened subnet?
Any server that needs to be accessed by the outside world
It provides a firewall for that server, then an additional one for the actual intranet.
This is also called a DMZ!
What does an administrator need to set up when creating a DNS server?
A zone file
When would a DHCP relay agent be needed?
If the server and client are on different subnets
What are the differences between CDMA and GSM?
CDMA:
- Uses code division so users share the same frequency band
- More efficient bandwidth usage
- Tied to the carrier, meaning phones are locked to a specific network
- Example: Verizon and Sprint in the U.S.
GSM:
- Uses time and frequency division
- Utilizes SIM cards, allowing easy switching between phones and carriers
- More widely adopted globally
- Example: AT&T and T-Mobile in the U.S
CDMA does not use sim cards
What is a hybrid cloud?
Combines public and private clouds
What is a public cloud?
Operated by third-party company and gives scalability, reliability, flexibility
On demand–client gets whatever they want
What is a cloud’s measured service?
Cloud provider charges the client based service usage
What is high availabilty?
Refers to uninterrupted and responsive service
Importance of this varies between companies
What are the three main uses for virtual machines?
- Sandbox
– temp. isolated environment to prevent changes to the physical machine - Test Development
– to create and test applications on a different OS - Application Virtualization
– to virtualize legacy software in an older OS
What is the hypervisor (a.k.a. VMM)?
Software that allows multple operating systems to share the same host
Also manages resource allocation
Key enabler for virtualization
What is a type 1 hypervisor?
Machine (usually a server) that doesn’t have an OS and only exists to create VMs directly off its own hardware (great for performance)
Examples include:
VMware ESXi, Microsoft Hyper-V (Hyper-V Server), Citrix XenServer
Also called a bare-metal hypervisor
What is a type 2 hypervisor?
Operates on top of an existing OS (host) and has some performance overhead
Exmaples include: VMware Workstation, Oracle VirtualBox, Parallels Desktop (for Mac), and Microsoft Virtual PC.
What is client-side virtualization?
Multiple OSs managed on a client machine instead of a server
What does virtual desktop infrustructure (VDI) refer to?
The software and hardware needed to create a virtual environment
Does a virtual NIC have to be connected to a physical NIC?
No. Virtual networks are possible.
What is emulation?
Replication of physical machine requirements done by the hypervisor
Does not relate to the support of multiple OSs, just runs the same as one specific OS
Whats the solution to VM attack threats?
Keep both systems updated
What is a syslog server?
Centralized logging server that receives messages generated by clients that triggered certain conditions (ex. log in, error)
Based on client-server model
What does a web server do?
Configured with web hosting software, it listens for in/outbound requests on port 443
What is a domain controller?
Centralized authentication server
What is a spam gateway?
Software or virutal appliance that blocks malicious emails from entering the network
What is unified threat management (UTM)?
Single device/interface that centralizes security management and replaces a firewall
Generally does:
Packet filtering, intrusion prevention, website blocking, spam blocking
What is load balancing?
Multiple servers help balance out work
Often, they are ogranized in groups that handle specific types of requests
What does three benefits does load balancing provide?
Performance
Scalability (if cloud)
Reliability
What does a proxy server do?
Makes requests on behalf of a client
It can conceal the sender’s identity or act as a filter
What is AAA?
Authentication, Authorization, and Accounting
Framework or system used to manage access to network resources and services, ensuring secure and controlled access for users and devices
What requires RADIUS?
VPN
It remotely authenticates them when logging in
What is SCADA?
Supervisory control and data acquisition
A category of legacy systems that control manufacturing machines and infrastructure settings
Whats contained in a DHCP scope (4)?
Subnet mask
Gateway
DNS servers
Lease duration
What are two main characteristics of a SAN?
Uses block-level storage
Requires a high-speed connection
A SOHO site has an IoT network. Whats the best way to protect the network (all of it) from IoT hacking?
Put the IoT devices in a DMZ (firewall sandwich)
What technology imitates hardware without relying on the CPU being able to run the software code directly?
Emulation
What is the difference between emulation and virtualization?
Emulation mimics a whole different hardware architecture
Virtualization is for running software built for similar or the same architecture as the host
Which of the following refers to using virtual machines as a method of provisioning workstations for corporate users?
SaaS
VDI
IaaS
PaaS
VDI
Same thing as DaaS
Which cloud computing concept is BEST described as focusing on the replacement of physical hardware at a customer’s location with cloud-based resources?
PaaS
IaaS
SECaaS
SaaS
IaaS
What kind of internet access uses bi-directional data communication via radio frequency channels on a hybrid fiber coaxial (HFC)?
Cable
What is AMD’s version of a hypervisor?
AMD-V
Two antennas that are able to communicate with eachother without obstructions is using what kind of connection?
Line of sight
Which of the following Network Configurations on a Virtual Machine are used to prevent the VM from accessing the Internet, but still allow it to communicate with the other VMs on the Host and the Host Itself?
Private
Internal
LocalHost
External
Internal
Exists within an internal virtual network
