Cloud+ Review

Module 1

Technical Benefits/characteristics of Cloud Computing

• Resource Pooling
• On-demand self-service
• Rapid elasticity
• Measured services
• Broad network access

Business Benefits of Cloud Computing

• Movement of IT expenses from Capital Expenditures (CapEx) to Operational Expenditures

(OpEx).
• Improvement of service quality
• Access to new technologies and services

Three Primary Service Models

• Software-as-a-Service (SaaS)
• Platform-as-a-Service (PaaS)
• Infrastructure-as-a-Service (IaaS)

There are many other services offered by CSPs, including such things as Graphics-as-a-Service (GaaS),
Desktop-as-a-Service (DaaS), and Disaster Recovery-as-a-Service (DRaaS), Database-as-a-Service
(DBaaS), Anything-as-a-Service (XaaS)

The “Big 4” Cloud Service Providers

• Amazon Web Services (AWS™)

• Microsoft® Azure®
• Google Cloud Platform™ (GCP)
• IBM

Core Cloud Solution Components

• Compute
• Virtual servers and machines
• Containers
• Storage
• Database
• Network and content delivery
• Security, identity, and compliance
• Application services
• Developer tools

1
Additional Cloud Computing Components

• Analytics
• Migration
• Management tools
• Artificial intelligence
• Mobile services
• Messaging
• Business productivity
• Desktop and streaming
• Software development and publishing
• Internet of Things

The common cloud computing architectures

• Public cloud
• Private cloud
• Hybrid cloud
• Community cloud

Further Deployment Differentiation

• Single server
• Single cloud architecture
• Multi-cloud architecture

CSP Agreements

• Master Subscription Agreements (MSAs)

• Service Level Agreements (SLAs)
• Quality of Service (QoS) Frameworks

Non-cloud security apparatus that needs to be configured to allow traffic from cloud

• Firewalls
• Proxy servers
• Encryption technologies
• Antivirus software
• Anti-malware software
• Intrusion detection and prevention systems

Cloud service providers offer authentication and identity management mechanisms, but In many cases,
authentication and identity management will be handled by on-premises, non-cloud systems.

2
How to evaluate existing systems to see if they are a good fit for the cloud

• Systems and Platforms

o Should be x86-64-bit chipset
• Applications (The following aren’t a good fit)
o Applications that require direct access to hardware
o Applications that use or require hard-coded IP addresses
o Latency sensitive apps
o Apps that transfer very large files
o Apps that use outdated APIs or APIs that are not supported by the CSP

CSPs provide Application Programming Interfaces (APIs) to allow programmatic access for
administration, management, and monitoring of their services. Use the:

• Representational State Transfer (REST) framework

• Simple Object Access Protocol (SOAP) framework
• Cross-platform and vendor-specific API

Cloud Automation - the completion of a cloud-related administrative task without human intervention

Cloud Automation Options

• Command Line Interface (CLI) commands

• Web and graphical user interface (GUI) tools
• Cloud portal tools
• Third-party tools

Orchestration - automates a sequence of tasks and can automate entire processes

Common uses for cloud orchestration

• Resource orchestration: to provision and allocate resources to cloud environments or solutions.

• Workload orchestration: for management of apps and other cloud workloads and the
components essential to those workloads.
• Service orchestration: to deploy services in cloud environments.

DevOps (Infrastructure as Code) - The practice of bringing a DevOps approach to infrastructure

management

Benefits of DevOps Approach - moves automation and orchestration to a mindset and technical
approach rather than an administrative activity; building, testing, and releasing changes happens
regularly and updates are quick and reliable

3
Third-Party Tools for Orchestration

• Chef – Coding heavy

• Puppet - Caters more to operations teams (Infrastructure as Code) and requires less coding
• Heat - Used for orchestration in OpenStack environments
• Juju - Used for Ubuntu OS environments
• Docker - Used by app development teams for a continuous integration approach
• Visual Studio - Primarily used in Microsoft environments
• GitHub - Provides a code repository and collaboration site

Cloud Deployment Plans should include:

• Business goals and milestones

• Key stakeholders and personnel
• Cloud deployment workflow
• Dependencies
• Risks and problems
• Resources
• Communications

Measure performance and create baselines for comparisons.

Cloud Structure Requirements

• Network requirements
• Security and compliance requirements
• App architecture requirements; two-tier where clients or three-tier

Module 2

Change Management Processes should involve

• Identifying the change or developing a solution to address a problem (which then becomes the
change).
• Recording the change.
• Assessing the impact of the change.
• Notifying stakeholders of the change or requesting approval to make changes.
• Scheduling implementation of changes.
• Monitoring the impact of the change.
• Rolling back changes if required to address issues that arise from the changes.

Changes must me approved on an approval process before they can be scheduled

4
Assessing the impact of changes (not all changes are negative)

• Impact to project schedule (both current phase and any cascading implications that will impact
deadlines).
• Impact on project dependencies.
• Impact to project goals.
• Impact on project costs.
• Impact to projected project ROI.

Determine the best schedule for implementing changes:

• What steps are dependent upon the change?

• Who will implement the change, what's their availability, and how will that impact other cloud
deployment tasks?
• What verification steps are needed to ensure the change is properly implemented?

A configuration management database (CMDB) stores information about IT installations including

authorized configurations and relationships to other IT assets - Items stored are referred to as
configuration items (CI)

• Tracks the state of asset configurations

• Allows organizations to deploy duplicate assets for tests
• Reconstruct assets to any desired state from the time tracking started
• Allows for impact analysis of changes made and root cause analysis of outcomes related to
changes made

Cloud Deployment Workflow

1. Provision the cloud environment

2. Install and configure applications
3. Secure the production environment
4. Perform a trial migration
5. Perform full migration and cutover

CSP Recommendations for deployments

• Recommendations
• Best practice guides
• Checklists

Deployment Documentation Requirements

• Pre-deployment documentation
• Deployment documentation
• Post-deployment documentation

5
Post-Deployment Cloud Configuration Tasks

• Testing and validation that the solution is functional and performing well.
• Setup of user roles and access.
• Configuration of integration components.
• Configuration of data connections.
• Configuration of system or data backup.

Cloud Management Options

• Management portal
• Command-line management
• API management

Module 3

Test Plan - formal set of criteria, functions, or tasks that must be tested in order to validate that a
service, app, or cloud infrastructure component meets specific criteria

Test Case – represents an individual scenario and may contain the following information:

• Data to be tested
• Procedures or inputs
• Scenarios and descriptions
• Expected results
• Actual results

When testing a cloud deployment, your team should be using a formal test plan made up of test cases
and documented results.

Shared Component (hosts, network, storage) Testing Items:

• Sizing
• Connectivity
• Resource allocation
• Security
• Performance

Multiple cloud environments for more seamless development, testing, and deployment of updates both
to infrastructure and apps; three cloud environments; must stay identical

• Development cloud
• Quality Assurance (QA) or Testing Cloud
• Production Cloud

6
Test for Goals of Cloud Deployment Plan; goals documented

• Connectivity Testing
o Latency
o Performance
• Data Integrity Testing
o Validating each value if it is successfully saved to the database.
o Ensuring the data compatibility against old hardware or old versions of operating
systems and browsers.
o Verifying the data can be modified and deleted.
o Verifying size and number of files present.
o Checking whether or NOT a blank value or default value can be retrieved from the
database.
• Proper Function Testing
o Identification of functions that a service or app is expected to perform.
o Use of input data based on function specifications.
o Examination of output based on function specifications.
o Execution of the test case.
o Comparison of expected and actual outcomes.
o Checks against whether the service or app works as needed
• Accessibility Testing
o WCAG 2.0
o Federal Section 508

Highly available (HA) solutions are systems, services, apps, or components that are always, or nearly
always, up and running

High Availability Options:

• Load balancing
• Replication
• Multi-region deployments

Load Balancing Tests

• Verify that load is being distributed as designed

• Test performance under load
• Test failover
• Test farm reentry

Replication Tests

• Confirm replication configuration

• Test that replication is working
• Test that replication is working under load
• Test performance under load
• Test failure and reentry of database nodes

7
Benefits of using multiple regions:

• Provides access to cloud resources close to end-users.

• Allows for multi-region HA
• Allows for multi-region disaster recovery and business continuity.
• Allows organizations to provide data driven services in countries or regions with different laws
governing data access.

Multi-region Performance Testing:

• Load balance testing

• Replication testing
• Test regional failures

Load Testing - simulate usage by placing synthetic load, in the form of traffic, requests, query
submissions, and so forth, to cloud services and apps

• Stress testing (a type of load testing)

o Aims to find the upper limits of a solution's usage
o to document the impact on performance under those "beyond peak" load scenarios
o To discover a load value after which solution performance degrades below acceptable
levels

Three types of penetration tests:

• White box
• Gray box
• Black box

Success factors for testing:

• Functionality
• Sizing
• Automation and orchestration
• Scaling
• Performance
• SLA guarantees
• Security
• Compliance

Test results will include:

• The expected results and actual results.

• Any errors or warnings encountered.
• Observations by testers.

8
Cloud Performance Fluctuation Variables:

• Devices used to access the solution

• Service and app design
• Application components
• WAN resources
• Peak usage
• Cyberattacks

Ways to improve cloud performance:

• Consolidate in the cloud

• Scale up
• Scale out
• Improve network bandwidth
• Rewrite app code

Module 4

Responsible Parties in Cloud Environments - some security services will need to be managed by the CSP
and others coordinated with the CSP

Corporate Security Policies

• Goals or mission statement for cloud services

• Data classification
• Scope
• Responsibilities
• Policy statements

Security is designed to prevent the following:

• Abuse and unallowed use of cloud resources

• Breaches and exploitation of shared resources
• Breaches and exploitation of cloud apps
• Access to resources by malicious insiders
• Data theft, loss, and leakage
• Account, service, and traffic hijacking
• Unknown risk profile

A holistic security approach, also called defense-in-depth or layered security, is considered a best
practice approach and applies multiple remediation processes, technologies, and security controls to
protect components, services, apps, and data at different levels so that attackers must break through
multiple defenses to gain access. This also increases the likelihood notification mechanisms will alter
administrators of attack.

Encryption - a cryptographic technique that converts data from plaintext form into ciphertext

9
Decryption - converts ciphertext back to plaintext

• Plaintext is unencrypted data that is meant to be encrypted (or the result of decrypting
encrypted data).

• Cleartext is unencrypted data that is not meant to be encrypted

Need for a Compliant Cloud Design:

• Medical: HIPAA (Health Insurance Portability and Accountability Act).

• Education: FERPA (Federal Education Rights and Privacy Act).
• Email and cloud content: SCA (Stored Communications Act).
• Consumer credit history: FCRA (Fair Credit Reporting Act).
• Children's data and images: COPPA (Children’s Online Privacy Protection Act).
• Internal financial records of public companies: SOX (Sarbanes-Oxley).
• Protection of public data held by federal agencies: FISMA (Federal Information Security
Management Act).
• Credit card processing: PCI DSS (Payment Card Industry Data Security Standard).

Governance model: Control Objectives for Information and Related Technology (COBIT includes:

• A framework for implementation and linking governance to business requirements.

• Process descriptions for planning, building, running, and monitoring IT processes.
• Control objectives, which are requirements that are considered necessary for management of IT
services.
• Maturity models that allow for processes to develop, evolve, and be refined.
• Guidelines for management to help assign responsibilities, measure performance, and define
objectives

Although a CSP may be certified to handle certain types of data or to meet regulations, ultimately you
are responsible for meeting regulatory compliance for your cloud.

Cloud Compliance and Governance Issues:

• CSP compliance with data handling requirements set out by specific regulations such as PCI DSS
or HIPAA
• Location, recoverability, and retention of data stored in the cloud
• Physical and digital security
• Support and procedures for cross-border investigations

Audit and Compliance Requirements process steps:

• Identify compliance requirements such as corporate policies and standards, laws and
regulations, SLAs, etc.
• Implement policies, procedures, processes, and systems to satisfy those compliance
requirements.
• Monitor whether these policies, procedures, and processes are followed diligently.

10
Module 5

A virtual network, sometimes called a VNet, or Virtual Private Cloud (VPC), are often a representation of
your network in the cloud; benefits and capabilities:
• Isolation
• Internet connectivity
• Connection to other CSP services
• Connection to other virtual networks
• Connection to on-premises
• Traffic filtering

Virtual Network Components

• Virtual switch
• Virtual bridge
• Virtual host adapter
• NAT
• DHCP server
• Ethernet adapter

Software defined networking (SDN) software-based configuration of networks.

Network Component Configuration Options

• Subnets
• Routers or routing tables
• DNS
• CSP region or zones
• Traffic filters

Ports and Protocols

11
Apps in the cloud will use the same ports as they do on-premises

Check these documents to determine which ports and protocols

you need to configure access for
• Application and service configuration guides
• CSP security and deployments guides
• Deployment guides from third-party sources or consultancies
• Your own documentation, firewall, and routing information
• port scanner or protocol analyzer for legacy apps

Cipher
• Enciphering
• Deciphering

Cryptanalysis is the science of breaking codes and ciphers

Network Security Options

• Flood guards
• Loop protection
• Port security
• Secure router configuration
• Network separation
• VLAN management
• Implicit deny
• Log analysis

12
Network Encryption Technologies
• Internet Protocol Security (IPSec)
• Point-to-Point Tunneling Protocol (PPTP)
• Layer 2 Tunneling Protocol (L2TP)
• Secure Shell (SSH)
• PKI
• Digital certificate
• HTTPS
• TLS and SSL

Virtual Private Network (VPN) can securely connect any two networks by establishing an
authenticated path over which traffic is encrypted.

Network Segmentation and Security

• Demilitarized Zone (DMZ)
• Virtual Extensible LAN (VXLAN)
• Micro-Segmentation

Segmentation Options
• Management traffic
• Operations traffic
• Virtual machine production traffic

Network Security Software and Devices

• IDS
• Network intrusion detection system (NIDS)
• WIDS
• IPS
• NIPS
• WIPS
• Web security gateways

Types of Network Monitoring

• Signature-based
• Anomaly-based
• Behavior-based
• Heuristic

Antivirus and Anti-Malware Software

• Antivirus software
• Anti-spyware
• Host-based firewalls

Agent-based and agent-less security services; pros and cons

13
Firewalls
• Host or personal
• Network-based
• Web application-based

SLA Security Considerations

1. Ownership
2. Availability of services
3. Baseline services

Chain of Custody (CoC); what is tracked

Patches and Maintenance for Network Security

• Take a detailed inventory and keep it up-to-date.
• Standardize systems as much as possible
• Make a list and map of security software and devices in place
• Put in place a reliable system for collecting vulnerability alerts.
• When alerts come out, compare them to inventory to quickly identify systems that may be
impacted.
• Assess the risk based on the alert
• Create a priority system for quickly deploying patches to affected systems.
• Update all affected documentation.

Impact of Security Tools on Systems and Services

• The need for security software of all types to manage, monitor, and secure systems.
• The need to hire skilled security staff.
• The need to obtain continuing education of skilled security staff.
• The need to invest in automation and DevOps practices to automate patching and other security
processes.
• The need to invest in software, training, or consulting to manage security across diverse
multicloud and hybrid cloud environments.

Module 6

Identification
Authentication
Authorization
Identity Access Management

Authentication Factors
• Something you are, including physical characteristics, such as fingerprints or a retina pattern.
• Something you have, such as a token or access card.
• Something you know, such as a password.
• Somewhere you are or are not, such as an approved IP address or GPS location.
• Something you do, such as established keystroke patterns or tracing over a Windows 8 or 10
picture password.

14
Multi-factor Authentication (MFA)

Authentication Protocols
• PAP
• CHAP
• TACACS
• RADIUS
• DIAMETER
• Kerberos

Identity federation
SSO
Transitive Trust

Account Management
Principle of least privilege
Privilege bracketing

Account Policy Considerations

• Who can approve account creation.
• Who is allowed to use a resource.
• Whether or not users can share accounts or have multiple accounts.
• When and how an account should be disabled or modified after a user access review.
• When and if a user account should expire after a period of non-use.
• When to enforce general account prohibition.
• What rules should be enforced for password history, password strength, and password reuse.
• When to lock out an account in the event of a suspected incident or hijacking attempt.
• When and how to recover an account after it has been compromised or deleted.

Account Management Security Controls

• Types of accounts that will be allowed
• Account privilege guidelines
• User ID and password requirements
• Account access restrictions
• Account management guidelines
• Multiple account guidelines
• Continuous monitoring

Account Life Cycle

• Account creation/provisioning.
• Account management, including adding, changing, and removing access or levels of access.
• Account deletion/deprovisioning when users leave.

Data Classification
• The sensitivity of the data.
• Business impact of data if exposed, lost, or breached.
• Regulatory or compliance rules, including applicable regulations, access requirements, and retention
requirements.

15
Access Control Methods
• Mandatory Access Control (MAC)
• Discretionary Access Control (DAC)
• Role Based Access Control
• Rule Based Access Control
• Dynamic Access Control

User Account Provisioning Methods

• Discretionary account provisioning
• Self-service account provisioning
• Workflow-based account provisioning
• Automated account provisioning

User Account Lifecycle Management

• Processes to identify accounts as inactive, suspended, or marked for deletion.
• Processes to delete unneeded accounts after a pre-determined length of time.
• Processes to monitor user privileges.
• Keep a list of all past user identities to prevent an accidental reactivation of an account

Account Automation Orchestration Activities

• Creating accounts.
• Assigning group memberships.
• Assigning rights and privileges to accounts.
• Disabling/suspending user accounts.
• Deleting user accounts.
• Query directory to find group membership and rights.
• Grant or remove admin permissions.

Orchestration Activities
• Orchestrating creating of accounts, assignments of group memberships, and rights based on an
employee's role, department, or other criteria specified.
• Orchestrating change of account group memberships, and rights based on a change of
department, role, or promotion.
• Orchestrating detection of unused accounts that trigger emails to account owners at specified
intervals and sequentially disable then delete the account.

Module 7

Once you select an architecture you should stick with it; AMD-V or Intel-VT

Containers usually include the following:

• The application
• Application dependencies
• Application libraries
• Application binaries
• Application configuration files

16
Advantages of Containers for Development

Optimization vs Overcommitment of Resources

Memory Bursting, Ballooning, and Overcommit

Module 8

IOPS measures I/O performance for compute storage devices such as hard disk drives
(HDDs), solid state drives (SSDs) , and storage area networks (SANs).

Storage Protection Options

• Local replication
• Regional replication
• Geo-redundant storage (GRS)

Storage Mirroring
Snapshots and Clones

Network Storage Types

• Object storage (blob)
• File storage
• Table storage
• Queue storage
• High-performance storage

Storage Compression Technologies

• File compression
• Storage array compression
• Backup storage compression

Data Deduplication
• Segment data into blocks or some other discrete portion.
• Create a hash for each block.
• Compare the hash to existing hashes to determine if the data is already stored in a different
block.
• Add a pointer to the existing object already stored in the database in place of the duplicate data.
Storage Tiers
• Hot storage for frequently accessed data or data used on a day-to-day basis. This is highest
performance (outside of special high-performance storage tiers) and costs the most to get
access to.
• Warm storage for less frequently accessed data such as data used a few times a month. Month
end account spreadsheets and other data files might fall into this category. This storage is
slightly slower and costs less to access.
• Cold storage for rarely accessed data. This is used for archival purposes, is slower, and costs
even less to store data, too. Some providers charge an additional fee to read data from cold
storage.

17
Storage Access Protocols
• SCSI
• Fibre Channel (FC)
• iSCSI
• FCoE
• CIFS
• NFS
• HTTP

Storage Management Considerations

• Virtualization
• Replication
• RAID and mirroring
• Security
• Compression
• Traffic analysis
• Process automation
• Storage provisioning
• Data movement between hot, warm, and cold storage

Storage Provisioning Models

• FAT/Thick Provisioning
• Thin Provisioning

Tokenization

Encrypt data at rest, in transit, and in use

ACLs
Data Obfuscation (DO)

Zoning or LUN in SANs

Module 9

Cloud Deployment Types

• P2V
• V2V
• V2P
• P2P

Online vs. Offline Migrations

Storage Migrations
• Data cannot be moved all at once while offline because the migration would take too long
• It's not feasible to move data due to bandwidth consumption

18
OVF -An OVF package contains the software files and an Extensible Markup Language (XML)
OVF descriptor file in a single folder

Common Cloud Workloads

• Analytic workloads
• Batch workloads
• Database workloads
• High-performance workloads
• Transactional workloads

App portability considerations; including legacy apps

Container Migration Considerations

• Decompose the app
• Find base images to base new containers on (or use a migration tool such as Image2Docker)
• Configure the containerized app
• Create the container images
• Run the containers and test

Virtual Machine Migration Issues

• Vhd and vhdx migration
• Processor architecture
• Hypervisor to hypervisor migration

Migration Methods
• Lift and shift
• Lift, tinker, and shift
• Repurchasing
• Refactoring
• Retirement
• Revisit

Bandwidth considerations during migration

Data Transfer Options for Migration

Downtime impact; costs both in IT resources and lost productivity

Environmental Considerations
• Working hours restrictions
• Peak time frame constraints
• Legal restrictions
• Time zone constraints

19
Module 10

Scope of Components to be Patched

• Hypervisors
• Virtual machines\Operating systems
• Virtual appliances
• Networking components
• Applications
• Storage components
• Clusters

Patching Cloud Systems

• Production vs. Development vs. QA Patching
• Rolling Updates
• Blue/Green Deployment Patching
• Failover Cluster Patching

Hotfixes fix specific flaws on an emergency basis

Patching dependency considerations

Patching Order of Operations; 7 Steps

What types of Maintenance Activities to automate and schedule it

Module 11

Backup Types
• Full backup
• Incremental backup
• Differential backup
• Copy-on-write snapshot
• Clone or split mirror snapshot
• Redirect-on-write storage snapshot
• Incremental snapshot
• Change block/delta tracking

Backup Targets
• Tape
• DAS
• NAS
• SAN
• Integrated backup appliances
• Cloud

Online/Offline Backups

20
Disaster Recovery focuses on repairing, reconstructing, restoring, and replacing systems, personnel, and
other assets after a disaster has affected the organization
• Recovery Point Objective (RPO)
• Recovery Time Objective (RTO)

DR Capabilities of Cloud Service Providers

• Backup to and restore from the cloud
• Back up to and restore to the cloud
• Replication to virtual machines in the cloud
• Managed applications and managed DR in the cloud
• File transfer
• Archiving
• Third-party sites

DR: SLAs, Corporate procedures, CSP procedures, bandwidth or ISP DR limitations

Business continuity , also known as continuity of operations (COOP) , is a collection of

processes that enable an organization to maintain normal business operations in the face of some
adverse event.

A BCP should contain the following items:

• Initial data, including important contact information, located at the beginning of the plan
• Revision management process that describes change management procedures
• Purpose and scope
• How to use the plan, including guidelines as to when the plan will be initiated
• Policy information
• Emergency response and management
• Step-by-step procedures
• Checklists and flow diagrams
• Schedule for reviewing, testing, and updating the plan

Alternate Sites
• The physical location of the site
• The comfort of employees during a crisis
• Will it be able to support the needed technology?
• Does it have amenities such as day care, kitchen, restrooms, etc.?

Aspects of Continuity of Operations

BC Connectivity Issues
• Phone systems
• Internet/Network Connectivity
• Bandwidth capacity

21
Module 12

Benefits of monitoring

Synthetic vs. real-time monitoring

A key performance indicator (KPI) is a quantifiable measure a company uses to determine how well it
meets the set operational and strategic goals

Cloud Components to Monitor

Performance monitoring
• Performance to Baselines Comparison
• Performance to SLA Comparison

Tuning and Optimization Options for Cloud Target Objects

Performance and Capacity Optimization Options

Module 13

Monitor for anomalies and send alerts based on deviations

Event correlation follows these five steps:

1. Event filtering.
2. Event aggregation
3. Event de-duplication
4. Event masking
5. Root cause analysis

Monitoring also helps with Resource Capacity Forecasting

Capacity Planning Considerations

22
Change management control is a systematic way of approving and executing change in order to assure
maximum security, stability, and availability of information technology services

Create Reports on Cloud System Metrics

Chargeback and Showback Models

Module 14

Troubleshooting Steps
1. Identify the problem: Question the user and identify user changes to the computer and
perform backups before making changes.
2. Establish a theory of probable cause: Question the obvious. If necessary, conduct internal or
external research based on symptoms.
3. Test the theory to determine cause: Once the theory is confirmed, determine the next steps to
resolve the problem. If the theory is not confirmed, establish a new theory or escalate.
4. Act: Establish a plan of action to resolve the problem and implement the solution.
5. Test and prevent: Verify full system functionality and, if applicable, implement preventative
measures.
6.Report: Document findings, actions, and outcomes.

Troubleshoot and Resolve these issues:

• Resource Contention Issues
• Connectivity Issues
• Cloud Service Provider Outage
• License Issues
• Template Misconfiguration
• Time Synchronization Issues

23
 • Language Support
• Deployment-Related Automation Issues
• Capacity issues and unplanned expansions
• Automation and orchestration issues
• Breakdowns in the Workflow
• Account Mismatch Issues
• Change Management Failure
• Server Name and IP Address Changes
• Location Changes
• Version and Feature Mismatch
• Automation Tool Incompatibility
• Job Validation Issues

Module 15

Identify Connectivity Issues

• Logical Issues
• QoS Issues
• Misconfigured VLAN/VXLAN
• Misconfigured Firewall Rules
• Insufficient Bandwidth
• Latency
• MTUs and MSS

Network Connectivity Tools

• Ping
• Tracert/traceroute
• Arp
• NETSTAT
• Nslookup
• Ipconfig/ifconfig
• Rout
• Ssh
• Tcpdump
• telnet

Module 16

Troubleshoot Identity and Access Issues

• Authentication issues
• Authorization Issues
• Federation and SSO Issues
• Certificate Issues
• Incorrect Identity and Access Hardening Settings

24
External Attacks
• DoS
• Malicious code-based DoS attack
• Malware
• Exploitation tools
• Cloud-based attacks

Internal Attacks
• Policy violation
• Social media and personal messaging use
• Social engineering
• Insider threat

With privilege escalation, the user is able to obtain access to additional resources or
functionality which they are normally not allowed access to.
Vertical privilege escalation , also called privilege elevation, occurs when a user can perform functions
that are not normally assigned to their role or explicitly permitted.

An attack vector is the method that an attack takes; elements that can contribute to an attack vector”
• Vulnerabilities
• Exploits
• Techniques

Other Security Issues

• Unencrypted Communication
• Unauthorized Physical Access
• Unencrypted Data
• Weak or Obsolete Security Technologies
• Insufficient Security Controls and Processes
• Tunneling or Encryption Issues
• Security Device Failure

25