





Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive overview of network access control (nac) and cloud security, covering key concepts, components, and security risks. It explores various authentication methods, cloud computing models, and security measures for protecting cloud-based databases. Ideal for students and professionals seeking to understand the fundamentals of network security and cloud computing.
Typology: Exams
1 / 9
This page cannot be seen from the preview
Don't miss anything!






Network Access Control (NAC) - answer authenticates users logging into nw and determines what data they can access & actions they can perform Access Requester, Policy Server, Network Access Server - answer 3 components of NAC system Access Requester - answer Supplicant, client, node that's attempting to access nw. (workstation, server, printer, camera). Policy server - answer Determines what access should be granted Network Access Server - answer Media gateway, remote access server (RAS). Functions as access control point for users in remote locations connecting to nw. May have own auth services or use policy server's Network access enforcement methods - answer Actions applied to AR's to regulate access to nw.
Firewall DHCP management IEEE 802.1X - answer link layer protocol that enforces authorization before port is assigned an IP address. Uses EAP VLANS - answer NAC system that decides which vlan the AR is directed to based on what it needs (internet access only or more) Firewall - answer Allows or denies nw traffic b/w an enterprise host & external user DHCP management - answer Internet protocol that enables dynamic allocation of IP addresses to hosts. So manages which ip's allowed? Authentication methods - answer EAP, EAP TLS, EAP TTLS, EAP GPSK EAP - answer provides generic transport service for exchange of authentication info between a client and authentication server
5 Elements of Cloud computing - answer broad nw access rapid elasticity measures service on-demand self-service resource pooling Broad network access - answer capabilities are available over the nw and accessed through standard mechanisms Rapid elasticity - answer The ability to quickly increase or decrease the amount of resources required from a cloud provider. Measured service - answer clients can monitor and measure transactions and use of resources on-demand self-service - answer users can increase storage and processing power w/o human interaction with service provider resource pooling - answer The ability of a cloud provider to combine resources from multiple physical computers to appear to be one combined resource that is available to clients.
3 service models - answer SaaS, PaaS, IaaS Software as a Service - answer delivers applications over the cloud using web browser Platform as a Service - answer supports the deployment of entire systems including hardware, networking, and consumer created/acquired applications Infrastructure as a Service (IaaS) - answer delivers hardware networking and processing capabilities, including the use of servers, networking, and storage, over the cloud 4 deployment models - answer public cloud private cloud community cloud hybrid cloud Public cloud - answer The cloud infrastructure is made available to the general publi
information system operations, performance, and security of the cloud implementation. cloud carrier - answer An intermediary that provides connectivity and transport of cloud services from CPs to cloud consumers. cloud provider - answer A company that provides cloud-based platform, infrastructure, application, or storage services to other organizations and/or individuals, usually for a fee. cloud broker - answer An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between CPs and cloud consumers Cloud security risks - answer Abuse and criminal use of cloud computing Malicious insiders Insecure interfaces & APIs Shared Technology issues Data loss or leakage Account/service hijacking Unknown Risk Profile
Abuse and criminal use of cloud computing - answer CM: stricter registration & validation process, intrusion detection, monitor public blacklists Malicious insiders - answer CM: comprehensive assessment of cloud service providers, legal contracts, transparency Insecure interfaces and API's - answer CM: analyze security model of CP interface & ensure authentication & access control Shared technology issues - answer CM: implement security best practices, strong access control, vulnerability scanning Data loss or leakage - answer CM: strong api access control, encryption account/service hijacking - answer CM: don't share account credentials, intrusion detection, 2 factor auth