CompTIA, Security+

Is CompTIA SY0-101 dumps exam really hard? “SECURITY+ CERTIFICATION” is the name of CompTIA SY0-101 exam dumps which covers all the knowledge points of the real CompTIA exam. Free download real CompTIA Security+ SY0-101 dumps exam q&as 100% pass with a high score youtube training. Pass4itsure CompTIA SY0-101 dumps exam questions answers are updated (600 Q&As) are verified by experts.

The associated certifications of SY0-101 dumps is CompTIA Security+. The qualification can come up along with the considerable https://www.pass4itsure.com/SY0-101.html dumps practice test clearing techniques that provides an easy way to pave the difficult task.

Exam Code: SY0-101
Exam Name: SECURITY+ CERTIFICATION
Q&As: 600

[2017-11-NEWS CompTIA SY0-101 Dumps From Google Drive]: https://drive.google.com/open?id=1UbxjiLfwbMkhK-tJZXxrgjaZN6Qh3VBH

[2017-11-NEWS JK0-016 Dumps From Google Drive]: https://drive.google.com/open?id=1N4BFOCf4jtaow1miQwWkz4UhXkZ2I1Za

SY0-101 dumps

Pass4itsure Latest and Most Accurate CompTIA SY0-101 Dumps Exam Q&As:

1. A VPN typically provides a remote access link from one host to another over:
A. an intranet.
B. a modem.
C. a network interface card.
D. the Internet.
SY0-101 exam Answer: D
2. IPSec uses which of the following protocols to provide traffic security? (Select TWO).
A. SSH
B. AH
C. PPTP
D. SSL E.
L2TP
F. Encapsulating Security Protocol (ESP)
Answer: BF
3. The employees at a company are using instant messaging on company networked computers. The
MOST important security issue to address when using instant messaging is that instant messaging:
A. communications are a drain on bandwidth.
B. communications are open and unprotected.
C. has no common protocol.
D. uses weak encryption.
SY0-101 dumps Answer: B
4. Which of the following would be BEST to do when network file sharing is needed? (Select TWO).
A. Allow read permissions only for unauthenticated users.
B. Create local users who have no access to the shares.
C. Allow access to administrators only.
D. Place the share on a different volume than the operating system.

E. Set a disk quota.
Answer: DE
5. Which of the following programming techniques should be used to prevent buffer overflow attacks?
A. Input validation
B. Nested loops
C. Signed applets
D. Automatic updates
SY0-101 pdf Answer:A
6. A large company wants to deploy an FTP server to support file transfers between business customers
and partners. Which of the following should the security specialist consider before making these changes?
A. FTP can be deployed on an isolated server but is unencrypted.
B. FTP can consume significant bandwidth.
C. FTP facilitates business-to-business file transfers and has few risks.
D. FTP transfers data in an unencrypted format.
Answer: D
7. WEP uses which of the following stream ciphers?
A. RC2
B. RC4
C. IKE
D. 3DES
SY0-101 vce Answer: B
8. A common tool used for wireless sniffing and war driving is:
A. S/MIME.
B. Sam Spade.
C. NetStumbler.

D. NESSUS.
Answer: C
9. Which of the following is a common type of attack on web servers?
A. Birthday
B. Buffer overflow
C. Spam
D. Brute force
SY0-101 exam Answer: B
10. Which of the following would be needed to ensure that a user who has received an email cannot claim
that the email was not received?
A. Anti-aliasing
B. Data integrity
C. Asymmetric cryptography
D. Non-repudiation
Answer: D
11. Spam is considered a problem even when deleted before being opened because spam:
A. verifies the validity of an email address.
B. corrupts the mail file.
C. wastes company bandwidth.
D. installs Trojan horse viruses.
SY0-101 dumps Answer: C
12. In order to secure web-based communications, SSL uses: (Select TWO).
A. PPP.
B. IPSec.
C. Public-key cryptography.
D. Blowfish encryption.

E. Symmetric cryptography.
F. Challenge Handshake Authentication Protocol (CHAP).
Answer: CE
13. A URL for an Internet site begins with ‘https:’ rather than ‘http:’ which is an indication that this web site
uses:
A. Kerberos.
B. PGP.
C. PKI.
D. SSL.
SY0-101 pdf Answer: D
14. To reduce vulnerabilities on a web server, an administrator should adopt which of the following
preventative measures?
A. Use packet sniffing software on all inbound communications.
B. Apply the most recent manufacturer updates and patches to the server.
C. Enable auditing on the web server and periodically review the audit logs.
D. Block all Domain Name Service (DNS) requests coming into the server.
Answer: B
15. A VPN is needed for users to connect to a remote site and the VPN must be transparent to the user.
Which of the following VPN models would be BEST to use?
A. Gateway to Gateway
B. Host to Host
C. Host to Gateway
D. Gateway to Host
SY0-101 vce Answer:A
16. A web page becomes unresponsive whenever the embedded calendar control is used. Which of the
following types of vulnerabilities is occurring?
A. Common Gateway Interface (CGI)

B. ActiveX
C. Cross-site scripting
D. Cookies
Answer: B
17. A company is upgrading the network and needs to reduce the ability of users on the same floor and
network segment to see each other’s traffic. Which of the following network devices should be used?
A. Router
B. Hub
C. Switch
D. Firewall
SY0-101 exam Answer: C
18. Which of the following would be the MOST important reason to apply updates?
A. Software is a licensed product and the license will expire if not updated.
B. Software is a supported product and vendors won’t support the product if the latest version is not
installed.
C. Software is a productivity facilitator and as new functionality is available the functionality must be
enabled.
D. Software is inherently insecure and as new vulnerabilities are found the vulnerabilities must be fixed.
Answer: D
19. Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
A. Application-proxy
B. Network address translation (NAT)
C. Packet filters
D. Stateful inspection
SY0-101 dumps Answer:A
20. A company implements an SMTP server on their firewall. This implementation would violate which of
the following security principles?

A. Keep the solution simple.
B. Use a device as intended.
C. Create an in-depth defense.
D. Address internal threats.
Answer: B

Considering there are unlimited tutorials and guess exam sheets are accessible; that is leading to developing the success ratio and reduces the opportunities of failure. SY0-101 dumps at qualification had been launched to boost the efficiency and manageability of based mostly software’s, the company has launched many https://www.pass4itsure.com/SY0-101.html dumps answers to update the know-how.

Read More Youtube:https://youtu.be/Uoh8VPqEj20

CompTIA, Security+

Real and Updated Exam Questions & Answers

comptia-security-sy0401-practice-test-questions-2-638

SY0-401 VCE

Question 28
Which of the following controls should critical application servers implement to protect themselves from other potentially compromised application services?
A. NIPS
B. Content filter
C. NIDS
D. Host-based firewalls
Correct Answer: D
Explanation
Question 29
Which of the following is a directional antenna that can be used in point-to-point or point-to-multi-point WiFi communication systems? (Select TWO).
A. Backfire
B. Dipole
C. Omni
D. PTZ
E. Dish
Correct Answer: AE

 

QUESTION 30
A large bank has moved back office operations offshore to another country with lower wage costs in an attempt to improve profit and productivity. Which of the following would be a customer concern if the offshore staff had direct access to their data?
A. Service level agreements
B. Interoperability agreements
C. Privacy considerations
D. Data ownership
Correct Answer: C   200-355 dumps

Question 31
Which of the following are examples of detective controls?
A. Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall.
Correct Answer: C

QUESTION 32
Which of the following attacks impact the availability of a system? (Select TWO).
A. Smurf
B. Phishing
C. Spim
D. DDoS
E. Spoofing
Correct Answer: A, D

QUESTION 33
Which of the following types of technologies is used by security and research personnel for identification and analysis of new security threats in a networked environment by using false data/hosts for information collection?
A. Honeynet
B. Vulnerability scanner
C. Port scanner
D. Protocol analyzer
Correct Answer: A

maxresdefault-1

 

Get CompTIA SY0-401 Best Coaching

Instructor-led CompTIA SY0-401 exam coaching, especially coaching that leads to certification usually contains some type of hands-on work whether through an exclusive atmosphere or with actual devices and software. The main advantage of this is that you get to learn, play and research with new technological innovation in a non-production atmosphere. This permits to obtain new information faster that you can bring back to your workplace. CompTIA SY0-401 vce certification exams usually become more advanced and difficult the longer they have been out, so there is no time like the existing to get began.

Get Employed and be Dynamic, Faster for SY0-401 Exam

CompTIA SY0-401 certifications power new and useful professions. CompTIA SY0-401 Qualified Professionals spend shorter period interviewing and a longer period driving value. Including CompTIA SY0-401 dumps certification to your CV helps you take a position out and get hired—quicker. In some cases, certification has permitted choosing supervisors to complete roles 25% more quickly. What’s more, certified new employs are fully effective an entire month earlier than their uncertified colleagues. This level of efficiency makes your impact and skills clearly take a position out.

Having CompTIA SY0-401 certification will certainly provide you with a benefits when choosing supervisors look at your continue. Competitors for IT tasks can be firm, and having CompTIA SY0-401 pdf certification is a big benefit in comparison to those who do not have one. Actually, CompTIA SY0-401 certification can be a professional for a job. Remember that when two otherwise equivalent applicants are competing for the same job, the one who has CompTIA SY0-401 certification will have the advantage over the applicant that does not. A CompTIA SY0-401 exam certification may do nothing more than getting your continue a second look – which may be more than competition, gets.

SY0-401 Free Demo Download: http://www.examprepwebinar.com/sy0-401-exam-prep-guaranteed-comptia-pass-results.html

For More Details:  http://www.examprepwebinar.com/microsoft-070-410-exam-questions-and-answers.html

Read More: https://youtu.be/3kGVw2UQAsg

CompTIA, Security+

In the past few years, CompTIA SY0-401 exam questions and answers has become an influenced computer skills certification exam. However, how to pass CompTIA SY0-401 Questions and answers quickly and simply? Our ITCertMaster can always help you solve this problem quickly. In Lead4sure we provide the CompTIA SY0-401 dumps questions and answers training tools to help you pass the exam successfully. The CompTIA SY0-401 pdf questions and answers training tools contains the latest studied materials of the exam supplied by IT experts.

SY0-401 exam

QUESTION 65
Ann is a member of the Sales group. She needs to collaborate with Joe, a member of the IT group, to edit a file. Currently, the file has the following permissions: Ann: read/write
Sales Group: read
IT Group: no access
If a discretionary access control list is in place for the files owned by Ann, which of the following would be the BEST way to share the file with Joe?
A. Add Joe to the Sales group.
B. Have the system administrator give Joe full access to the file.
C. Give Joe the appropriate access to the file directly.
D. Remove Joe from the IT group and add him to the Sales group.
Correct Answer: C Explanation
QUESTION 66
A company would like to take electronic orders from a partner; however, they are concerned that a non-authorized person may send an order. The legal department asks if there is a solution that provides non-repudiation. Which of the following would meet the requirements of this scenario?
A. Encryption
B. Digital signatures
C. Steganography
D. Hashing
E. Perfect forward secrecy
Correct Answer: B Explanation
QUESTION 67
The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
A. Unannounced audit response
B. Incident response process
C. Business continuity planning
D. Unified threat management
E. Disaster recovery process
Correct Answer: B Explanation  70-697 exam
QUESTION 68
An organization must implement controls to protect the confidentiality of its most sensitive data. The company is currently using a central storage system and group based access control for its sensitive information. Which of the following controls can further secure the data in the central storage system?
A. Data encryption
B. Patching the system
C. Digital signatures
D. File hashing
Correct Answer: A Explanation QUESTION 69
A network administrator, Joe, arrives at his new job to find that none of the users have changed their network passwords since they were initially hired. Joe wants to have everyone change their passwords immediately. Which of the following policies should be enforced to initiate a password change?
A. Password expiration
B. Password reuse
C. Password recovery
D. Password disablement
Correct Answer: A Explanation
QUESTION 70
Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?
A. Deploy a HIDS suite on the users’ computers to prevent application installation.
B. Maintain the baseline posture at the highest OS patch level.
C. Enable the pop-up blockers on the users’ browsers to prevent malware.
D. Create an approved application list and block anything not on it.
Correct Answer: D Explanation

SY0-401 exam
QUESTION 71
Which of the following should be used to authenticate and log connections from wireless users connecting with EAP-TLS?
A. Kerberos
B. LDAP
C. SAML
D. RADIUS
Correct Answer: D Explanation
QUESTION 72
A security administrator is auditing a database server to ensure the correct security measures are in place to protect the data. Some of the fields consist of people’s first name, last name, home address, date of birth and mothers last name. Which of the following describes this type of data?
A. PII

B. PCI
C. Low
D. Public
Correct Answer: A Explanation: http://sy0-401dumps.deviantart.com/journal/Get-Up-to-Date-Lead4pass-SY0-401-Dumps-652614282
QUESTION 73
Which of the following would be MOST appropriate if an organization’s requirements mandate complete

Lead4sure  become more important than ever in today’s highly competitive world, these things mean a different future. CompTIA SY0-401 vce will be a milestone in your career, and may dig into new opportunities, but how do you pass CompTIA SY0-401 pdf ? Do not worry, help is at hand, with Lead4sure you no longer need to be afraid. Lead4sure CompTIA SY0-401 dumps and answers is the pioneer in exam preparation.

Read More:  http://www.pass4sureshop.com/ccna-200-120-dumps-pdf-2016-download.html

Article Link: http://www.cert4sure.net/pass-reliable-cisco-210-060-pdf-exam-with-full-confidence.html

More Details: http://www.exampass.net/the-comptia-sy0-401dumps.html

200-105

CompTIA, CompTIA Cloud Essentials

CLOUD
CompTIA. Authorized Courseware
for Exam CLO-001

Kirk Hausman
Susan L. Cook
Telmo Sampaio
Senior Acquisitions Editor: Jeff Kellum
Development Editor: Kim Wimpsett
Technical Editors: Kunal Mittal and Sourya Biswas
Production Editor: Rebecca Anderson
Copy Editor: Judy Flynn
Editorial Manager: Pete Gaughan
Production Manager: Tim Tate
Vice President and Executive Group Publisher: Richard Swadley
Vice President and Publisher: Neil Edde
Book Designer: Happenstance Type-O-Rama
Proofreader: Dawn Adams
Indexer: Robert Swanson
Project Coordinator, Cover: Katherine Crocker
Cover Designer: Ryan Sneed
Cover Image: . iStockphoto.com / Aleksandar Velasevic

Copyright . 2013 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada

ISBN: 978-1-118-40873-5
ISBN: 978-1-118-43251-8 (ebk.)
ISBN: 978-1-118-41794-2 (ebk.)
ISBN: 978-1-118-65482-8 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any
means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections
107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or
authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood
Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should
be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030,

(201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and speci.cally disclaim all warranties, including without limitation warranties of .tness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situa-tion. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2012949695
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its af.liates, in the United States and other countries, and may not be used without written permis-sion. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
10 9 8 7 6 5 4 3 2 1

Dear Reader,
Thank you for choosing Cloud Essentials. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.
Sybex was founded in 1976. More than 30 years later, we’re still committed to producing consistently exceptional books. With each of our titles, we’re working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available.
I hope you see all that re.ected in these pages. I’d be very interested to hear your comments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected] If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.
Best regards,

Neil Edde Vice President and Publisher Sybex, an Imprint of Wiley
To my two wonderful children and my bride
(who married me even amidst this book’s creation).
—Kirk Hausman

To Jonathan and Cassandra.
—Susan Cook

To my half brother Fernando Barros. For being there for
me during my teenage years. For listening to me and my
problems even when he had his own to take care of. You
were an uncle, a friend, and a brother. I love you and will
always carry you in my heart. I know you are up there in
a cloud somewhere looking down at us. Rest in peace.
—Telmo Sampaio
About the Authors

Kirk Hausman has been an IT professional for more than 20 years, working in state government, health care, and higher education and as an enterprise archi-tect and security consultant. He is the co-author of IT Architecture for Dummies (Wiley, 2010) and the upcoming 3D Printing for Dummies (Wiley, 2013). Kirk teaches information security, digital forensics, and networking, and his research includes social media management, cyberterrorism, additive manufacturing (3D printing), and strategies for developing interest in young learners toward STEM subjects. He has facilitated cloud initiatives using Amazon EC2, Azure, and high-performance computing technologies. Kirk holds a master’s degree in information technology and a range of professional certi. cations, including PMP, CGEIT, CISSP, CISA, CISM, and CRISC. Kirk can be reached via kkhausman @hotmail.com.
Susan Cook has been an IT professional for over 15 years and has professional experience in higher education, state government, and .nancial sectors. Prior to her career in IT, she worked as a compliance auditor and as a licensed pri-vate investigator. She is the coauthor of IT Architecture for Dummies (Wiley, 2010), and her educational projects include bachelor’s level course development in networking and network security. She is currently employed by Texas A&M University and specializes in enterprise risk assessment and compliance. She has master’s degrees in information technology and security management and several IT certi.cations, including ISACA’s Certi.ed Information Systems Auditor (CISA) and Certi.ed in Risk and Information Systems Control (CRISC). Susan can be reached at [email protected]
Telmo Sampaio is the chief geek for MCTrainer.NET and TechKnowLogical, specializing in System Center, SharePoint, SQL, and .NET. Telmo wrote his . rst application in 1984, with the intent of demonstrating physics concepts to his fel-low classmates. His passion for technology and teaching made him a self-taught developer from an early age. In 1989 he moved to Wellesley, Massachusetts, when his father was transferred to work in Boston for a year. He kept developing appli-cations to demonstrate science and math concepts and decided to remain in the United States after his family left. In 1990, while still in high school, he was hired by IBM to demonstrate its most powerful CAD application, CATIA, to corporate customers like Boeing. In 1991 he moved back to Brazil and studied systems analysis at PUC/RJ. When Microsoft extended its Microsoft Certi. cation program to Brazil, Telmo was one of the .rst in the country to become certi.ed. In 1994 he started teaching Microsoft classes. Soon he was managing the largest training center in Latin America, after having worked for Microsoft in Brazil as a techni-cal account manager. To date he has been certi.ed in over 20 different Microsoft products, passing over 80 exams. After moving back to the United States in 2003, Telmo became a contributor to several Microsoft certi.cation exams, an author for of.cial courseware, and a speaker at events such as TechEd, PASS, and MMS.

Acknowledgments

Just as technologies in the cloud involve many different components to pro-vide the .nal product to the consumer, so too does a book like this require the dedication and focused effort of many whose names are not presented on the cover. I would .rst like to thank my coauthors, Susan Cook and Telmo Sampaio, but also the many excellent people at Sybex who took my rough material and polished it into a gem for readers: our acquisitions editor, Jeff Kellum; develop-ment editor, Kim Wimpsett; production editor, Rebecca Anderson; and the many other editorial reviewers that are simply amazing in what they do. I offer thanks to my good friend and literary agent, Carole Jelen, whose efforts provide me the chance to work with so many amazing people on so many exciting topics.
—Kirk Hausman
It is amazing to me how many people contribute to the creation of a published work. They all deserve thanks, but I’m particularly grateful to a special few at Sybex—Jeff Kellum in his dual role as acquisitions editor and chief cat herder, development editor Kim Wimpsett, and production editor Rebecca Anderson. I would also like to thank my agent, Carole Jelen, and my coauthors, Kirk Hausman and Telmo Sampaio, for all their hard work.
—Susan Cook
I would like to acknowledge the amazing contribution of my best friend and gorgeous wife, Jo Sampaio, who spent countless nights caring for the kids so that I could .nish this book. Without her support and understanding I would not be where I am today. My boys, Marco, Rafael and Enzo, for being supportive and giving up a bit of dad time. And my family back home in Brazil, who pretend to understand what I write about.
—Telmo Sampaio

Contents at a Glance

CompTIA Certi. cation xiii Introduction xvii
CHAPTER 1 What Is Cloud Computing? 1 CHAPTER 2 Cloud Models 15 CHAPTER 3 Service Models 29 CHAPTER 4 Current Cloud Technologies 47 CHAPTER 5 Cloud Business Value 75 CHAPTER 6 Cloud Infrastructure Planning 87 CHAPTER 7 Strategies for Cloud Adoption 105 CHAPTER 8 Applications in the Cloud 119 CHAPTER 9 Cloud Service Rollout 141 CHAPTER 10 Cloud Service-Level Management 157 CHAPTER 11 Security in the Cloud 177 CHAPTER 12 Privacy and Compliance 197 APPENDIX A Future of the Cloud 211 APPENDIX B Answers to Review Questions 217 APPENDIX C CompTIA’s Certi. cation Program 233 APPENDIX D EXIN’s Certi. cation Program 239
Glossary 245 Index 257

Contents

Chapter . Chapter .Chapter .Chapter . CompTIA Certi. cation xiii Introduction xvii What Is Cloud Computing? 1 De.ning Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Understanding Distributed Application Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Understanding Resource Management Automation . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Understanding Virtualized Computing Environments. . . . . . . . . . . . . . . . . . . . . . . . 8 Understanding High-Performance Computing Models. . . . . . . . . . . . . . . . . . . . . . . . 9 Understanding Cloud Computing Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Cloud Models 15 Evolving from Virtualization to the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Planning Organizational Roles in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Identifying Cloud Deployment Models and Scope Modi.ers . . . . . . . . . . . . . . . . . . 21 Cloud Deployment Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Model Scope Modi.ers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Including Future Cloud Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Service Models Categorizing Cloud Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Examining Software as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Examining Platform as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Examining Infrastructure as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Identifying Emerging Cloud Database Capabilities. . . . . . . . . . . . . . . . . . . . . . . . . . 41 Sharding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Database Pro.ling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 De.ning Everything as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Current Cloud Technologies
Comparing Traditional Technologies and Cloud Alternatives . . . . . . . . . . . . . . . . . 47 Accessing the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Networking in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Web Access Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Leveraging Software as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Personal Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Enterprise Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Cloud-Speci.c Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . 63 Developing within Platform as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Implementing Infrastructure as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Empowering Mobile Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Chapter . Cloud Business Value 75
Identifying Business Drivers for Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . 75 Reducing Costs and Increasing Ef.ciency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Increasing Organizational Agility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Examining the Business Impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Evaluating Cloud Computing Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Identifying Value Now and in the Future . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Choosing the Appropriate Cloud Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Making the Right Decision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Chapter . Cloud Infrastructure Planning 87
Understanding Cloud Networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 The Open Systems Interconnection Model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Internet Protocol Version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Network Challenges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Infrastructural Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Leveraging Automation and Self-Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 Understanding Federated Cloud Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Achieving Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Cloud Computing Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Chapter . Strategies for Cloud Adoption 105
Aligning Cloud Deployments with Organizational Goals . . . . . . . . . . . . . . . . . . . . 105
Identifying the Impact of Cloud Adoption to Business Processes . . . . . . . . . . . . . 110 Culture and Business Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Management Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Testing for Readiness. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Understanding the Importance of Service-Level Agreements . . . . . . . . . . . . . . . . 114 Cloud Service-Level Agreements (SLAs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Chapter . Applications in the Cloud 119
Understanding the Role of Standard Applications . . . . . . . . . . . . . . . . . . . . . . . . . 119 Desktop Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Distributed Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 Web-Based Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 Cloud Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Developing Cloud-Ready Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Cloud-Ready Application Patterns. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Cloud-Ready Application Development. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Migrating Applications to the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Preparing for Technical Challenges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Identifying and Mitigating Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Chapter . Cloud Service Rollout 141
Identifying Vendor Roles and Responsibilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Identifying Organizational Skill Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 Software as a Service (SaaS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Platform as a Service (PaaS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Infrastructure as a Service (IaaS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Transitioning to Live Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Preparing for Incident Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Chapter .. Cloud Service-Level Management 157
Understanding ITIL Service Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 ITIL Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Applying ITIL to Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 Planning the Service Strategy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 Planning a Service Desk Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Developing and Utilizing Performance Metrics. . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Running a Cloud Service Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 General Performance Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Implementing Continual Process Improvement. . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Service Evaluation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Process Evaluation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 De.nition of Improvement Initiatives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 CSI Monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Chapter .. Security in the Cloud 177
Understanding Security and Risk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Key Principles of Information Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Risk Management Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Reviewing Security Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Exploring Common Security Risks and Mitigations. . . . . . . . . . . . . . . . . . . . . . . . 184 Application Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Shared Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Insider and Criminal Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Data Exposure and Loss. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Organizational Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Implementing an ISMS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 Responding to Incidents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 Digital Forensics in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Recognizing Security Bene.ts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Chapter .. Privacy and Compliance 197
Identifying Legal Risks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 Records Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Software Licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Audit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Identifying Privacy Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Safe Harbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Managing Identity in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 Federated Identity Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Single Sign-On. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Appendix A: Future of the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 Appendix B: Answers to Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Appendix C: CompTIA’s Certi.cation Program. . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 Appendix D: EXIN’s Certi.cation Program. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
CompTIA Certi. cation
Qualify for Jobs, Promotions and Increased Compensation

The CompTIA Cloud Essentials specialty certi. cation demonstrates that an individual knows what cloud computing means from a business and technical perspective, as well as, at a high level, what is involved in moving to and governing the cloud.
It Pays to Get Certified
In a digital world, digital literacy is an essential survival skill. Certi. cation proves you have the knowledge and skill to solve business problems in virtu-ally any business environment. Certi.cations are highly valued credentials that qualify you for jobs, increased compensation, and promotion.

. Organizations do not have adequate cloud competencies espe-cially infrastructure and service providers. Excellent job opportunities exist and will grow for knowledgeable cloud professionals.
.
The cloud is a new frontier that requires astute personnel who understand the strategic impact of cloud computing on an organization.

.
Research has shown that certi.ed IT professionals score better when tested for their knowledge of foundational principles and skills, and from the employer’s perspective, certi.cation provides solid evidence of successful training.

.
Cloud technologies and business needs are moving faster than organi-zations can adapt. Therefore staff understanding of cloud computing is key for the initial project planning for cloud solutions, and a safe and well-managed implementation of any cloud project.

.
Getting your people up to speed with a fundamental  clo-001 pdf understand-ing of cloud computing enables the whole organization to speak the same language.