Week 9 Posting - Managing Cloud Capacity and Performance

This week, the class and I learned how to manage cloud capacity and performance. One of our weekly objectives is to describe the relevance of events and data in monitoring cloud resources. During my readings, I want to point out the importance of utilizing a syslog and its priority on data gathering.

            Whether it’s on site or in the cloud, Syslog is the protocol for managing event data logs and sending them to their respected storage location. This protocol collects and stores logging transactions and history information. Event message format, transmission, and handling are three main components to the syslog infrastructure (West, 2022, pp. 361-362). The format is structured with types of data to allow syslog to be used in a variety of environments. The transmission is majority focused on data movement across networks. The handling aspect is for creating and analyzing the event messages.

            Two servers the Syslog uses for logging events are the generator and collector. The generator creates syslog messages and transactions from a file and moves them to the collector that gathers these messages (West, 2022, p. 362).

 

West, J. (2022b). CompTIA Cloud+ Guide to Cloud Computing. Course Technology.

Week 8 Posting - Cloud Storage

This week, the class and I went over the topic of cloud storage and identifying multiple types of data types stored in the cloud. In the realm of cloud security, it’s essential to classify data in a form of different axes. I want to argue that prioritizing different organizational methods will increase security that store these data. During our reading, I learned about 4 types of data classification axis: sensitivity, compliance, lifecycle, and visibility (West, 2022, p. 337). Sensitivity controls who can access the data and whether it can be accessed remotely or strictly on-premises. Compliance proposes the standards and regulations of data storage and movement. Encryption is one of the main topics in this axis. Lifecycle is focused on the duration of data in the specific storage. Lastly, visibility is centered on monitoring data and tracking any sort of movement and transactions.

West, J. (2022b). CompTIA Cloud+ Guide to Cloud Computing. Course Technology.

Week 7 Posting - Identity and Access Management

 

This week, the class and I learned about identity and access management. We learned how to evaluate account manage requirements and other technical concerns. During my studies, I learned about common identity and access management (IAM) issues that may hinder and negatively impact performance and productivity. When it comes to issues related to authentication, there are three common areas of impact: expired certificates, misconfigured certificate, and federation /single sign-on issues (West, 2022, p. 288). When certificates expire, it’s common for the system to send a friendly reminder to the user that they’ll expire within a certain duration. In some cases, the certificates will need to be renewed manually. Checking the expiration date of a certificate can help the users to acknowledge when it’ll be time to renew it. In some cases, users attempt the wrong certificate to access or perform a command in the system. If that’s the case, go to the root and configure it correctly. Lastly, mistyping is a common problem when signing to a system. Ensure the credentials are correct and there’s no blockage between the SSO service and service provider’s app (West, 2022, p. 288).

West, J. (2022b). CompTIA Cloud+ Guide to Cloud Computing. Course Technology.

Week 6 Posting - Securing Cloud Resources

 

This week, the class and I learned about securing cloud resources and identifying different types of threats to cloud security. System misconfiguration occurs when an application is configured improperly or are missing certain settings or guidelines. This creates a ripple effect that exposes weak spots in the system for threat actors to take advantage of. There are common security weak spots that IT professionals should consider when a security issue arrives: unencrypted data and communications, obsolete security technologies, incorrect hardening settings, security device failure, insufficient security controls and processes, and unauthorized physical access (West, 2022, p. 249). To fix these misconfigurations, the team must consider identifying the root of the problem, evaluate the severity, implement correction, and document the situation. The reason for documenting is for future reference, meaning if this situation occurs again, the team will be prepared.

West, J. (2022b). CompTIA Cloud+ Guide to Cloud Computing. Course Technology.

Week 5 Posting - Cloud Connectivity and Troubleshooting

This week, the class went out cloud connectivity and troubleshooting. We learned how VLANs and common network connectivity tools work. I want to shed to light a recent technology that addresses the weaknesses of VLANs in a cloud computing atmosphere called VXLAN or virtual extensible LAN).

This overlay technology creates an “extended” virtual network on top of the current infrastructure. In terms of the OSI model, it is adding a layer 2 overlay structure above layer 3 (West, 2022, p. 183). The VXLAN header is inserted between the outer UDP header and original layer 2 frame. The header itself consist of the VXLAN flags and VXLAN network ID. An optimal time to use VXLAN is when the users need to accomplish any type of network segmentation that goes beyond what the original can deliver since VXLAN enables up to 16 million virtual networks.

West, J. (2022b). CompTIA Cloud+ Guide to Cloud Computing. Course Technology.