< All CompTIA Cloud+ Notes

tsirhCdneM | CompTIA Cloud+ | Module 10

By: Raul Pop | Related Course: CompTIA Cloud+ | Published: June 13, 2017 | Modified: June 13, 2017
Join Cybrary

NotepadSecurity and Recovery

Access Control

Information Security

Network Security

High Availability



Access Control


Single Sign-On


Role-Based Access Controls(RBAC)

Mandatory Access Controls(MAC)

Discretionary Access Controls(DAC)



Something you know

Something you have

Something you are


Single Sign-On

Allows a shared login to many networks



Uses SSO to allow users or devices to other network resources

When two companies agree that users can login to one network and access information form another server


Role-Based Access Controls(RBAC)

Most commonly used with Active Directory

Groups and/or roles manage the permissions

Permissions are inherited

Groups permissions is called implicit permissions

Users permissions is called explic permissions


Mandatory Access Controls(MAC)

Permissions are determined by policies

The OS enforces the polices


Discretionary Access Controls(DAC)

The OS or applications do not have power over the permissions

Permissions are allowed only be the owner of the data

Resources have an access control list (ACL)


Information Security

Symmetric Encryption

Asymmetric Encryption

Common Ciphers


Symmetric Encryption

Uses one key that encrypts and decrypts data

Used to encrypt files

VPN and Wi-Fi networks can be secured



Assymetric Encryption

Uses two key that encrypts and decrypts data

A public key and a private key

Keys are stored in an account database or on a smartcard

Public key is shared

Private key is saved by the owner of the key


Common Ciphers

AES-256 Wifi (WPA2)

DES-56 however 3DES is 56+56+56=168(Hash algorithm)

RC4-128 old WIFI and RADIUS


NotepadSecurity and Recovery

Network Security

Layered security


Penetration testing

Vulnerability asssessments

Secure Storage

Training and up-to-date tools


Layered Security


IDS/IPS Host and Network


Denial of Service(DoS)

Distributed Denial of Service(DDoS)

Ping of Death(PoD)

Ping Flood



Unnecessary software


Control Account access

Disable unneeded network ports

Antivirus software


Penetration Testing

Simulates an attack on the network

Designed to look for vulnerabilities in the network

Exploits security vulnerabilities


Vulnerability Assessments

Finds vulnerabilities and weakness in a network

Designed to fix vulnerabilities and keep the network secure


Secure Storage

Most important part of any network




Training and up-to-date tools

Needed to keep the IT staff up-to-date with current technologies

Allows the IT staff to release software that keep the network safe

Gives admins the ability to perform job functions and respond to incidents

Rapid deployment allows admins to release solutions as qucik as possible


It also addresses high availability:

Fault Tolerance


Load Balancing


Fault tolerance

Allows a device to function after  a hardware failure

Hard drives are the most common fault tolerance device

Geoclustering connects multiple computers in different geographic locations



Multipathing gives multiple paths to a device

Allows redudancy for the system

Usually used with storage devices


Load Balancing

Distributes the workload




Disaster Recovery Methods

Multisite Configuration

Backups and Recovery



Disaster Recovery Methods

Mean Time Between Failures(MTBF)

How long a device will function before it fails

Mean Time to Repair(MTTR)

The typical amount of time it takes to repair a failed component

Recovery Time Objective(RTO)

The time in between an outage and the restoration

Recovery Point Objective (RPO)

The max time that data can be missed due to an incident


Multisite Configuration

Cold site

Hot site

Warm site


Backups and Recovery

Backup is used to copy data in the event of a failure

Four different backup functions:







Used with VM

Captures the state of a VM

Is not a replacement for backups

Has all data and files in the VM

Used for short term recovery

< All CompTIA Cloud+ Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?