CompTIA, CompTIA Cloud Essentials

CLOUD
CompTIA. Authorized Courseware
for Exam CLO-001

Kirk Hausman
Susan L. Cook
Telmo Sampaio
Senior Acquisitions Editor: Jeff Kellum
Development Editor: Kim Wimpsett
Technical Editors: Kunal Mittal and Sourya Biswas
Production Editor: Rebecca Anderson
Copy Editor: Judy Flynn
Editorial Manager: Pete Gaughan
Production Manager: Tim Tate
Vice President and Executive Group Publisher: Richard Swadley
Vice President and Publisher: Neil Edde
Book Designer: Happenstance Type-O-Rama
Proofreader: Dawn Adams
Indexer: Robert Swanson
Project Coordinator, Cover: Katherine Crocker
Cover Designer: Ryan Sneed
Cover Image: . iStockphoto.com / Aleksandar Velasevic

Copyright . 2013 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada

ISBN: 978-1-118-40873-5
ISBN: 978-1-118-43251-8 (ebk.)
ISBN: 978-1-118-41794-2 (ebk.)
ISBN: 978-1-118-65482-8 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any
means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections
107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or
authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood
Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should
be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030,

(201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and speci.cally disclaim all warranties, including without limitation warranties of .tness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situa-tion. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2012949695
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its af.liates, in the United States and other countries, and may not be used without written permis-sion. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
10 9 8 7 6 5 4 3 2 1

Dear Reader,
Thank you for choosing Cloud Essentials. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching.
Sybex was founded in 1976. More than 30 years later, we’re still committed to producing consistently exceptional books. With each of our titles, we’re working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available.
I hope you see all that re.ected in these pages. I’d be very interested to hear your comments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected] If you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex.
Best regards,

Neil Edde Vice President and Publisher Sybex, an Imprint of Wiley
To my two wonderful children and my bride
(who married me even amidst this book’s creation).
—Kirk Hausman

To Jonathan and Cassandra.
—Susan Cook

To my half brother Fernando Barros. For being there for
me during my teenage years. For listening to me and my
problems even when he had his own to take care of. You
were an uncle, a friend, and a brother. I love you and will
always carry you in my heart. I know you are up there in
a cloud somewhere looking down at us. Rest in peace.
—Telmo Sampaio
About the Authors

Kirk Hausman has been an IT professional for more than 20 years, working in state government, health care, and higher education and as an enterprise archi-tect and security consultant. He is the co-author of IT Architecture for Dummies (Wiley, 2010) and the upcoming 3D Printing for Dummies (Wiley, 2013). Kirk teaches information security, digital forensics, and networking, and his research includes social media management, cyberterrorism, additive manufacturing (3D printing), and strategies for developing interest in young learners toward STEM subjects. He has facilitated cloud initiatives using Amazon EC2, Azure, and high-performance computing technologies. Kirk holds a master’s degree in information technology and a range of professional certi. cations, including PMP, CGEIT, CISSP, CISA, CISM, and CRISC. Kirk can be reached via kkhausman @hotmail.com.
Susan Cook has been an IT professional for over 15 years and has professional experience in higher education, state government, and .nancial sectors. Prior to her career in IT, she worked as a compliance auditor and as a licensed pri-vate investigator. She is the coauthor of IT Architecture for Dummies (Wiley, 2010), and her educational projects include bachelor’s level course development in networking and network security. She is currently employed by Texas A&M University and specializes in enterprise risk assessment and compliance. She has master’s degrees in information technology and security management and several IT certi.cations, including ISACA’s Certi.ed Information Systems Auditor (CISA) and Certi.ed in Risk and Information Systems Control (CRISC). Susan can be reached at [email protected]
Telmo Sampaio is the chief geek for MCTrainer.NET and TechKnowLogical, specializing in System Center, SharePoint, SQL, and .NET. Telmo wrote his . rst application in 1984, with the intent of demonstrating physics concepts to his fel-low classmates. His passion for technology and teaching made him a self-taught developer from an early age. In 1989 he moved to Wellesley, Massachusetts, when his father was transferred to work in Boston for a year. He kept developing appli-cations to demonstrate science and math concepts and decided to remain in the United States after his family left. In 1990, while still in high school, he was hired by IBM to demonstrate its most powerful CAD application, CATIA, to corporate customers like Boeing. In 1991 he moved back to Brazil and studied systems analysis at PUC/RJ. When Microsoft extended its Microsoft Certi. cation program to Brazil, Telmo was one of the .rst in the country to become certi.ed. In 1994 he started teaching Microsoft classes. Soon he was managing the largest training center in Latin America, after having worked for Microsoft in Brazil as a techni-cal account manager. To date he has been certi.ed in over 20 different Microsoft products, passing over 80 exams. After moving back to the United States in 2003, Telmo became a contributor to several Microsoft certi.cation exams, an author for of.cial courseware, and a speaker at events such as TechEd, PASS, and MMS.

Acknowledgments

Just as technologies in the cloud involve many different components to pro-vide the .nal product to the consumer, so too does a book like this require the dedication and focused effort of many whose names are not presented on the cover. I would .rst like to thank my coauthors, Susan Cook and Telmo Sampaio, but also the many excellent people at Sybex who took my rough material and polished it into a gem for readers: our acquisitions editor, Jeff Kellum; develop-ment editor, Kim Wimpsett; production editor, Rebecca Anderson; and the many other editorial reviewers that are simply amazing in what they do. I offer thanks to my good friend and literary agent, Carole Jelen, whose efforts provide me the chance to work with so many amazing people on so many exciting topics.
—Kirk Hausman
It is amazing to me how many people contribute to the creation of a published work. They all deserve thanks, but I’m particularly grateful to a special few at Sybex—Jeff Kellum in his dual role as acquisitions editor and chief cat herder, development editor Kim Wimpsett, and production editor Rebecca Anderson. I would also like to thank my agent, Carole Jelen, and my coauthors, Kirk Hausman and Telmo Sampaio, for all their hard work.
—Susan Cook
I would like to acknowledge the amazing contribution of my best friend and gorgeous wife, Jo Sampaio, who spent countless nights caring for the kids so that I could .nish this book. Without her support and understanding I would not be where I am today. My boys, Marco, Rafael and Enzo, for being supportive and giving up a bit of dad time. And my family back home in Brazil, who pretend to understand what I write about.
—Telmo Sampaio

Contents at a Glance

CompTIA Certi. cation xiii Introduction xvii
CHAPTER 1 What Is Cloud Computing? 1 CHAPTER 2 Cloud Models 15 CHAPTER 3 Service Models 29 CHAPTER 4 Current Cloud Technologies 47 CHAPTER 5 Cloud Business Value 75 CHAPTER 6 Cloud Infrastructure Planning 87 CHAPTER 7 Strategies for Cloud Adoption 105 CHAPTER 8 Applications in the Cloud 119 CHAPTER 9 Cloud Service Rollout 141 CHAPTER 10 Cloud Service-Level Management 157 CHAPTER 11 Security in the Cloud 177 CHAPTER 12 Privacy and Compliance 197 APPENDIX A Future of the Cloud 211 APPENDIX B Answers to Review Questions 217 APPENDIX C CompTIA’s Certi. cation Program 233 APPENDIX D EXIN’s Certi. cation Program 239
Glossary 245 Index 257

Contents

Chapter . Chapter .Chapter .Chapter . CompTIA Certi. cation xiii Introduction xvii What Is Cloud Computing? 1 De.ning Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Understanding Distributed Application Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Understanding Resource Management Automation . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Understanding Virtualized Computing Environments. . . . . . . . . . . . . . . . . . . . . . . . 8 Understanding High-Performance Computing Models. . . . . . . . . . . . . . . . . . . . . . . . 9 Understanding Cloud Computing Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Cloud Models 15 Evolving from Virtualization to the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Planning Organizational Roles in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Identifying Cloud Deployment Models and Scope Modi.ers . . . . . . . . . . . . . . . . . . 21 Cloud Deployment Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Model Scope Modi.ers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Including Future Cloud Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Service Models Categorizing Cloud Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Examining Software as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Examining Platform as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Examining Infrastructure as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Identifying Emerging Cloud Database Capabilities. . . . . . . . . . . . . . . . . . . . . . . . . . 41 Sharding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Database Pro.ling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 De.ning Everything as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Current Cloud Technologies
Comparing Traditional Technologies and Cloud Alternatives . . . . . . . . . . . . . . . . . 47 Accessing the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Networking in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Web Access Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Leveraging Software as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Personal Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Enterprise Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Cloud-Speci.c Software as a Service Applications. . . . . . . . . . . . . . . . . . . . . . . . 63 Developing within Platform as a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Implementing Infrastructure as a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Empowering Mobile Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Chapter . Cloud Business Value 75
Identifying Business Drivers for Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . 75 Reducing Costs and Increasing Ef.ciency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Increasing Organizational Agility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Examining the Business Impact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Evaluating Cloud Computing Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Identifying Value Now and in the Future . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Choosing the Appropriate Cloud Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Making the Right Decision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Chapter . Cloud Infrastructure Planning 87
Understanding Cloud Networks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 The Open Systems Interconnection Model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Internet Protocol Version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Network Challenges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Infrastructural Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Leveraging Automation and Self-Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 Understanding Federated Cloud Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Achieving Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Cloud Computing Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Chapter . Strategies for Cloud Adoption 105
Aligning Cloud Deployments with Organizational Goals . . . . . . . . . . . . . . . . . . . . 105
Identifying the Impact of Cloud Adoption to Business Processes . . . . . . . . . . . . . 110 Culture and Business Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Management Changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Testing for Readiness. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Understanding the Importance of Service-Level Agreements . . . . . . . . . . . . . . . . 114 Cloud Service-Level Agreements (SLAs). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Chapter . Applications in the Cloud 119
Understanding the Role of Standard Applications . . . . . . . . . . . . . . . . . . . . . . . . . 119 Desktop Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Distributed Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 Web-Based Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 Cloud Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Developing Cloud-Ready Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Cloud-Ready Application Patterns. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Cloud-Ready Application Development. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Migrating Applications to the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Preparing for Technical Challenges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Identifying and Mitigating Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Chapter . Cloud Service Rollout 141
Identifying Vendor Roles and Responsibilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Identifying Organizational Skill Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 Software as a Service (SaaS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Platform as a Service (PaaS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Infrastructure as a Service (IaaS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Transitioning to Live Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Preparing for Incident Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Chapter .. Cloud Service-Level Management 157
Understanding ITIL Service Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 ITIL Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Applying ITIL to Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 Planning the Service Strategy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 Planning a Service Desk Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Developing and Utilizing Performance Metrics. . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Running a Cloud Service Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 General Performance Metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Implementing Continual Process Improvement. . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Service Evaluation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Process Evaluation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 De.nition of Improvement Initiatives. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 CSI Monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Chapter .. Security in the Cloud 177
Understanding Security and Risk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Key Principles of Information Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Risk Management Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Reviewing Security Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Exploring Common Security Risks and Mitigations. . . . . . . . . . . . . . . . . . . . . . . . 184 Application Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Shared Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Insider and Criminal Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Data Exposure and Loss. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Organizational Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Implementing an ISMS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 Responding to Incidents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 Digital Forensics in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Recognizing Security Bene.ts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
Chapter .. Privacy and Compliance 197
Identifying Legal Risks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 Records Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Software Licensing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Audit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Identifying Privacy Risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Safe Harbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Managing Identity in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 Federated Identity Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Single Sign-On. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
The Essentials and Beyond. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Appendix A: Future of the Cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 Appendix B: Answers to Review Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Appendix C: CompTIA’s Certi.cation Program. . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 Appendix D: EXIN’s Certi.cation Program. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
CompTIA Certi. cation
Qualify for Jobs, Promotions and Increased Compensation

The CompTIA Cloud Essentials specialty certi. cation demonstrates that an individual knows what cloud computing means from a business and technical perspective, as well as, at a high level, what is involved in moving to and governing the cloud.
It Pays to Get Certified
In a digital world, digital literacy is an essential survival skill. Certi. cation proves you have the knowledge and skill to solve business problems in virtu-ally any business environment. Certi.cations are highly valued credentials that qualify you for jobs, increased compensation, and promotion.

. Organizations do not have adequate cloud competencies espe-cially infrastructure and service providers. Excellent job opportunities exist and will grow for knowledgeable cloud professionals.
.
The cloud is a new frontier that requires astute personnel who understand the strategic impact of cloud computing on an organization.

.
Research has shown that certi.ed IT professionals score better when tested for their knowledge of foundational principles and skills, and from the employer’s perspective, certi.cation provides solid evidence of successful training.

.
Cloud technologies and business needs are moving faster than organi-zations can adapt. Therefore staff understanding of cloud computing is key for the initial project planning for cloud solutions, and a safe and well-managed implementation of any cloud project.

.
Getting your people up to speed with a fundamental  clo-001 pdf understand-ing of cloud computing enables the whole organization to speak the same language.

IBM

It’s not about whether Tim Cook is right or wrong. Apple Inc.’s standoff against the U.S. government’s mounting pressure to hack into an iPhone used by one of the San Bernardino shooters highlights the importance of having clear leadership values in place. Otherwise, when a crisis arises, a company will be on the defensive 000-130 and scrambling to respond, creating uncertainty and eroding trust among customers and business partners. Despite pressure from the Justice Department, Apple CEO Tim Cook has refused to order his company to make software to unlock the phone used by one of the attackers to give the government access to encrypted personal data. According BH0-013 to Reuters, Cook reportedly told employees in an email, “This case is about much more than a single phone or a single investigation. At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone’s civil liberties.” The purpose here is not to weigh in on what Cook should or should not do in the midst of a crisis that touches two of the most emotionally-charged issues of our day: guarding against terrorism and personal data security. That said, one of the key principles of values-based leadership 98-349 is to take the time to understand the multiple perspective surrounding any issue — particularly the most critical ones. In the case of Apple 0.00% , it appears Cook is trying to determine the right actions for his company and its customers, such as urging the government to create a panel on encryption. This process could facilitate dialogue and understanding among the multiple perspective on the issue. A values-based leadership approach also focuses intently on the issue of trust. The Trust Project at Northwestern University, a new initiative launching in March, is designed to advance the study and management of trust in business in society, and shows that trust is 250-310 multifaceted. Using a simple example, customers may trust that a company’s products are backed with in-depth technical expertise. But those same customers may have lower levels of trust that the company is really looking out for their best interest, such as 117-101 in product pricing, technical support, or customer relations. Trust, like everything else is business, cannot be taken for granted, and it must be managed as part of values-based leadership. Being a values-based leader in an organization NS0-156 that prides itself on what it stands for is relatively easy when things are going well. However, personal and organizational leadership are defined by challenges — especially change, controversy, and crisis. During these times, leadership is tested, often publicly with high visibility, broadcasting the values of the leader and the organization to the world. The backbone of every crisis-response plan must be the 070-464 company’s values. Then, as simplistic as it may seem, the company and its leaders need always to do two things: do the right thing and do the best they can. Throughout my A00-211 career, including as chairman and CEO of Baxter International, a $12 billion healthcare company, I have defined values-based leadership in the context of four principles: self-reflection, to gain greater self-knowledge and accountability to my commitments; balance, to gather input and feedback from all sources to make the best decisions possible; true self-confidence, knowing what I know and acknowledging what I don’t know; and genuine humility, to treat everyone with respect. These values along with the commitment to do the right thing and the C2180-275 best I could helped me face numerous episodes of change, controversy, and even crisis. In 2001, a dialysis filter product made in a Swedish plant owned by Baxter was blamed for 53 deaths in several countries. Suddenly, the company’s name was on the front page of newspapers around the world, accused of causing these C4040-122 deaths. With values-based leadership and a commitment to do the right thing, we quickly mobilized our response: putting together a team to uncover the cause of the deaths; taking the appropriate actions, including closing the facility that made filters; meeting with health ministers in various countries; and sharing information with suppliers and even competitors, just in case they were using materials or had manufacturing processes similar to ours. We didn’t stop there. Even though Baxter’s financial results that year exceeded targets, I recommended to the board that they reduce my bonus by 40%, and my 20 senior JN0-343 executives agreed to cut their bonuses by 20%. We knew the world was watching, and in order to maintain trust with all our constituents, especially the 50,000 team members within Baxter, we needed to make sure we did the right thing. The eyes of the world are on Apple as it squares off against the Justice Department over an issue that has many sides and valid C2020-011 arguments, from the need to safeguard against terrorism to individuals’ rights to privacy. Regardless of what Apple decides, the company must remain guided by its values and principles, with a commitment to do the right thing and the best it can.

IBM To Acquire Resilient Systems, Undercut Cisco, Symantec, FireEye

ech giant IBM (IBM) plans to undercut Cisco Systems (CSCO), Symantec (SYMC), FireEye (FEYE) and Rapid7 (RPD) by acquiring incident response firm Resilient Systems and partnering 070-178 with endpoint security provider Carbon Black, the company announced Monday. The announcement comes a week after IBM HP2-K34 unveiled a deeper tie to No. 1 cybersecurity pure-play Check Point Software Technology (CHKP) to pool research and integrate systems. IBM stock slipped 0.8% to close at 131.03 on the stock market today. IBD’s 25-company Computer Software-Security industry group was down a fraction Monday as companies headed to the RSA Conference, a massive cybersecurity industry gathering that 070-458 runs all week in San Francisco. Caleb Barlow, vice president A30-327 of IBM Security, described the Resilient Systems acquisition as the cornerstone of a three-prong strategy to protect, defend and respond to cyberbreaches. Per IBM policy, he wouldn’t disclose the price tag for the privately held, 100-employee company. “This ultimately gives us the ability to expand from protecting and 642-980 defending the enterprise to also being able to respond to a breach,” Barlow told IBD. “This combination of a new acquisition and the associated partnerships really make a move into the incident-response space.”

Carbon Black Has Big Share Of Endpoint Security

In conjunction with the acquisition, IBM will partner with endpoint security firm Carbon Black. Privately held Carbon 700-301 Black owns 37% of the endpoint market, according to industry tracker IDC. Carbon Black’s platform will allow IBM analysts to conduct security forensics on compromised endpoint devices. Resilient Systems will be integrated into IBM’s incident-response 642-980 platform, dubbed X-Force Incident Response Services. Via X-Force, IBM will counsel clients through all parts of a cyberbreach and on ways to avoid such breaches. Barlow likened the service to a fire drill. “Most companies don’t have 250-371 good incident-response plans,” he said. “There’s a binder on the shelf for what to do in the case of a fire or what to do in the case of a flood, but not necessarily what to do in the case of a cyber incident.” That “binder” includes pertinent leadership, disclosure and public 1Z0-597 relations keys in case of a breach, he said. IBM’s move allows the company to “pivot” from protecting and defending to responding to a breach, he says. It’s all part of IBM’s push into the cybersecurity market. In 2015, IBM pulled in $2 billion in security revenue. That was up 12% but still accounted for only 2.4% of IBM’s total revenue of 074-343 more than $81 billion, which fell 12%. But the dollar amount topped total sales for security pure-players Palo Alto Networks (PANW), Proofpoint (PFPT), Fortinet (FTNT) and FireEye. And IBM’s security business also outgrew Symantec and Check Point. The security unit was launched four years ago, Barlow 000-130 dumps free says. Since then, it has added 7,300 employees — 1,000 last year alone — and operates in 133 countries globally. “Imagine if that were the conversation about a Silicon Valley startup,” he said. IBM gets a not-strong IBD 1Z0-532 Composite Rating of 53 out of a possible 99. Shares are down 5% year to date, like the S&P 500 index.