Network Access Control and Cloud Security: A Comprehensive Guide, Exams of Biology

A comprehensive overview of network access control (nac) and cloud security, covering key concepts, components, and security risks. It explores various authentication methods, cloud computing models, and security measures for protecting cloud-based databases. Ideal for students and professionals seeking to understand the fundamentals of network security and cloud computing.

Typology: Exams

2024/2025

Available from 11/02/2024

tutor-lee-1
tutor-lee-1 🇺🇸

4.3

(3)

11K documents

1 / 9

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Chapter 16: Network Access
Control and Cloud Security
Network Access Control (NAC) - answer
authenticates users logging into nw and
determines what data they can access & actions
they can perform
Access Requester, Policy Server, Network Access
Server - answer 3 components of NAC system
Access Requester - answer Supplicant, client,
node that's attempting to access nw. (workstation,
server, printer, camera).
Policy server - answer Determines what access
should be granted
Network Access Server - answer Media gateway,
remote access server (RAS). Functions as access
control point for users in remote locations
connecting to nw. May have own auth services or
use policy server's
Network access enforcement methods - answer
Actions applied to AR's to regulate access to nw.
pf3
pf4
pf5
pf8
pf9

Partial preview of the text

Download Network Access Control and Cloud Security: A Comprehensive Guide and more Exams Biology in PDF only on Docsity!

Chapter 16: Network Access

Control and Cloud Security

Network Access Control (NAC) - answer authenticates users logging into nw and determines what data they can access & actions they can perform Access Requester, Policy Server, Network Access Server - answer 3 components of NAC system Access Requester - answer Supplicant, client, node that's attempting to access nw. (workstation, server, printer, camera). Policy server - answer Determines what access should be granted Network Access Server - answer Media gateway, remote access server (RAS). Functions as access control point for users in remote locations connecting to nw. May have own auth services or use policy server's Network access enforcement methods - answer Actions applied to AR's to regulate access to nw.

IEEE 802.1X

VLANS

Firewall DHCP management IEEE 802.1X - answer link layer protocol that enforces authorization before port is assigned an IP address. Uses EAP VLANS - answer NAC system that decides which vlan the AR is directed to based on what it needs (internet access only or more) Firewall - answer Allows or denies nw traffic b/w an enterprise host & external user DHCP management - answer Internet protocol that enables dynamic allocation of IP addresses to hosts. So manages which ip's allowed? Authentication methods - answer EAP, EAP TLS, EAP TTLS, EAP GPSK EAP - answer provides generic transport service for exchange of authentication info between a client and authentication server

5 Elements of Cloud computing - answer broad nw access rapid elasticity measures service on-demand self-service resource pooling Broad network access - answer capabilities are available over the nw and accessed through standard mechanisms Rapid elasticity - answer The ability to quickly increase or decrease the amount of resources required from a cloud provider. Measured service - answer clients can monitor and measure transactions and use of resources on-demand self-service - answer users can increase storage and processing power w/o human interaction with service provider resource pooling - answer The ability of a cloud provider to combine resources from multiple physical computers to appear to be one combined resource that is available to clients.

3 service models - answer SaaS, PaaS, IaaS Software as a Service - answer delivers applications over the cloud using web browser Platform as a Service - answer supports the deployment of entire systems including hardware, networking, and consumer created/acquired applications Infrastructure as a Service (IaaS) - answer delivers hardware networking and processing capabilities, including the use of servers, networking, and storage, over the cloud 4 deployment models - answer public cloud private cloud community cloud hybrid cloud Public cloud - answer The cloud infrastructure is made available to the general publi

information system operations, performance, and security of the cloud implementation. cloud carrier - answer An intermediary that provides connectivity and transport of cloud services from CPs to cloud consumers. cloud provider - answer A company that provides cloud-based platform, infrastructure, application, or storage services to other organizations and/or individuals, usually for a fee. cloud broker - answer An entity that manages the use, performance and delivery of cloud services, and negotiates relationships between CPs and cloud consumers Cloud security risks - answer Abuse and criminal use of cloud computing Malicious insiders Insecure interfaces & APIs Shared Technology issues Data loss or leakage Account/service hijacking Unknown Risk Profile

Abuse and criminal use of cloud computing - answer CM: stricter registration & validation process, intrusion detection, monitor public blacklists Malicious insiders - answer CM: comprehensive assessment of cloud service providers, legal contracts, transparency Insecure interfaces and API's - answer CM: analyze security model of CP interface & ensure authentication & access control Shared technology issues - answer CM: implement security best practices, strong access control, vulnerability scanning Data loss or leakage - answer CM: strong api access control, encryption account/service hijacking - answer CM: don't share account credentials, intrusion detection, 2 factor auth