Cloud Essentials – Virtualization and the Cloud

July 25, 2018 at 1:05 pm

Check out this Sneak Peek Nugget from CompTIA CL0-001 Cloud Essentials! This Nugget explores virtualization technologies and demonstrates how important these technologies are for Cloud.



CompTIA Cloud+ Security Groups vs Network ACLs

July 23, 2018 at 3:50 pm

This Nugget is a sample Nugget from the CompTIA Cloud+ CV0-002 course at CBT Nuggets. In this video, we examine the differences between Security Groups and Network ACLs in AWS.


Advantages of Cloud Technologies

July 3, 2018 at 6:35 pm


It is no major surprise that various public cloud vendors (led by AWS) are experiencing more and more success than ever before. The list of advantages continues to grow! Here are just some:

  • CapEx is replaced by OpEx: Using public cloud technologies enables start-ups and existing organizations to provide new features and services with a minimum of Capital Expenditures. Instead, public cloud expenses revolve around monthly Operating Expenses. For most organizations, OpEx represents significant advantages when compared to significant CapEx investments.
  • Lack of contractual commitments: Many public cloud vendors charge on an hourly (if not less) basis. For most services, there is no long-term commitment to an organization. You can roll out new projects or initiatives, and if needed, rolled back with no contractual commitments long term. This lack of contractual commitment helps increase the agility of IT operations and lowers financial risks associated with innovative technologies.
  • Reduction of required negotiations: New account establishment with public cloud vendors is simple, and prices for the major public cloud vendors continuously reduce. This reduction in prices and the ease of account setup reduces the need for cost negotiations as might have existed early in the world of service provider interactions.
  • Reduced procurement delays: Additional resources can be set up with most cloud implementations within seconds.
  • “Pay as you go” model: If more resources are needed to support a growing cloud presence, you can get these resources on demand and pay for them only when needed. Conversely, if fewer resources are required, you can run less and only pay for what you need.
  • High levels of security possible: Since you can focus on the security of your resources and the cloud provider can focus on their security responsibilities (such as physical security and hypervisor security), the resulting infrastructure can meet stringent levels of security. This security model is appropriately termed the Shared Responsibility model.
  • Flexibility: Thanks to features in public cloud vendors like AWS, you can quickly scale the cloud-based infrastructure up and down, and out and in as needed. This advantage is often termed elasticity. Auto-scaling functionality inside of AWS allows the dynamic creation and destruction of resources based on actual client demand. Such scaling can occur with little to no administrator interaction. By the way, when discussing scaling the resources of a service, we are scaling those resources horizontally (out and in with elasticity), while the service made up of those resources is being scaled up and down (vertically because the single service is getting bigger or smaller). A single service scales both up and down, and out and in – depending on the context.
  • A massive global infrastructure: Most of the public cloud vendors now offer resources located all over the globe. This global dispersion or resources serves large multinational organizations very well since resources needed for certain parts of the globe can be stored and optimized for access in those regions. Also, companies with clients all over the world can meet with similar access advantages when servicing the needs of clients.
  • SaaS, PaaS, and IaaS offerings: Cloud technologies have become so advanced that organizations can choose to give applications to clients, development environments or even entire IT infrastructures using the technologies that make up the cloud. In fact, since cloud can offer about any component of IT these days, many refer to cloud as an Everything as a Service (XaaS) opportunity.
  • Emphasis on API support: More and more, cloud vendors are taking an Application Programming Interface (API) first approach. This makes the same configuration possible with REST APIs (typically used) that would be possible with an SDK, CLI, or GUI. The API first approach means no interface (CLI or GUI) changes are made until API calls are made first. Thus, there is nothing that cannot be automated!

CompTIA Cloud+ (CV0-002) Available Now at CBT Nuggets!

June 16, 2018 at 10:39 am


The CompTIA Cloud+ is an internationally recognized certification that will validate your ability to work in a cloud computing environment. This training course will teach you to configure, deploy, secure, and manage cloud technologies while preparing you for CompTIA’s Cloud+ CV0-002 exam.

CBT Nuggets is a CompTIA-approved training provider. By completing this course and submitting the appropriate documentation to CompTIA, you can earn 5 CEUs.

Check out this critical Cloud content!

1. Configuration and Deployment: Cloud Architecture
2. Configuration and Deployment: Interaction of Cloud Components
3. Configuration and Deployment: Interaction of Non-Cloud Components
4. Configuration and Deployment: Evaluation for Cloud Deployment
5. Configuration and Deployment: Automation and Orchestration
6. Configuration and Deployment: Preparing for Deployment
7. Configuration and Deployment: Execute a Deployment Plan
8. Configuration and Deployment: A Deployment Testing Plan
9. Configuration and Deployment: Analyzing Deployment Test Results
10. Configuration and Deployment: Deploying a Virtual Network
11. Configuration and Deployment: Virtual Networking in Azure
12. Configuration and Deployment: CPU and Memory Sizing
13. Configuration and Deployment: Storage Types
14. Configuration and Deployment: S3 in AWS
15. Configuration and Deployment: Provisioning Storage
16. Configuration and Deployment: Protecting and Securing Storage
17. Configuration and Deployment: AWS S3 Versioning
18. Configuration and Deployment: Workload Migration Types
19. Configuration and Deployment: Workload Migration Considerations
20. Configuration and Deployment: Extend an Infrastructure
21. Security: Policies and Compliance
22. Security: Encryption and Tunneling
23. Security: Securing the Infrastructure
24. Security: Using ACLs
25. Security: Security Groups Versus Network ACLs in AWS
26. Security: Secure a Cloud Service Model
27. Security: Automation
28. Maintenance: Applying Patches
29. Maintenance: Applying Updates
30. Maintenance: Backup and Restore
31. Maintenance: Disaster Recovery Methods
32. Maintenance: Disaster Recovery in AWS
33. Maintenance: Business Continuity
34. Maintenance: Maintenance Automation
35. Management: Forecasting Future Needs
36. Management: Allocating Cloud Resources
37. Management: Planning Provisions/Deprovisions
38. Management: Account Provisioning
39. Management: Analyze Deployment Results
40. Management: Applying Changes
41. Management: Reporting Metrics
42. Troubleshooting: A Methodology
43. Troubleshooting: Identify the Problem
44. Troubleshooting: Establish Theory of Probable Cause
45. Troubleshooting: Test the Theory
46. Troubleshooting: Establish a Plan of Action
47. Troubleshooting: Solve, Verify, Document
48. Troubleshooting: Deployment Issues
49. Troubleshooting: Capacity Issues
50. Troubleshooting: Automation-Orchestration Issues
51. Troubleshooting: Common Connectivity Issues
52. Troubleshooting: Network Troubleshooting Tools
53. Troubleshooting: Security Issues

Federation versus SSO

May 15, 2018 at 12:15 pm


I am writing this post as I teach another Nugget for the upcoming release of CompTIA Cloud+ (2018 version) at CBT Nuggets!

This topic comes up several times in the course, and for today’s Nugget it has to do with extending an existing infrastructure into the cloud. Something that becomes more popular every day in hybrid cloud environments!

Most of us are familiar with SSO (Single Sign On) as we have been configuring it in our IT networks for decades now. The idea is a user inputs their username and password once (typically at workstation log in) and then that information is passed to other applications and resources that need it.

So what is Federation and how is it different? Federation allows SSO, but without passwords! A Federation Server knows the username for the network entity and presents this to the application or service as a token. It is worth mentioning again here that there is no password involved. The SSO functions because of trust between the systems that the Federation Server is aware of.

Token passing in Federation is made possible thanks to standard identity protools like – SAML, OpenID, WS-Trust, WS-Federation, and OAuth.

Another term you might come across today is Enterprise SSO. Like “normal” SSO, a password is required, but here that password is input for the user thanks to specialized software.

I hope you found this interesting and I also hope you will join me in the upcoming Cloud+ course!