Microsoft MCSA 70-410 -Installing Windows Server 2012

Posted by & filed under 70-410, Microsoft MCSA.

Minimum requirements

Microsoft publishes hardware minimum requirements for the software it sells. For Windows Server 2012, the minimum requirements are:
Processor: Minimum: 1.4 GHz 64-bit processor
Ram: Minimum: 512 MB
Disk Space: Minimum: 32 GB
Other requirements:
DVD drive
Super VGA (800 x 600) or higher-resolution monitor
Keyboard and Microsoft® mouse (or other compatible pointing device)
Internet access

 

Server 2012 Installation

Insert the server 2012 DVD in the server and to through the following steps:

  • Once you get the following message press Enter to boot from the setup.Insert the server 2012 DVD in the server and to through the following steps:
    Server 2012 Installation

 

  • Wait for a while till the setup loads all necessary files (Depending on your machine, it will take couple of minutes)
    Server 2012 Installation

 

 

  • Once the setup files are loaded, the setup will start with the following screen. You can change these to meet your needs (the default values should be fine for now).
    Server 2012 Installation

 

  • Once you click Next, you can start the installation, click “Install now”.
    Server 2012 Installation

 

  • You will see the following screen, wait until it finishes loading.
    Server 2012 Installation

 

  • In the following setup screen, you will see four options. Select Windows Server 2012 DataCenter Evaluation (Server With GUI).
    Server 2012 Installation

 

  • After you click Next from previous screen, Read the License terms, tick the “I accept the license terms” and click Next.Server 2012 Installation

 

  • Now It will ask you for the drive (or partition) you want to install Windows on. Here we will install it on the one partition we have.
    [bs_icon name=”glyphicon glyphicon-exclamation-sign”] NOTE: This will remove the contents on the partition. Either you create a partition to install windows on, or you can test this on a testing machine.
    Server 2012 Installation

 

  • Now once we picked our partition, clicking on next from previous screen will start the setup. This process might take a while.
    Server 2012 Installation

 

  • Once the setup is done, it will restart and start your Windows Server 2012 for the first time. It will ask you then to set up a password for the Administrator user.
    Server 2012 Installation

 

  • The setup will finalize your settings, might take a couple of minutes.
    Server 2012 Installation

 

  • Once the setup is done, you can log in for the first time to your Windows Server, as the screen says, press Ctrl+Alt+Delete to log in, and use the password you set in the setup process.Server 2012 Installation

 

  • Once you Log in, Windows Server 2012 will show the Server Manager.
    Server 2012 Installation

 

 

To Become Microsoft Certified please Check out the Link;

 

 

 

CompTIA Net+ | Microsoft MTA Networking: The OSI model

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

Taking a Network+ exam? Follow us on Facebook and ask us about our study group.

The (Open Systems Interconnection) OSI has been developed by International Organization for Standardization (ISO). The OSI model provides a framework for creating and implementing networking standards and devices and describes how network applications on different computers can communicate through the network media. In this post, each of the seven layers of the OSI model will be explained in simple terms.

Layer 1 – Physical layer

Physical layer defines the physical medium itself. It details how cables, connectors and network interface cards are supposed to work and how to send and receive bits. When a networking problem occurs, many networking pros go right to the physical layer to check that all of the cables are properly connected and that the power plug hasn’t been pulled from the router, switch or computer, for example.

Layer 2 – Data Link

Data Link layer defines the format of data on the network. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. MAC layer is used for hardware addressing and for controlling the access method. The LLC layer is used for used for flow control and error detection.

Layer 3 – Network

Network Layer defines device addressing, routing, and path determination. Network layer acts as a boundary between the host and the subnet. It deals with routing issues, deadlock and conjestion issues caused by increased number of packet data transfer and decreasing the performance etc.

NFS uses Internetwork Protocol (IP) as its network layer interface. IP is responsible for routing, directing datagrams from one network to another. Even though IP packets are addressed using IP addresses, hardware addresses must be used to actually transport data from one host to another. The Address Resolution Protocol (ARP) is used to map the IP address to the hardware address.

Layer 4 – Transport

Transport layer is responsible for getting the entire message across, establishes and terminates connections between two computers and keeping track of fragmentation and out-of-order packets. Used for flow control and data recovery.

Two transport protocols, Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), sits at the transport layer.

TCP establishes connections between two hosts on the network through ‘sockets’ which are determined by the IP address and port number.

UDP on the other hand provides a low overhead transmission service, but with less error checking.

Layer 5 – Session

This layer defines how to establish, manage and terminate connections between applications.

Layer 6 – Presentation

The Presentation layer defines the data formats. The compression and encryption are also defined at this layer.

Layer 7 – Application

This layer provides network services to the end-users. In general: Layer 7 is the layer that users interact with directly, for example, users browse applications like web browsers (Google Chrome, Firefox, Safari, etc.), Email Applications (Outlook, Thunderbird, etc.), Chat Applications ( WhatsApp, Skype, Viber, etc.) directly are the examples of layer 7 applications.

References: Network World

Want more information on how to become CompTIA Network+ Certified? Learn more!

CompTIA Net+ | Microsoft MTA Networking: 802.11: Wi-Fi Standards

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

Taking a Network+ exam? Follow us on Facebook and ask us about our study group.

WiFi is not an acronym but a brand name created by a marketing firm that’s meant to serve as an interoperability seal for marketing efforts. WiFi technology however provides wireless Internet access via the use of radio waves which transmit a signal to a wireless enabled device. You can access this type of connection from up to one hundred feet away and the performance of the connection can vary according to the 802.11 standard being used and the number of devices connecting to the router simultaneously. The standard known as the 802.11 offers a number of different levels of bandwidth usage symbolized by a letter.

The IEEE naming scheme for the standard is a little tough to get used to, and in an effort to make it easier to understand, the Wi-Fi Alliance has come up with some simpler names.

802.11a

The first “letter” following the June 1997 approval of the 802.11 standard, this one provided for operation in the 5GHz frequency which makes it less prone to interference and with data rates up to 54Mbps. It introduced a more complex technique, known as OFDM (orthogonal frequency division multiplexing) for generating the wireless signal.

802.11b

Released in September 1999, it’s most likely that your first home router was 802.11b, which operates in the 2.4GHz frequency and provides a data rate up to 11 Mbps and has a range up to 150 feet. 802.11b components are cheap, but the standard has the slowest maximum speed of all the 802.11 standards.

802.11g

Approved in June 2003, 802.11g was the successor to 802.11b, able to achieve up to 54Mbps rates in the 2.4GHz band, matching 802.11a speed but within the lower frequency range. 802.11g standard uses the same OFDM technology introduced with 802.11a. 802.11g is backward compatible with 802.11b devices: an 802.11b device can connect to an 802.11g access point (but at 802.11b speeds).

802.11n (Wi-Fi 4)

The first standard to specify MIMO (Multiple Input Multiple Output), 802.11n was approved in October 2009 and allows for usage in two frequencies – 2.4GHz and 5GHz, with speeds up to 600Mbps. When you hear wireless LAN vendors use the term “dual-band”, it refers to being able to deliver data across these two frequencies.

802.11ac (Wi-Fi 5)

Current home wireless routers are likely 802.1ac-compliant, and operate in the 5 GHz frequency space. With Multiple Input, Multiple Output (MIMO) – multiple antennas on sending and receiving devices to reduce error and boost speed – this standard supports speeds ranging from 433 Mbps all the way up to 3.46Gbps. Some router vendors include technologies that support the 2.4GHz frequency via 802.11n, providing support for older client devices that may have 802.11b/g/n radios, but also providing additional bandwidth for improved data rates.

Pending Wi-Fi standards

802.11aj

Also known as China Millimeter Wave, this defines modifications to the 802.11ad physical layer and MAC layer to enable operation in the China 59-64GHz frequency band. The goal is to maintain backward compatibility with 802.11ad (60GHz) when it operates in that 59-64GHz range and to operate in the China 45GHz band, while maintaining the 802.11 user experience. Final approval was expected in November 2017.

802.11ak

There are some products in the home-entertainment and industrial-control spaces that have 802.11 wireless capability and 802.3 Ethernet function. The goal of this standard is to help 802.11 media provide internal connections as transit links within 802.1q bridged networks, especially in the areas of data rates, standardized security and quality-of-service improvements. It reached draft status in November 2017.

802.11ax (Wi-Fi 6)

Known as High Efficiency WLAN, 802.11ax aims to improve the performance in WLAN deployments in dense scenarios, such as sports stadiums and airports, while still operating in the 2.4GHz and 5GHz spectrum. The group is targeting at least a 4X improvement in throughput compared to 802.11n and 802.11ac., through moreefficient spectrum utilization. Approval is estimated to be in July 2019.

802.11ay

Also known as Next Generation 60GHz, the goal of this standard is to support a maximum throughput of at least 20Gbps within the 60GHz frequency (802.11ad currently achieves up to 7Gbps), as well as increase the range and reliability. The standard is expected to be approved between September and November 2019.

802.11az

Called Next Generation Positioning (NGP), a study group was formed in January 2015 to address the needs of a “Station to identify its absolute and relative position to another station or stations it’s either associated or unassociated with.” The goals of the group would be to define modifications to the MAC and PHY layers that enable “determination of absolute and relative position with better accuracy with respect to the Fine Timing Measurement (MTM) protocol executing on the same PHY-type, while reducing existing wireless medium use and power consumption, and is scalable to dense deployments.” The current estimate on approval of this standard is March 2021.

802.11ba

Otherwise known as “Wake-Up Radio” (WUR), this isn’t a crazy morning zoo-crew thing, but rather a new technology aimed at extending the battery life of devices and sensors within an Internet of Things network. The goal of the WUR is to “greatly reduce the need for frequent recharging and replacement of batteries while still maintaining optimum device performance.” This is currently expected to be approved in July 2020.

Wifi Standards

References
actiontec. (n.d.). The evolution of WiFi standards: a look at 802.11a/b/g/n/ac. Retrieved from actiontec.com: https://www.actiontec.com/wifihelp/evolution-wi-fi-standards-look-802-11abgnac/
Cisco. (n.d.). What Is Wi-Fi? Retrieved from www.cisco.com: https://www.cisco.com/c/en/us/products/wireless/what-is-wifi.html
Phillips, G. (n.d.). What Are Wi-Fi Standards? Retrieved from www.makeuseof.com: https://www.makeuseof.com/tag/understanding-common-wifi-standards-technology-explained/

Want more information on how to become CompTIA Network+ Certified? Learn more!

CompTIA Net+ | Microsoft MTA Networking: COMPARE AND CONTRAST THE CHARACTERISTICS OF NETWORK TYPES

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

Taking a Network+ exam? here are some network types you should know. What is a LAN ? A local area network (LAN) is a computer network within a small geographical area such as a home, school, computer laboratory, office building or group of buildings. A LAN is composed of inter-connected workstations and personal computers which are each capable of accessing and sharing data and devices, such as printers, scanners and data storage devices, anywhere on the LAN. LANs are characterized by higher communication and data transfer rates and the lack of any need for leased communication lines.

What is WLAN? A wireless local area network (WLAN) is a wireless distribution method for two or more devices that use high-frequency radio waves and often include an access point to the Internet. A WLAN allows users to move around the coverage area, often a home or small office, while maintaining a network connection. A WLAN is sometimes call a local area wireless network (LAWN) What is MAN? A metropolitan area network (MAN) is similar to a local area network (LAN) but spans an entire city or campus. MANs are formed by connecting multiple LANs. Thus, MANs are larger than LANs but smaller than wide area networks (WAN). MANs are extremely efficient and provide fast communication via high-speed carriers, such as fiber optic cables. What is WAN? A wide area network (WAN) is a network that exists over a large-scale geographical area. A WAN connects different smaller networks, including local area networks (LANs) and metro area networks (MANs). This ensures that computers and users in one location can communicate with computers and users in other locations. WAN implementation can be done either with the help of the public transmission system or a private network. What is CAN? A campus area network (CAN) is a network of multiple interconnected local area networks (LAN) in a limited geographical area. A CAN is smaller than a wide area network (WAN) or metropolitan area network (MAN). A CAN is also known as a corporate area network (CAN). What is SAN A storage area network (SAN) is a secure high-speed data transfer network that provides access to consolidated block-level storage. An SAN makes a network of storage devices accessible to multiple servers. SAN devices appear to servers as attached drives, eliminating traditional network bottlenecks. SANs are sometimes also referred to (albeit redundantly) as SAN storage, SAN network, network SAN, etc. What is PAN? A personal area network (PAN) refers to the interconnection of information technology devices or gadgets within the environment of an individual user (typically within 10 meters or 33 feed). These interconnected devices might include laptop computers, PDAs, cellphones, printers, PCs or other wearable computer devices.

References

techopedia.com. (n.d.). Retrieved from techopedia.com: https://www.techopedia.com/

Want more information on how to become CompTIA Network+ Certified? Learn more!

CompTIA Network+ | Microsoft MTA Networking: VLAN – Virtual Local Area Networks

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

 

When you buy brand new switches all we need connect the PC to switch port and then PC can talk to each other ; but I can take a Switch like Cisco Switch and create a few VLAN ; such as

(Here is general Idea of VLAN)

VLAN 10 = Publishing
VLAN 20= Accounting
VLAN 30= security

 

Vlan Name Status Ports
1 Default Active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

Gig0/1, Gig0/2

as we see all the ports are located in default VLAN one ; now   I will create

two VLAN and assigned the port as follow

VLAN 2 EGR    f0/1,f0/2

VLAN 3 Sales   f0/4,F0/5

Here is the result after I have done above

Switch#show vlan brief

Vlan Name Status Ports
1 Default Active Fa0/3, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24
2 EGR Active Fa0/1, Fa0/2
3 sales Active Fa0/4 Fa0/5,

As we see now PC1 can talk to PC2 , and PC4 can talk to PC5 , but PC1 can not ping PC4 or PC5 since I need to have a router between them.

Here is the diagram after I put the router between them. Make sure give ip address of

10.10.10.100 to f0/0

20.20.20.100 to f0/1 and make sure turn on the port ; since by default all the ports are in shut down mode

Now lets look see if from PC1 can ping PC4.

As we see PC1 can not ping PC4 , so lets try to troubleshoot , go to PC1 and see if you can ping the

DG=10.10.10.100

 

PC>ipconfig

FastEthernet0 Connection:(default port)

 

Link-local IPv6 Address………: FE80::230:F2FF:FEA7:AB9D

IP Address………………….: 10.10.10.1

Subnet Mask…………………: 255.255.255.0

Default Gateway……………..: 10.10.10.100

 

PC>ping 10.10.10.100

Pinging 10.10.10.100 with 32 bytes of data:

 

Request timed out.

Request timed out.

Request timed out.

Request timed out.

 

Ping statistics for 10.10.10.100:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

 

As we see we cannot ping the DG

 

Why ?

 

Think of OSI Layer model .

 

Remember IP address is located on layer 3

  1. Physical Layer
  2. Data Link Layer ( look at your Switch)
  3. Network Layer

Now when I look at Switch and I type

Switch#show vlan brief

 

Vlan Name Status Ports
1 Default Active   Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24
2 EGR Active Fa0/1, Fa0/2, Fa0/3,
3 sales Active Fa0/4, Fa0/5,Fa0/6,

 

Now I should be able to ping from PC1 =10.10.10.1 to Pc4=20.20.20.4

 

PC>ping 20.20.20.4

Pinging 20.20.20.4 with 32 bytes of data:

 

Reply from 20.20.20.4: bytes=32 time=1ms TTL=127

Reply from 20.20.20.4: bytes=32 time=1ms TTL=127

Reply from 20.20.20.4: bytes=32 time=1ms TTL=127

Reply from 20.20.20.4: bytes=32 time=0ms TTL=127

 

Ping statistics for 20.20.20.4:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 1ms, Average = 0ms

 

Now lets say instead of two VLAN , we have three or four VLAN ; in that case I can not out so many router between each VLAN , so cisco came with idea of Multi layer switch ( Cisco 3550, 3560 ,3575 and above) that allows you to be a layer 2 (switch) and layer 3 device (act as router) in that case we do not need a router ; which is but a Cisco 3550 and above then I can route packet from one vlan to another vlan. ( CCNA/CCNP concept)

 

 

Here how it looks like at Cisco Switch; when you buy brand new Switch (without configuration)

Want more information on how to become CompTIA Network+ Certified? Learn more!

 

 

CompTIA Network+ | Microsoft MTA Networking: Domain Name System (DNS)

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

 

 

(Domain Name System) The Internet’s system for converting alphabetic names into numeric IP addresses. For example, when a Web address (URL) is typed into a browser, DNS servers return the IP address of the Web server associated with that name. In this made-up example, the DNS converts the URL www.company.com into the IP address 204.0.8.51. Without DNS, you would have to type the series of four numbers and dots into your browser to retrieve the website, which you actually can do.

A Hierarchy of Servers
The DNS system is a hierarchy of duplicated database servers worldwide that begin with the “root servers” for the top-level domains (.com, .net, .org, etc.). The root servers point to the “authoritative” servers located in ISPs, as well as in large companies, that turn the names into IP addresses; the process known as “name resolution.” Using our www.company.com example, COMPANY.COM is the domain name, and WWW is the hostname. The domain name is the organization’s identity on the Web, and the hostname is the name of the Web server within that domain

Getting a Web Page
Converting the domain name (URL) in a Web browser into an IP address takes numerous queries. Along the way, there can be more name servers than are shown here.

Caching Speeds Up Delivery
If the ABC.COM Web address was previously requested by one of the ISP’s customers, its IP address is cached (stored) in the DNS server and returns the IP address immediately. A user’s computer also typically caches IP addresses, which can eliminate the DNS query all together if the address is already in the cache.

 

Source by PCMag

 

Want more information on how to become CompTIA Network+ Certified? Learn more!

 

 

CompTIA Network+ | Microsoft MTA Networking: Networking Tools

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

 

From Wikipedia

 

A. Cable Tester- A cable tester is an electronic device used to verify the electrical connections in a cable or other wired assembly. Generally, a cable tester consists of:

 

1. A source of electric current
2. A volt meter
3. A switching matrix used to connect the current source and the volt meter to all of the contact points in a cable.

 

There are two common ways to test a connection:

 

1. A continuity test. Current is passed down the connection. If there is current the connection is assumed to be good. This type of test can be done with a series combination of a battery (to provide the current) and a light bulb (that lights when there is a current).

 

2. A resistance test. A known current is passed down the connection and the voltage that develops is measured. From the voltage and current, the resistance of the connection can be calculated and compared to the expected value.

 

 There are two common ways to test for a short:

 

1. A low voltage test. A low power, low voltage source is connected between two conductors that should not be connected and the amount of current is measured. If there is no current the conductors are assumed to be well isolated.

 

2. A high voltage test. Again a voltage source is connected but this time the voltage is of several hundred volts. The increased voltage will make the test more likely to find connections that are nearly shorted since the higher voltage will cause the insulation of nearly shorted wires to break down.

 

Want more information on how to become CompTIA Network+ Certified? Learn more!

 

 

Amazon AWS Nat Instance and NAT gateway

Posted by & filed under Amazon AWS.

 

 

 

The NAT Instance

  • Install the NAT instance from Community AMI
  • When creating a NAT instance , make sure Disable source/destination check
  • Nat Instance must be in public subnet
  • There must be route out of private subnet and pointed to NAT instance
  • You Need to have a Security group for NAT instance
  • The amount of traffic that NAT instance supports depends on the instance size

NAT Gateways

  • It is New ,
  • Preferred by Enterprise
  • Scale automatically up to 10Gbps
  • No need to patch ( Amazon will take care of it)
  • No need to have a security group
  • Automatically assigned a public Ip address
  • Remember to update your Route table
  • No Need to disable Source/Destination checks

 

 

 

 

Want more information on how to become Amazon AWS Certified? Learn more!

 

 

Amazon AWS DNS Records Types

Posted by & filed under Amazon AWS.

 

From Wikipedia

 

 

Type

Description

Function
A Address Record  Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host,but it is also used for DNSBLs, storing subnet masks in RFC 1101, etc.
CNAME  Canonical Name Record Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
MX Mail Exchange Record Maps a domain name to a list of message transfer agents for that domain
 AAAA IPv6 Address Record Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.
TXT Text Record Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carriesmachine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC,  DNS-SD, etc.
PTR Pointer Record Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.
SRV Service locator Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
SPF Sender Policy Framework SPF(99) (from RFC 4408) was specified as part of the Sender Policy Framework protocol as an alternative to storing SPF data in TXT records, using the same format. It was later found that the majority of SPF deployments lack proper support for this record type, and support for it was discontinued in RFC 7208.
NS Name Server record Delegates a DNS zone to use the given authoritative name servers
SOA Start of [a zone of] Authority Record Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.

 

 

Want more information on how to become Amazon AWS Certified? Learn more!

 

 

CompTIA Network+ | Microsoft MTA Networking: DNS Records Types

Posted by & filed under CompTIA Network+, MICROSOFT MTA NETWORKING.

 

From Wikipedia

 

 

Type

Description

Function
A Address Record  Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host,but it is also used for DNSBLs, storing subnet masks in RFC 1101, etc.
CNAME  Canonical Name Record Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
MX Mail Exchange Record Maps a domain name to a list of message transfer agents for that domain
 AAAA IPv6 Address Record Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.
TXT Text Record Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carriesmachine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC,  DNS-SD, etc.
PTR Pointer Record Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.
SRV Service locator Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
SPF Sender Policy Framework SPF(99) (from RFC 4408) was specified as part of the Sender Policy Framework protocol as an alternative to storing SPF data in TXT records, using the same format. It was later found that the majority of SPF deployments lack proper support for this record type, and support for it was discontinued in RFC 7208.
NS Name Server record Delegates a DNS zone to use the given authoritative name servers
SOA Start of [a zone of] Authority Record Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.

 

 

Want more information on how to become CompTIA Network+ Certified? Learn more!

 

 

Amazon AWS-Getting Started with Elastic Load Balancing

Posted by & filed under Amazon AWS.

Source By: <docs.aws.amazon.com>

Getting Started with Elastic Load Balancing

This tutorial provides a hands-on introduction to Application Load Balancers through the AWS Management Console, a web-based interface. To create your first Application Load Balancer, complete the following steps.

 

 

Tasks

  • Before You Begin
  • Step 1: Select a Load Balancer Type
  • Step 2: Configure Your Load Balancer and Listener
  • Step 3: Configure a Security Group for Your Load Balancer
  • Step 4: Configure Your Target Group
  • Step 5: Register Targets with Your Target Group
  • Step 6: Create and Test Your Load Balancer
  • Step 7: Delete Your Load Balancer (Optional)

 

Before You Begin

  • Decide which two Availability Zones you will use for your EC2 instances. Verify that your virtual private cloud (VPC) has at least one public subnet in each of these Availability Zones.
  • Launch at least one EC2 instance in each Availability Zone. For this exercise, you can simply use the public subnets. Be sure to install a web server, such as Apache or Internet Information Services (IIS), on each EC2 instance.
  • Ensure that the security group for your EC2 instances allows HTTP access on port 80. To test the web server, copy the DNS name of the instance into the address field of an Internet-connected web browser and verify that the browser displays the default page of the web server.

 

Step 1: Select a Load Balancer Type

Elastic Load Balancing supports two types of load balancers: Application Load Balancers and Classic Load Balancers. For this tutorial, you create an Application Load Balancer.

To create an Application Load Balancer

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  2. On the navigation bar, choose a region for your load balancer. Be sure to select the same region that you used for your EC2 instances.
  3. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  4. Choose Create Load Balancer.
  5. Choose Application Load Balancer, and then choose Continue.

 

Step 2: Configure Your Load Balancer and Listener

On the Configure Load Balancer page, complete the following procedure.

To configure your load balancer and listener

  1. For Name, type a name for your load balancer.The name of your Application Load Balancer must be unique within your set of Application Load Balancers for the region, can have a maximum of 32 characters, can contain only alphanumeric characters and hyphens, and must not begin or end with a hyphen.
  2. For Scheme, keep the default value, internet-facing.

  1. For IP address type, select ipv4 if your instances support IPv4 addresses or dualstack if they support IPv4 and IPv6 addresses.
  2. For Listeners, keep the default, which is a listener that accepts HTTP traffic on port 80.

 

  1. For Availability Zones, select the VPC that you used for your EC2 instances. For each of the two Availability Zones that contain your EC2 instances, select the Availability Zone and then select the public subnet for that Availability Zone.
  2. Choose Next: Configure Security Settings.
  3. For this tutorial, you are not using a secure listener. Choose Next: Configure Security Groups.

 

Step 3: Configure a Security Group for Your Load Balancer

The security group for your load balancer must allow it to communicate with registered targets on both the listener port and the health check port. The console can create security groups for your load balancer on your behalf, with rules that specify the correct protocols and ports.

Note

If you prefer, you can create and select your own security group instead.

On the Configure Security Groups page, complete the following procedure to have Elastic Load Balancing create a security group for your load balancer on your behalf.

To configure a security group for your load balancer

  1. Choose Create a new security group.
  2. Type a name and description for the security group, or keep the default name and description. This new security group contains a rule that allows traffic to the load balancer listener port that you selected on the Configure Load Balancer page.

  1. Choose Next: Configure Routing.

 

Step 4: Configure Your Target Group

Create a target group, which is used in request routing. The default rule for your listener routes requests to the registered targets in this target group. The load balancer checks the health of targets in this target group using the health check settings defined for the target group. On the Configure Routing page, complete the following procedure.

To configure your target group

  1. For Target group, keep the default, New target group.
  2. For Name, type a name for the new target group.
  3. Keep Protocol as HTTP and Port as 80.

For Health checks, keep the default protocol and ping path.

  1. Choose Next: Register Targets.

 

Step 5: Register Targets with Your Target Group

On the Register Targets page, complete the following procedure.

To register targets with the target group

  1. For Instances, select one or more instances.
  2. Keep the default port, 80, and choose Add to registered.

  1. If you need to remove an instance that you selected, for Registered instances, select the instance and then choose Remove.
  2. When you have finished selecting instances, choose Next: Review.

 

Step 6: Create and Test Your Load Balancer

Before creating the load balancer, review the settings that you selected. After creating the load balancer, verify that it’s sending traffic to your EC2 instances.

To create and test your load balancer

  1. On the Review page, choose Create.
  2. After you are notified that your load balancer was created successfully, choose Close.
  3. On the navigation pane, under LOAD BALANCING, choose Target Groups.
  4. Select the newly created target group.
  5. On the Targets tab, verify that your instances are ready. If the status of an instance is initial, it’s probably because the instance is still in the process of being registered, or it has not passed the minimum number of health checks to be considered healthy. After the status of at least one instance is healthy, you can test your load balancer.
  6. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  7. On the Description tab, copy the DNS name of the load balancer (for example, my-load-balancer-1234567890.us-west-2.elb.amazonaws.com). Paste the DNS name into the address field of an Internet-connected web browser. If everything is working, the browser displays the default page of your server.

 

Step 7: Delete Your Load Balancer (Optional)

As soon as your load balancer becomes available, you are billed for each hour or partial hour that you keep it running. When you no longer need a load balancer, you can delete it. As soon as the load balancer is deleted, you stop incurring charges for it. Note that deleting a load balancer does not affect the targets registered with the load balancer. For example, your EC2 instances continue to run.

To delete your load balancer

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  2. On the navigation pane, under LOAD BALANCING, choose Load Balancers.
  3. Select the load balancer, and then choose Actions, Delete.
  4. When prompted for confirmation, choose Yes, Delete.

 

To Become AWS Certified please Check out this link;

Amazon AWS-What Is Elastic Load Balancing?

Posted by & filed under Amazon AWS.

Source By: <docs.aws.amazon.com>

 

What Is Elastic Load Balancing?

Elastic Load Balancing distributes incoming application traffic across multiple EC2 instances, in multiple Availability Zones. This increases the fault tolerance of your applications.

The load balancer serves as a single point of contact for clients, which increases the availability of your application. You can add and remove instances from your load balancer as your needs change, without disrupting the overall flow of requests to your application. Elastic Load Balancing scales your load balancer as traffic to your application changes over time, and can scale to the vast majority of workloads automatically.

You can configure health checks, which are used to monitor the health of the registered instances so that the load balancer can send requests only to the healthy instances. You can also offload the work of encryption and decryption to your load balancer so that your instances can focus on their main work.

Features of Elastic Load Balancing

Elastic Load Balancing supports two types of load balancers: Application Load Balancers and Classic Load Balancers. Choose the load balancer type that meets your needs.

Feature Classic Load Balancer Application Load Balancer
Protocols HTTP, HTTPS, TCP, SSL HTTP, HTTPS
Platforms EC2-Classic, EC2-VPC EC2-VPC
Sticky sessions (cookies) load balancer generated
Back-end server authentication
Back-end server encryption
Idle connection timeout
Connection draining
Cross-zone load balancing † Always enabled
Health checks † † Improved
CloudWatch metrics Improved
Access logs Improved
Path-based routing
Route to multiple ports on a single instance
HTTP/2 support
Websockets support
Load balancer deletion protection

† Cross-zone load balancing is always enabled for an Application Load Balancer. For a Classic Load Balancer, it is disabled by default, but can be enabled and disabled as needed.

† † For an Application Load Balancer, you can specify the HTTP codes that indicate a successful health check response. An Application Load Balancer returns improved information about the cause of health check failures.

Accessing Elastic Load Balancing

You can create, access, and manage your load balancers using any of the following interfaces:

  • AWS Management Console— Provides a web interface that you can use to access Elastic Load Balancing.
  • AWS Command Line Interface (AWS CLI) — Provides commands for a broad set of AWS services, including Elastic Load Balancing, and is supported on Windows, Mac, and Linux.
  • AWS SDKs — Provides language-specific APIs and takes care of many of the connection details, such as calculating signatures, handling request retries, and error handling.
  • Query API— Provides low-level API actions that you call using HTTPS requests. Using the Query API is the most direct way to access Elastic Load Balancing, but it requires that your application handle low-level details such as generating the hash to sign the request, and error handling. For more information, see the following:

 

Elastic Load Balancing works with the following services to improve the availability and scalability of your applications.

  • Amazon EC2 — Virtual servers that run your applications in the cloud. You can configure your load balancer to route traffic to your EC2 instances.
  • Amazon ECS — Enables you to run, stop, and manage Docker containers on a cluster of EC2 instances. You can configure your load balancer to route traffic to your containers.
  • Auto Scaling — Ensures that you are running your desired number of instances, even if an instance fails, and enables you to automatically increase or decrease the number of instances as the demand on your instances changes. If you enable Auto Scaling with Elastic Load Balancing, instances that are launched by Auto Scaling are automatically registered with the load balancer, and instances that are terminated by Auto Scaling are automatically de-registered from the load balancer.
  • Amazon CloudWatch — Enables you to monitor your load balancer and take action as needed.
  • Amazon Route 53 — Provides a reliable and cost-effective way to route visitors to websites by translating domain names (such as www.example.com) into the numeric IP addresses (such as 192.0.2.1) that computers use to connect to each other. AWS assigns URLs to your resources, such as load balancers. However, you might want a URL that is easy for users to remember. For example, you can map your domain name to a load balancer.

 

To Become AWS Certified please Check out this link;

Amazon S3

Posted by & filed under Amazon AWS.

Amazon S3

Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable cloud storage. Amazon S3 is easy to use object storage, with a simple web service interface to store and retrieve any amount of data from anywhere on the web. With Amazon S3, you pay only for the storage you actually use. There is no minimum fee and no setup cost.

Amazon S3 offers a range of storage classes designed for different use cases including Amazon S3 Standard for general-purpose storage of frequently accessed data, Amazon S3 Standard – Infrequent Access (Standard – IA) for long-lived, but less frequently accessed data, and Amazon Glacier for long-term archive. Amazon S3 also offers configurable lifecycle policies for managing your data throughout its lifecycle. Once a policy is set, your data will automatically migrate to the most appropriate storage class without any changes to your applications.

Amazon S3 can be used alone or together with other AWS services such as Amazon Elastic Compute Cloud (Amazon EC2) and AWS Identity and Access Management (IAM), as well as data migration services and gateways for initial or ongoing data ingestion. Amazon S3 provides cost-effective object storage for a wide variety of use cases including backup and recovery, nearline archive, big data analytics, disaster recovery, cloud applications, and content distribution.

Source By: docs.aws.amazon.com

Which IT Certification should I get first?

Posted by & filed under ABOUT IT.

Do You Have What It Takes for a Career in Technology?

Information Technology (IT) has become such a widespread career choice. But few people actually know what IT is and what its discipline entails.

The digital world may tempt you to jump on the information technology wagon. But is it the right choice for you? Talk to one of our advisers and take our IT Assessment Test to see if IT is the right field for you.

I’m new to IT, what certifications are best for me?

Whether you’re a college student looking to advance your career ahead of your peers or from another sector trying to change your career. The Information Technology field offers plenty of opportunities regardless of where your true passion lies. But how can you boost careers — and fast? Not every career needs years to launch. In the tech industry, an education will help — but it isn’t 100 percent necessary. Take for instance the IT field. A handful of entry-level positions in this burgeoning field simply require a certification.

But you may be asking, which IT certification should I get first?

Build your foundation first

If you’re just starting out, you’d want to pursue IT certifications that acquaint you with how to maximize the use of computers, mobile and cloud technology in a business environment first.,

There are certifications that are Ideal for students and professionals who don’t have prior IT experience. These certifications are  designed to get students and career changers up to speed on how computers, operating systems and networks function, providing the building blocks of IT.

IT certifications to start your career

CompTIA A+

Your ticket to help desk and technical support jobs. CompTIA A+ shows you know how to troubleshoot common tech problems in corporate environments.

Jobs related to CompTIA A+: Help Desk Technician, Technical Support Specialist, Systems Administrator, IT Technician, IT Assistant

Learn more about our: CompTIA A+ Bootcamp.

The ITIL® 4 Foundation

The ITIL® 4 (version 4) Foundation is the newest entry level Certification Course for IT Service Management Best Practices. It is designed to help businesses manage risks, strengthen customer relations, establish cost-effective practices and build stable IT environments for growth, scale and change.

Jobs related to ITIL 4 Foundation: Process coordinator, Incident Coordinator, Configuration Analyst, Service Desk Level 1, Support Specialist.

Learn more about our: ITIL 4 Bootcamp

IT certifications to explore specialties

CompTIA Network+

Proves your knowledge about managing enterprise networks, solving networking issues, troubleshooting network devices and keeping tabs on network security.

Jobs related to CompTIA Network+: Network Support Specialist, Network Administrator, Systems Administrator, Systems Analyst, Network Engineer

Jobs related to CompTIA Network+: Network Administrator, Network Engineer, Help Desk Support, Service Technician, IT support Specialist

Learn more about our: CompTIA Network+ Bootcamp 

CompTIA Security+

Great for tech support and computer networking professionals who want to get into cybersecurity. This certification proves you know how to secure networks, keep digital data confidential and ward off hackers.

Jobs related to CompTIA Security+: Cybersecurity Specialist, Security Administrator

Learn more about our: CompTIA Security+ Bootcamp

AWS Certified Solutions Architect – Associate

Solutions architects optimize the use of the AWS Cloud by understanding AWS services and how these services fit into cloud-based solutions. This certification is a great introduction to cloud computing.

Jobs related to AWS Certified Solution Architect – Associate: Cloud Architect, Cloud Engineer, Operational Support Engineer, Cloud Software Engineer, System Integrator — Cloud

Learn more about our: AWS Certified Solution Architect – Associate Bootcamp

Whether you’re a college student or a professional who wants to change a career, IT certifications shows employers that you have what it takes and have the skills needed for the IT roles in their organizations.

College students can also avail a federally funded scholarship for your certifications. Learn more

CompTIA A+ | Microsoft MTA O/S: Training (Basic Windows OS Security Settings)

Posted by & filed under CompTIA A+, MICROSOFT MTA O/S.

 

 

Security Settings

CompTIA A+ Exam objectives 2.6

(Compare and contrast the differences of basic Microsoft Windows OS security settings​​)

User and Groups

There are different levels of user accounts built into the Windows operating system. There are administrators, guests, and standard users. An administrator is the super-user of the Windows operating system. If you have administrative rights, then you effectively can control everything about the operating system.

There are also guest users in the Windows operating system. These guest users are disabled by default. But if you do enable the guest user, they will have limited access to the operating system. The majority of people that log in to Windows are standard users. These are people that are browsing the internet or working on spreadsheets or word processing documents. A standard user does not have full and complete access to the operating system, but they are able to use the operating system to perform day-to-day tasks.

There are also groups built into Windows. Some of these groups can be created to assign rights and permissions to others, and other groups are built into the operating system. A good example of this is the power users group that provides additional rights and permissions to a standard user without giving them all of the permissions that may be assigned to an administrator. When you access a file in the Windows operating system, your access to that file may be controlled through NTFS permissions or share permissions.

NTFS vs. Share Permissions

NTFS permissions are permissions assigned to the file system itself. This means if you’re accessing a file locally on the computer, the NTFS permissions will apply. And if you’re accessing that file across the network using a share, these NTFS permissions will also apply to you as well. There is a separate group of permissions that are associated with users connecting across a share. This means you can have one set of permissions for people who are accessing this file locally and a completely different set of permissions for somebody accessing it across the network.

 

As you can imagine, this could create a conflict. What if the NTFS permission is set to deny access, but the share permission is set to allow access? Whenever you have that type of conflict, the most restrictive setting will win, which means if the deny is set on this file on either one of those permissions, then they deny will beat that allow permission that may be somewhere else. NTFS permissions are inherited from parent objects in the file system, which means you don’t have to manually assign NTFS permissions to every single file. It will simply use the permissions assigned to the parent object.

 

If you move that file to a different volume, then the permissions will be associated with where you put it on that volume. If you move that file within the same volume, there is simply a pointer that’s changed in the file system, which means it will keep the permissions if you’re moving it within the same volume. In this view, we’re looking at two different sets of permissions that are pointing to the same folder. This would be the folder under Users, Professor, Documents, and Reports.

 

You can see there may be NTFS permissions that provide full access to this particular folder. But if you were to look at the share permissions, anybody connecting across the network would only have read access to this particular folder. There are a number of shares that are created automatically by the operating system during the installation process. These are administrative shares, and most of these shares are hidden from view.

 

For example, any share that has a dollar sign at the end of it is automatically hidden by the operating system. So a share that had a C$ would be the share for the entire C drive, but it would be hidden by other people that are connecting to the system. Another good example of administrative shares are the ADMIN$ share and the PRINT$ share. If you wanted to view the shares available on your system, you can go to the command line and use the net share command to list out all the share names and the resources associated with that share.

Shared Files and Folders

We mentioned earlier that permissions associated with a file in the file system can have all of those permissions inherited from a parent object. If you were to manually change the permissions for that file in the file system, those permissions would be called explicit permissions. Here’s an example of inherited permissions. Here’s a music folder on my Windows computer. And you can see there are a number of folders underneath the Music folder. This means that the Music folder would have the parent permissions, and the folders underneath the Music folder would have the child permissions.

 

If we were to set permissions on the Music folder to allow access, we won’t have to go to each individual folder to also allow access, because all of those permissions will be inherited from the parent object. If we configured the Music folder to provide access, then access to all of the child folders would also be allowed, because those permissions are inherited from the parent object. We can override these inherited permissions by changing the permissions ourselves. And when we change them, they would be explicit permissions.

 

Let’s take the example of our music folder. If we set up a deny permission to our music folder, then that particular set of permissions would be inherited by all of the child objects. But there may be a child folder that we would like to provide access to others, and we can explicitly define what folder we would like to assign. So even though all of the other permissions were inherited, we can specify our own permissions, and those would be explicit permissions.

Learn more about our CompTIA A+ Certification

Credits: Professor Messor

 

CompTIA A+ | Microsoft MTA O/S: Training (System Utilities)

Posted by & filed under CompTIA A+, MICROSOFT MTA O/S.

 

 

System Utilities

CompTIA A+ Exam objectives 1.5

(Given a scenario, use Microsoft operating system features and tools.)

What are system utilities?

Utility programs are designed to carry out specific tasks. The tasks to be carried out are not typically performed by the operating system as part of its day to day operating of the system. Utility programs are designed for more specific purposes. Common examples of utility software include anti-virus software, disk defragmenters and system restoration.

 

Here is a picture example of some utilities, some of these will be covered, but there are some more important ones that will be explained for this lesson.

by SQA

 

 

Here are the 12 system utilities needed for the A+ exam:

REGEDIT

The Windows Registry serves as an archive for collecting and storing the configuration settings of Windows components, installed hardware/software/application and more. A Windows component, hardware or a software, retrieves the registry entries or keys relating to it, every time it is started. It also modifies the registry entries or keys corresponding to it, in its course of execution. When keys are added to the registry, the data are sorted as computer-specific data or user-specific data in order to support multiple users.

 

The Regedit command launches regedit.exe 

COMMAND

This command launches a standard command prompt for the user.

Services.msc

This command in the command console launches the services console. 

MMC

MMC is a centralized data base that contains many tools which are typically scattered, and brings them all together so that the user may select which ones are needed. 

MSTSC

This program allows a PC connected by a remote desktop sessions to be able to edit the config files of different PCs using the RDP. 

NOTEPAD

Notepad is a secure and reliable text editor in Windows.

EXPLORER

Explorer is Window’s file management system. It does many actions, such as creating, copying and renaming files and folders. 

MSINFO32

Essentially launches system information. Windows says this : 

You can use the MSINFO32 command-line tool switches to do all of the following:

  • Use System Information from a batch file
  • Create .nfo or .txt files that contain information from specified categories.
  • Open System Information and display only specific categories.
  • Save a file silently (without opening System Information).
  • Start System Information connected to a remote computer.
  • Create a shortcut that opens System Information in a frequently-used configuration.

DxDiag

This tool can be used to collect information about DirectX sound and video. Can help for troubleshooting a problem.

By Nexon Support

Disk Defragmenter

Rearranges the file fragments on a disk into contiguous clusters to be able to read them faster. 

System Restore

This utility can create system images, and then restores the system when asked by user. 

Windows Update

Can be used to manage software and security issues, and allows microsoft to fix them quickly and uniformly. 

Learn more about our CompTIA A+ Certification

Credits: HN ComputingComodo , CertBlaster , Windows Help

 

CompTIA A+ | Microsoft MTA O/S: Training (Server Roles)

Posted by & filed under CompTIA A+, MICROSOFT MTA O/S.

 

 

Server Roles

CompTIA A+ Exam objectives 2.5

(Summarize the properties and purposes of services provided by networked hosts.)

What do server roles achieve?

Server roles allow there to be more convenient or efficient options of doing specific tasks, such as accessing the internet, or using the printer. 

 

 

Here are the 9 different types covered by CompTIA:

Web server

At the most basic level, whenever a browser needs a file which is hosted on a web server, the browser requests the file via HTTP. When the request reaches the correct web server (hardware), the HTTP server (software) accepts the request, finds the requested document (if it doesn’t then a 404 response is returned), and then sends it back to the browser, also through HTTP.

Mozilla Firefox

File server

A high-speed computer in a network that stores the programs and data files shared by it’s users. It acts like a remote disk drive. The difference between a file server and an application server is that the file server stores the programs and data, while the application server runs the programs and processes the data.

Print server

A computer in a network that controls one or more printers. The function is typically part of the operating system but may be an add-on utility that stores the print-image output from users’ machines and feeds it to the printer one job at a time. The computer and its printers are known as a “print server” or a file server with “print services.”

DHCP server

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (that is, a scope) configured for a given network.

DNS server

A dedicated server or a service within a server that provides DNS name resolution in an IP network. It turns names for websites and network resources into numeric IP addresses. DNS servers are used in large companies, in all ISPs and within the DNS system in the Internet, a vital service that keeps the Internet working. They are set up by network administrators and typically do not exist in the very small business or home. 

Proxy server

A proxy server, also known as a “proxy” or “application-level gateway”, is a computer that acts as a gateway between a local network (for example, all the computers at one company or in one building) and a larger-scale network such as the internet. Proxy servers provide increased performance and security.

 

A proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network via another port. By blocking direct access between two networks, proxy servers make it much more difficult for hackers to get internal addresses and details of a private network.

Mail server

A mail server (or email server) is a computer system that sends and receives email. In many cases, web servers and mail servers are combined in a single machine.

Authentication server

A device used in network access control. An authentication server stores the usernames and passwords that identify the clients logging in, or it may hold the algorithms for token access. For access to specific network resources, the server may itself store user permissions and company policies or provide access to directories that contain the information.

syslog

A protocol for transmitting event messages and alerts across an IP network. Messages are sent by the operating system or application at the start or end of a process or to report the current status of a process. Initially developed for the Unix sendmail application, syslog became commonly used in all environments and was made an IETF standard in 2001.

Learn more about our CompTIA A+ Certification

Credits: Mozilla Firefox , Computer Language , Indiana University , Tech Terms

 

Picture: Wikimedia 

CompTIA A+ | Microsoft MTA O/S:Common Cloud Models

Posted by & filed under CompTIA A+, MICROSOFT MTA O/S.

 

 

Common Cloud Models

CompTIA A+ Exam objectives 4.1

Introduction to Cloud Computing

Simply put, cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the Internet (“the cloud”) to offer faster innovation, flexible resources, and economies of scale. You typically pay only for cloud services you use, helping you lower your operating costs, run your infrastructure more efficiently, and scale as your business needs change.

The Common Cloud Models

There are three different types of cloud models, and each has their own advantages and disadvantages. The cloud model that the user would use depends on what they need.

IaaS

SaaS

PaaS

Infrastructure as a Service

Software as a Service

Platform as a Service

Infrastructure as a Service, sometimes abbreviated as IaaS, contains the basic building blocks for cloud IT and typically provide access to networking features, computers (virtual or on dedicated hardware), and data storage space. Infrastructure as a Service provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.

Software as a Service provides you with a completed product that is run and managed by the service provider. In most cases, people referring to Software as a Service are referring to end-user applications. With a SaaS offering you do not have to think about how the service is maintained or how the underlying infrastructure is managed; you only need to think about how you will use that particular piece software. A common example of a SaaS application is web-based email where you can send and receive email without having to manage feature additions to the email product or maintaining the servers and operating systems that the email program is running on.

Platforms as a service remove the need for organizations to manage the underlying infrastructure (usually hardware and operating systems) and allow you to focus on the deployment and management of your applications. This helps you be more efficient as you don’t need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application.

Cloud Computing Deployment Models

Public

  • It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them.

  • Services are delivered over a network which is open for public usage.

Private

  • Exclusive user by a single organization comprising multiple consumers (e.g. business units).

  • The platform for cloud computing is implemented on a cloud-based secure environment that is safeguarded by a firewall which is under the governance of the IT department that belongs to the particular customer.

Hybrid

  • The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private,community, or public) that remains unique entities, but are bound together by standardized or proprietary technology that enables data and application portability.

Community

  • Provisioned for exclusive user by a specific community of consumers from organizations that have shared concerns.

  • It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them and it may exist on or off premises.

  • The setup is mutually shared between many organizations that belong to a particular community.

Credits: Microsoft Azure ,Amazon AWS, U.S DOI, Salesforce

Major Security Breaches of 2024

Posted by & filed under CompTIA Security+, MICROSOFT MTA SECURITY.

Major Security Breaches of 2024: What You Need to Know

1. LastPass Breach (2024)

Date of Discovery: January 2024

In early 2024, LastPass, one of the leading password management platforms, suffered another breach, following a significant incident in 2022. Hackers infiltrated user vaults, gaining access to encrypted data. While the data remains encrypted, this breach raised concerns about the overall safety of sensitive information stored in password managers.

Impact:

  • Encrypted user data compromised, including passwords.
  • Users were urged to update master passwords and enable multi-factor authentication (MFA).

2. T-Mobile Data Breach (2024)

Date of Discovery: March 2024

T-Mobile experienced a significant data breach in March, affecting millions of customers. Cybercriminals accessed personal customer data, including phone numbers and billing information, through unauthorized access to the network.

Impact:

  • Over 40 million customers affected.
  • Exposure of personal details, but no financial data was compromised.

3. U.S. Health Insurance Data Breach (2024)

Date of Discovery: April 2024

A major U.S. health insurance provider reported a breach that exposed millions of customers’ personal health data. The breach occurred after hackers gained unauthorized access to sensitive medical and insurance information stored within the company’s system.

Impact:

  • Over 30 million individuals affected.
  • Exposed medical records, insurance information, and personal health data.

4. Microsoft Exchange Server Vulnerability Exploited (2024)

Date of Discovery: May 2024

Cybercriminals took advantage of a vulnerability in Microsoft Exchange Server, gaining unauthorized access to emails and sensitive company data. Although patches were rolled out quickly, many organizations were impacted before they had a chance to update their systems.

Impact:

  • Thousands of organizations worldwide affected.
  • Critical company data, including emails, exposed.

5. Volkswagen Group of America (VWoA) Data Breach (2024)

Date of Discovery: June 2024

Volkswagen’s U.S. division experienced a data breach in June, exposing millions of customer records. The breach involved unauthorized access to a system that stored sensitive information such as vehicle details, customer names, and addresses.

Impact:

  • More than 3 million customer records compromised.
  • Affected customers were notified and offered identity protection services.

6. UK’s National Health Service (NHS) Data Breach (2024)

Date of Discovery: July 2024

In July, the NHS reported a breach that compromised patient records via an external partner’s network. This breach exposed confidential medical records, and the stolen data raised concerns about privacy in healthcare systems.

Impact:

  • Over 2 million patient records exposed.
  • Ongoing efforts to secure patient data and prevent future breaches.

7. Twitter Data Breach (2024)

Date of Discovery: August 2024

A Twitter data breach in August involved hackers exploiting vulnerabilities in Twitter’s API to gain access to personal user information, including phone numbers and email addresses.

Impact:

  • Affected over 200 million users.
  • Personal details, including phone numbers and email addresses, exposed.

8. Uber Data Breach (2024)

Date of Discovery: September 2024

Uber was hit by a ransomware attack that targeted internal company data. This attack compromised sensitive business information, employee data, and customer details. The breach is believed to have been orchestrated by a hacker group with ties to larger cybercrime syndicates.

Impact:

  • Exposed sensitive business data, including financial and customer information.
  • Uber worked quickly to contain the breach and strengthen its cybersecurity measures.

9. Ransomware Attack on U.S. Schools (2024)

Date of Discovery: October 2024

A coordinated ransomware attack affected multiple U.S. school districts, disrupting online learning and encrypting educational systems. The attack forced many schools to shut down temporarily, affecting hundreds of thousands of students.

Impact:

  • More than 500,000 students were affected by data loss and service disruption.
  • Several districts opted not to pay the ransom, instead focusing on rebuilding and strengthening defenses.

10. Australian Broadcasting Corporation (ABC) Breach (2024)

Date of Discovery: November 2024

ABC in Australia suffered a significant data breach involving its internal systems, where hackers accessed sensitive documents and media plans. It’s believed the attackers may have had political motivations linked to espionage.

Impact:

  • Exposure of internal documents, including media strategies and unbroadcasted stories.
  • ABC has implemented further security measures to protect its data.

Are you looking to break into the exciting field of Cybersecurity? Join our 5-day CompTIA Security+ Boot camp Training and build your Cybersecurity knowledge and skills. 

Stay ahead with advanced security architectures and AI-driven automation in cybersecurity.

Posted by & filed under CompTIA Security+, MICROSOFT MTA SECURITY.

What's New in the Latest Version of CompTIA Security+ (SY0-701)?

The CompTIA Security+ certification has received a major refresh with the new SY0-701 version, reflecting the latest trends in cybersecurity. Here’s a quick look at what’s new:

  • Cloud and Hybrid Security: Greater focus on securing cloud and hybrid environments, ensuring professionals can manage modern infrastructures.
  • Threat Intelligence: Expanded coverage on threat intelligence, helping organizations anticipate and counter potential attacks.
  • Advanced Security Architectures: Introduction to advanced frameworks like Zero Trust, emphasizing secure design and implementation.
  • Automation & AI: Increased emphasis on automation and AI in security operations, from threat detection to ethical considerations.
  • Governance, Risk, and Compliance: Strengthened focus on risk management, legal issues, and compliance frameworks.
  • Incident Response & Forensics: Expanded scenarios for incident response and digital forensics, equipping professionals to handle breaches effectively.
  • Secure Development: More coverage on secure coding practices and DevSecOps, integrating security throughout the software lifecycle.

This update ensures that Security+ certified professionals stay current with today’s cybersecurity challenges. Ready to take your skills to the next level? Dive into the new CompTIA Security+ SY0-701!

Are you looking to break into the exciting field of Cybersecurity? Join our 5-day CompTIA Security+ Boot camp Training and build your Cybersecurity knowledge and skills. 

CompTIA Security+ | Spam

Posted by & filed under CompTIA Security+, MICROSOFT MTA SECURITY.

Why Spam is a Major Security Concern and How to Protect Yourself

Spam emails are a persistent nuisance that clog up our inboxes and waste our time, but they are much more than just an annoyance. Spam is a significant security concern that can pose a threat to individuals and organizations alike. In this blog, we will explore why spam is a security concern and provide some tips on how to protect yourself from spam.

How to Protect Yourself from Spam?

  • Use Spam Filters: Most email services and clients offer spam filters that can be used to automatically filter out unwanted and potentially dangerous emails. Make sure that your email provider has a robust spam filter and that you have it turned on.

  • Don’t Click on Links or Attachments: Be cautious when opening emails from unknown or suspicious senders, and avoid clicking on links or downloading attachments. If you are unsure about the authenticity of an email, verify it with the sender before opening any links or attachments.

  • Use Anti-Virus Software: Install reputable anti-virus software on your device and keep it updated to protect against malware and other threats.

  • Be Careful with Personal Information: Do not share personal information such as passwords or financial information in response to unsolicited emails or requests. Always verify the legitimacy of the request before sharing any personal information.

  • Educate Yourself: Stay informed about the latest spam and phishing trends and tactics, and educate yourself on how to identify and avoid them.

In conclusion, spam is a serious security concern that should not be taken lightly. By following these best practices and staying vigilant, you can protect yourself from spam and the threats it poses. Remember, when it comes to spam, prevention is always better than cure.

Understanding Trust in Information Security: A Comprehensive Guide

Posted by & filed under CompTIA Security+, MICROSOFT MTA SECURITY.

Understanding Trust in Information Security

As technology continues to evolve and the reliance on digital systems and networks increases, trust has become a crucial aspect of information security. Establishing and maintaining trust is essential in protecting sensitive data, ensuring the integrity of systems, and mitigating security risks. In this comprehensive guide, we will delve into the concept of trust in the context of CompTIA Security+ certification and explore its key components and implications.

Authentication: The Foundation of Trust

At the heart of trust in information security is authentication, the process of verifying the identity of a user, device, or system. Authentication methods can include something a user knows, something a user has, or something a user is. We will explore various authentication methods, such as passwords, smart cards, and biometric recognition, and discuss best practices for implementing strong authentication mechanisms.

CompTIA Security+ Certification

Authorization: Determining Access Rights

Once a user, device, or system has been authenticated, authorization comes into play. Authorization determines what actions or resources an authenticated entity is allowed to access. We will delve into the concept of authorization, including role-based access control (RBAC) and other authorization models, and discuss how to implement effective authorization mechanisms to prevent unauthorized access and data breaches.

Trust Models: Establishing Trust Relationships

Trust models are frameworks used to establish and manage trust between different entities in a system or network. We will explore common trust models, such as single sign-on (SSO) frameworks, multi-factor authentication (MFA) systems, and public key infrastructure (PKI) implementations. We will discuss their strengths, weaknesses, and best practices for implementation to ensure secure and trusted interactions between entities.

Trust Boundaries: Managing Interfaces

Trust boundaries are the points or interfaces where different levels of trust meet or interact. Managing trust boundaries is crucial in preventing security breaches and ensuring the integrity of systems and networks. We will discuss how to identify and manage trust boundaries, including considerations for physical and logical boundaries, and best practices for securing these critical points of interaction.

Trustworthiness: Ensuring Reliability and Security

Trustworthiness is the overall reliability, integrity, and security of a system or network. It involves implementing appropriate security controls, maintaining system updates and patches, and following best practices for securing data, systems, and networks. We will explore the concept of trustworthiness and discuss how to implement measures to ensure the trustworthiness of information systems and networks.

Conclusion: Trust as a Pillar of Information Security

In conclusion, trust is a foundational concept in information security and plays a critical role in protecting sensitive data, systems, and networks. Understanding and managing trust is essential for information security professionals and is a key topic covered in the CompTIA Security+ certification exam. By comprehensively understanding the components of trust, including authentication, authorization, trust models, trust boundaries, and trustworthiness, information security practitioners can effectively mitigate security risks and safeguard valuable information assets.

Whether you are a security professional preparing for the Security+ certification exam or an IT practitioner looking to enhance your knowledge of information security, this comprehensive guide on understanding trust in information security will provide valuable insights and practical recommendations for establishing and maintaining trust in today’s complex digital landscape. Trust is a critical pillar of information security, and mastering its concepts is essential for protecting against security threats and ensuring the confidentiality, integrity, and availability of information and resources.