ITPro.TV: CompTIA Security+ (SY0-601)

author: Nathan Acks
date: 2022-04-04

Virtualization

Type I hypervisors (bare metal) are most common in business applications. And Qubes. Cloud systems are obviously all based around Type I hypervisors.

Type II hypervisors are just specialized applications. VirtualBox, etc. Fine for individuals, but not as efficient… And certainly not scalable!

Virtual (guest) networking is accomplished using a switch virtualized within the hypervisor. Virtual networking can be fully isolated, VM-to-host, or VM-to-LAN (which obviously also includes the host).

Major cloud container providers:

Cloud Concepts

Cloud Computing: Delivery of computing services over the internet.

Cloud Service Provider: Organization providing cloud computing services.

Tenant: A single customer or multiple customers within a cloud provider’s network.

Elasticity: The ability of (additional) resources to be assigned (to a tenant) without service interruption.

Scaling Out: Adding more instances to service.

Scaling Up: Adding more resources (compute, RAM, etc.) to an instance.

(Confusingly, the opposite of both “scaling out” and “scaling up” tends to be called “scaling down”.)

Cloud Services

“Traditional” cloud services:

“Anything as a Service” (XaaS):

Cloud Models

“Transit gateways” provide inter-cloud and cloud-to-on-prem connections in hybrid situations.

Computing Types

Cloud vs. Edge vs. “Fog” computing.

(“Fog” computing is really about enabling edge-like computing for ultra-low power IoT devices. Such devices generally require some more powerful local system - the “IoT gateway” - to handle processing and data storage tasks. This system, in turn, may periodically communicate with either cloud-based systems or more distributed systems known as “fog nodes”.)

It’s really all about latency.

There’s also the matter of “human” cloud services - managed service providers (MSPs).

Security MSPs go by their own moniker - MSSPs (“managed security service providers”).

On a completely random note, ITPro.TV’s also going to cover software-defined networking (SDN). ITPro.TV seems to be defining software-defined networking as API-driven and abstracted network management. Three layers:

Application/Controller communication is called the “northbound API”; this is less standardized but generally involves REST APIs.

Controller/Infrastructure communication is called the “southbound API”, and is generally implemented using OpenFlow.

Cloud Security Controls

Networking controls:

Other: