Download CompTIA Cloud+ Vocabulary study Guide and more Exams Computer Science in PDF only on Docsity! CompTIA Cloud+ Vocabulary study Guide Triple Data Encryption Standard (3DES) - โ A symmetrical cipher. Three encryption keys of various lengths are used. The first key is used to encrypt a block of data, a second key is then used to decrypt the block, and a third key is used to encrypt it again. This triple encryption function on each block of data is reversed to decrypt the data. Address Resolution Protocol (ARP) - โ The protocol that determines the mapping of an IP address to the physical MAC address on a local network. Advanced Encryption Standard (AES) - โ This is a symmetrical block cipher. Approved and adopted by many governments, including the United States and Canada, to encrypt sensitive data. Adopted as a standard by the National Institute of Standards and Technology. anomaly - โ A metric that is either above or below your expectations. application life cycle - โ The management of a software application from the initial planning stages through to its retirement. application programming interface (API) - โ The means to programmatically access, control, and configure a device between different and discrete software components. asynchronous replication - โ Writes the data to the primary storage location and then later sends copies to the remote replicas. With asynchronous replication, there will be a delay as the data is copied to the backup site and becomes consistent because it uses a store-and-forward design. authentication - โ The process of determining the identity of a client usually by a login process. automation - โ Software systems operating in a cloud provider's data center that automate the deployment and monitoring of cloud offerings. autoscaling - โ The dynamic process of adding and removing cloud capacity. availability - โ Percentage of service uptime. It is the total uptime versus the total time. availability zones - โ Isolated locations within data center regions that public cloud services originate and operate. backup target - โ The endpoint or storage system where the backup data is to be stored. backup window - โ The time available for the backup operation to run while the target storage system is either offline or lightly used. bare metal - โ Server hardware including motherboards and storage, processing, and networking components. A bare-metal server does not run a hypervisor. baseline - โ Collected data that provides trend analysis and capacity utilization information measured over time to determine average or expected metrics of a service in normal operation; a point-in-time view of operations that needs to be constantly tracked as part of your ongoing operations. Business Process as a Service (BPaaS) - โ This is when a company outsources to the cloud many business applications, such as inventory, shipping, supply chain finance, and other business software applications. business continuity plan - โ A plan that recognizes there are inherent threats and risks that can have a detrimental effect on a company and that defines how to protect the company assets and be able to survive a disaster. This gives an organization the ability to continue operations and to deliver products and services after an event that disrupts its operations. Communications as a Service (CaaS) - โ It includes cloud-hosted voice, video conferencing, instant messaging, e-mail, collaboration, and other communication services. capacity - โ The end-to-end metric for maximum available network bandwidth and utilized capacity, or rate, from source to destination. It can also be the maximum amount that something can contain or, in the case of cloud resources, the maximum supported capacity of any object or service. change advisory board - โ Supports the change management team by reviewing, sequencing, and approving changes that have been requested; by determining the priorities; and by planning for all upcoming changes. change approvals - โ The process dedicated to approving or denying all change requests submitted by an organization's IT operations. change management - โ The process of managing all aspects of ongoing upgrades, repairs, and reconfigurations. cipher - โ Any method of encrypting data by concealing its readability and meaning. cloud bursting - โ Elasticity model where a primary data center carries the current compute load, and when additional capacity is required, a remote cloud can assist with the load. using a public and private key pair such as DSA to set up an encrypted connection to exchange symmetrical keys. Then the symmetrical keys are used to perform bulk encryption and decryption since they are faster and require less processing. durable storage - โ Storage volumes that retain data if the virtual machine is removed or deleted. elasticity - โ The ability to automatically and dynamically add resources such as storage, CPUs, memory, servers, and network capacity. ephemeral storage - โ Storage volumes that do not retain data if the virtual machine is removed or deleted. event correlation - โ A method or process that make sense out of a large number of reported events from different sources and identifies the relationships between the events. extended metadata - โ An extended list of data that can be attached to a data file for detailed index schemas. extending the scope - โ To add new features and capacity to your cloud deployment. fault tolerance - โ A system that will remain operational even after there has been a degradation of its systems. federations - โ Multiple organizations sharing the same application. The federated identity management approach allows all participants to consolidate resources. Users share a common set of policies and access rights across multiple organizations. Federal Risk and Authorization Management Program (FedRAMP) - โ A U.S. federal government-wide program that outlines the standards for a security assessment, authorization, and continuous monitoring for cloud products and services. file backups - โ Backups of storage folders and files that you selected with your backup software to another storage location for later access. FIPS 140-2 - โ National Institute of Standards and Technology (NIST) publication that coordinates the requirements and standards for cryptography modules. Federal Information Security Management Act (FISMA) - โ It is a U.S. federal law that outlines the framework to protect federal government information, operations, and facilities. File Transfer Protocol (FTP) - โ It is used to send and receive files between systems on a network using a standard command set. File Transfer Protocol Secure (FTPS) - โ The encrypted version of the File TransferProtocol used to securely send and receive encrypted data. Generic Routing Encapsulation (GRE) - โ A standardized network tunneling protocol that is used to encapsulate any network layer protocol inside a virtual link between two locations. GRE is commonly used to create tunnels across a public network that carries private network traffic. graphical user interface (GUI) - โ A graphical representation commonly used to create, configure, manage, and monitor cloud resources and services. harden - โ The process of disabling all unused services, ports, and applications on a server to make it as secure as possible. high availability - โ The ability of a resource to remain available after a failure of a system. Health Insurance Portability and Accountability Act (HIPAA) - โ Defines the standard for protecting medical patient data. Companies that work with protected health information must ensure that all the required physical, network, and process security measures are in place and followed to meet these compliance requirements. horizontal server scalability - โ Server capacity additions to respond to increased server workload. hot site - โ Two fully redundant cloud data centers in sync with each other, with the standby site backing up the primary in real time in the event of a failure. hotfix - โ A software update type that is intended to fix an immediate and specific problem with a quick release procedure. Hypertext Transfer Protocol (HTTP) - โ A communications protocol that is used primarily on web browsers to access World Wide Web servers in the cloud. Hypertext Transfer Protocol Secure (HTTPS) - โ Provides an encrypted connection from the client to the server to protect against the interception of critical information such as e-commerce or banking websites. Infrastructure as a Service (IaaS) - โ The consumer is able to provision processing, storage, networks, and other fundamental computing resources and is able to deploy and run arbitrary software, which can include operating systems and applications. ifconfig - โ A Linux command-line utility used to verify and configure the local networkinterfaces. image backups - โ Copies of complete hard drive volumes. They are also often called disaster backup, cloning, ghosting, image backups, or block-level backups. in-house computing - โ Computing systems hosted and managed by a company. instance initialization time - โ The time required to start a new compute instance. intrusion detection systems (IDSs) - โ Detect suspicious activity on the network in real time, by passively monitoring traffic looking for signatures of network activity that indicate an intrusion based on predefined rule sets, and generate alerts. intrusion prevention systems (IPSs) - โ Detect suspicious activity on the network in real time, by passively monitoring traffic looking for signatures of network activity that indicate an intrusion based on predefined rule sets, and actively shut down the intrusion. IP Security (IPsec) - โ A framework or architecture that uses many different protocols to provide integrity, confidentiality of data, and authentication of data on a TCP/IP network. ipconfig - โ A Windows command-line utility used to verify and configure the local network interfaces. International Organization for Standardization (ISO) 27001 - โ A standard for quality that ensures a cloud provider meets all regulatory and statutory requirements for its product and service offerings. ITAR - โ Restricts information from being disseminated to certain foreign entities that could assist in the import or export of arms. ITAR is a list of data security requirements that cloud companies can certify as being compliant with to meet this U.S. requirement. JavaScript Object Notation (JSON) - โ A lightweight data-interchange format standard that is easily readable and for computing systems to parse and to generate. jitter - โ The variable delay between packets from source to destination. jumbo frame - โ Ethernet frame larger than the standard 1,518 bytes. L2TP - โ A remote access communications protocol that is a common method to connect to a remote device over the Internet load balancing - โ Allows for many servers to share an application load, redundancy, and scalability by allocating traffic to many devices instead of to a single device. load testing - โ Testing that puts a demand or load on your application or compute system and measures the response. something you have, such as a smart card, fingerprint, or a constantly changing token number off an ID card. storage scalability - โ The amount of storage that can be added to increase capacity because of increased workloads. storage total capacity - โ The measurement of storage devices or volume capacity. Service Organization Controls (SOC 3) - โ Report for public disclosure of financial controls and security reporting. netstat - โ Network statistics utility found in Windows and Linux used to see which network connections are open to remote applications. network capacity - โ The available network capacity usually measured by bandwidth. storage area network (SAN) - โ A network that is dedicated to storage traffic and is high speed and highly redundant. network latency - โ The delay, or time, it takes for data to traverse a network; the time measurement of a network packet to travel from source to destination. network time protocol - โ A protocol that allows all devices to synchronize to a central clock, or time service. National Institute of Standards (NIST) - โ National Institute of Standards. This is a U.S. federal organization that defines cloud computing standards and models. nondurable storage - โ Storage volumes that do not retain data if the virtual machine is removed or deleted. Service Organization Controls (SOC 1) - โ Report (also known as SSAE 16 and ISAE 3402). This is a report that outlines controls on a service organization and the internal controls offinancial reporting operations. Service Organization Controls (SOC 2) - โ Report that concerns a business's nonfinancial reporting controls for availability, confidentiality, privacy, processing integrity, and securityof a system. single sign-on (SSO) - โ Allows a user to log in just one time and be granted access rights to multiple systems. Simple Mail Transfer Protocol (SMTP) - โ This is used to send e-mail messages between mail servers. nslookup - โ Windows-based command-line utility used to resolve hostnames to IP addresses using a DNS server. obfuscation - โ A means to complicate, confuse, or bewilder. It is used to hide information in stored data in the cloud. snapshot - โ An instance-in-time image for rollbacks or backups. service level agreement - โ A document that outlines specific metrics and the minimum performance or availability level and outlines the penalties for failing to meet the metrics. object - โ An item that can be accessed and manipulated in the cloud. It is a cloud component where you can define the measurements that are sent to monitoring systems to collect operational data. object ID - โ A pointer to a stored piece of data that is a globally unique identifier. off-premise - โ Computing resources hosted remotely from a company's data center. service provider - โ A company that hosts computing systems and sells computing to consumers. Secure File Transfer Protocol (SFTP) - โ This is a network file exchange protocol that encrypts the data before sending it over the network. Secure Sockets Layer (SSL)/Transport Layer Security (TLS) - โ Protocols that operate on top of TCP and provide an encrypted session between the client and the server. offline storage - โ Storage that requires an administrator to make it available by inserting a tape or other media into a storage system for retrieval. Offline storage can be transported to remote storage facilities or stored in vaults for protection. on-demand - โ The ability of consumers to access self-service portals to create additional cloud services on demand. security policy - โ A document that defines your company's cloud controls, organizational policies, responsibilities, and underlying technologies to secure your cloud deployment. server capacity - โ Usually a measurement of the total number of CPUs, CPU frequency, RAM, and storage capacity. on-premise - โ Creating and hosting cloud services in-house in a private enterprise data center. online storage - โ A storage system that can be accessed at any time without the requirement for a network administrator to mount the media into a storage system. Secure Shell (SSH) - โ A virtual terminal application that supports an encrypted connection to remote devices using a command-line interface. runbooks - โ Software processes that perform automated tasks and responses that simplify and automate repetitive tasks. orchestration - โ Orchestration systems coordinate and process tasks, functions, and workflows of cloud operations without the need for human intervention. orchestration platforms - โ Cloud software used to deploy and manage cloud services. Software as a Service (SaaS) - โ The consumer can use the provider's applications running on a cloud infrastructure. scripting - โ A method of running configuration commands in the cloud to automate cloud deployments and security services. orphaned resources - โ Cloud-based services that are left over when a service terminates and are no longer needed or used. outage time - โ The total time of a single outage measured from when the outage began until it ended. Platform as a Service (PaaS) - โ The consumer is able to deploy onto the cloud infrastructure applications created using programming languages and tools supported by the provider. roll back - โ The process of returning software to a previous state. route command - โ A command-line utility that displays the workstation's or server's local routing tables. RSA - โ An asymmetrical encryption that uses a private key and a public key. PKI is the framework that uses protocols such as RSA for encryption. With PKI and RSA, the common implementation is an asymmetrical protocol using a public and private key pair such as RSA to set up an encrypted connection to exchange symmetrical keys. Then the symmetrical keys are used to perform bulk encryption and decryption since they are faster and require less processing. packet loss - โ The percentage or number of packets that are dropped in the network. setting is distributed across all the drives in the array. RAID 6 can suffer two simultaneous hard drive failures and not lose any data. Redundant Array of Independent Disks, RAID level 0 (RAID 0) - โ A block of data is stored across two or more disks. The file is stored across more than one hard drive. RAID 0 provides no redundancy or error detection, so if one of the drives in a RAID 0 array fails, all data is lost. Redundant Array of Independent Disks, RAID level 0 + 1 (RAID 0+1) - โ Stripes data to be stored first (RAID 0); then the stripe set is written to the mirror (RAID 1). Redundant Array of Independent Disks, RAID level 1 (RAID 1) - โ A complete file is stored on a single disk, and then a second diskcontains an exact copy of the same file stored on the first disk. Random access memory (RAM) - โ A memory resource in a bare-metal server. trigger - โ The process of initiating an event report based on a metric value or threshold that is considered to be outside your baseline. troubleshooting - โ process of diagnosing the cause of an impairment and resolving the issue. ubiquitous access - โ The ability to access cloud services from anywhere in the network from a variety of devices. Unified Communications as a Service (UCaaS) - โ This typically includes voice, video conferencing, instant messaging, e-mail, collaboration, and all other communication services that are hosted in the cloud. variance - โ The measurement of the spread between the baseline and measured result. Virtual Desktop Infrastructure (VDI) - โ This consists of cloud-hosted PC desktops accessed remotely. version update - โ Replacing a software product with a newer version of the same product. Version updates can add new features, bring the system up-to-date, provide a rollup of all previous patches, and improve the product. vertical server scalability - โ Server capacity fluctuations in response to workload fluctuations. This is from additional resources or expansion of an individual server. virtual CPU - โ A physical CPU that has been re-imaged as a virtualized version of the physical CPU and assigned to a virtual machine or VM, in other words, the hardware abstraction of a physical CPU that is a virtualized representation of the CPU. VMs running on the hypervisor will use these virtual CPUs for processing. virtual NICs - โ The hardware abstraction of a physical network interface card that is a virtualized representation of the NIC. VMs running on the hypervisor will use these for network connectivity to a vSwitch. virtual private network (VPN) - โ Allows for a secure encrypted network connection over an insecure network such as the Internet. virtual switch - โ The hardware abstraction of a physical network switch that is a virtualized representation of the switch. The vSwitch runs on the hypervisor and interconnects the VMs to the physical data network. virtualization - โ Hardware abstraction that allows a single piece of physical equipment to be presented to software systems and multiple platforms. Virtual private network (VPN) - โ This is a secure and usually encrypted connection over a public network. vulnerability scanning - โ A software application that is used to find objects in your cloud deployment that can be exploited that are potential security threats. The vulnerability scanner is an application that has a database of known exploits and runs them against your deployment. warm site - โ A disaster recovery backup site where the remote is offline except for critical data storage, which is usually a database. The rest of the site infrastructure needs to be enabled. web server utilization - โ The measurement of load on a web server. This is usually measured in requests per second. well-known port numbers - โ Applications that are assigned their own unique port number in the TCP/IP specification. workflow - โ A series of steps or activities required to complete a task. workflow automation - โ Defines a structured process for a series of actions that should be taken in order to complete a process. workflow services - โ Track a process from start to finish and sequence the applications that are required to complete the process. Everything as a Service (XaaS) - โ This is a complete IT services package that is a combination of many different types of cloud services. Extensible Markup Language (XML) - โ This standard is a flexible way to describe data, create information formats, and electronically share structured data between computing systems.