VIDEO
HIGHLIGHT
Log InSign up
Other Infrastructure Concepts - CompTIA Security+ SY0-701 - 3.1
SummaryTranscriptChat

Other Infrastructure Concepts - CompTIA Security+ SY0-701 - 3.1

Where is the Safest Place to Store Data?

On-Premises vs. Cloud Security

  • IT professionals have differing opinions on whether on-premises infrastructure or cloud environments are safer for data storage, each having its own advantages and disadvantages.
  • Cloud security is centralized with other cloud services, eliminating the need for hardware support and separate data centers, while third-party providers manage security.
  • On-premises security allows complete control over decisions and systems but requires significant management resources and costs associated with maintaining local systems.

Control and Costs of Data Centers

  • Organizations with their own data centers can modify security postures independently without relying on third parties, providing a sense of control.
  • However, adding new equipment incurs costs and time for purchasing, configuring, and installing technology in a decentralized environment.

Challenges in Managing Decentralized Systems

  • The presence of multiple locations, cloud providers, and operating systems complicates security management for IT professionals.
  • To address these challenges, many create a consolidated management view from a single console to monitor users, devices, applications, etc.

Centralized Management Benefits and Risks

  • A centralized console provides visibility into organizational security but creates a single point of failure; losing access means losing oversight.
  • As organizations grow larger, they may require additional storage space for logs and CPU power to handle increased alerts.

Virtualization vs. Containerization

  • Virtualization enables running multiple operating systems on one physical device through hypervisors that manage resources between virtual machines.
  • Each virtual machine needs its own guest OS; inefficiencies arise when identical OS instances are run separately (e.g., three identical Linux VMs).

Transitioning to Containerized Environments

  • To improve efficiency, some organizations shift from virtualization to containerization where multiple applications run simultaneously on one hardware piece.
  • Containers encapsulate everything needed to run an application except the OS; this allows easy swapping of applications while sharing the same host OS.

Infrastructure and Application Environments

Virtualized vs. Containerized Environments

  • Applications are typically designed to run on a single host operating system, which may be Windows or Linux.
  • In a virtualized environment, a hypervisor operates above the infrastructure, while in a containerized environment, the host OS runs directly on the infrastructure.
  • Containerization software like Docker manages applications running on the host OS; in contrast, virtual machines operate with separate guest OS instances.
  • Each implementation has its advantages and disadvantages; choosing the right one depends on application types and deployment models.

Internet of Things (IoT)

  • IoT devices integrate into networks to support daily features such as temperature monitoring and automated lighting systems.
  • Examples of IoT technology include smartwatches for health monitoring and workplace systems that manage air quality and lighting automatically.
  • While IoT offers convenience through automation, it raises security concerns due to potential vulnerabilities in device design by non-security professionals.

Security Concerns with IoT

  • A single compromised IoT device can grant attackers access to an entire network, highlighting the need for secure implementation practices.

SCADA Systems

  • SCADA (Supervisory Control and Data Acquisition System), also known as Industrial Control Systems (ICS), connects large machinery in environments like manufacturing or power generation.
  • Technicians can monitor equipment from centralized control rooms without needing physical access to each machine.

Importance of Security in SCADA

  • SCADA systems must be completely segmented from external networks to prevent security breaches that could impact critical infrastructure like power generation or oil refineries.

Operating Systems: Deterministic vs. Non-deterministic

Characteristics of Operating Systems

  • Non-deterministic operating systems (e.g., Windows, Linux) do not prioritize processes uniformly; any process can potentially monopolize resources at any time.

Real-Time Operating Systems (RTOS)

  • Deterministic operating systems are essential for applications requiring immediate resource allocation, such as automotive braking systems where safety is paramount.

Security Implications of RTOS

  • Real-time operating systems face unique security challenges since they cannot afford delays caused by antivirus or anti-malware processes.

Embedded Systems

Understanding Embedded Systems and High Availability

Characteristics of Embedded Systems

  • Embedded systems function as single components within larger devices, designed for a specific purpose without the capability to run multiple applications like traditional computing systems.
  • These systems are optimized for efficiency in performing their designated tasks, such as controlling traffic lights or providing time and weather information through digital watches.
  • Advanced embedded systems can be found in medical monitoring equipment, emphasizing their critical role in various industries.

Importance of High Availability (HA)

  • Security professionals prioritize maintaining uptime and availability of critical systems; high availability is one method to achieve this by ensuring continuous operation even if part of the system fails.
  • Redundancy involves having backup systems ready to take over when primary ones fail, but it does not guarantee immediate availability since manual intervention may be required.

Configuring High Availability

  • HA configurations can include pairs of firewalls that automatically switch operations if one fails, allowing uninterrupted service.
  • Some HA setups allow both firewalls to operate simultaneously, enhancing efficiency and ensuring seamless traffic flow during failures.

Cost Considerations in HA Design

Playlists: Page 3
Video description

Security+ Training Course Index: https://professormesser.link/701videos Professor Messer’s Course Notes: https://professormesser.link/701notes - - - - - New network services can introduce additional security concerns. In this video, you'll learn about virtualization, containerization, Internet of things, embedded systems, and more. - - - - - Subscribe to get the latest videos: https://professormesser.link/yt Calendar of live events: https://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: https://www.professormesser.com/ Twitter: https://www.professormesser.com/twitter Facebook: https://www.professormesser.com/facebook Instagram: https://www.professormesser.com/instagram LinkedIn: https://www.professormesser.com/linkedin