Description
Duration: 5 days
About this course
Our 5-Day Certification course covers incorporating and managing cloud technologies as part of broader system operations to meet particular business needs and work in various different industries. New technologies that support changes in the cloud market as companies and organizations become more dependent on cloud-based technologies to run critical systems, such as hybrid and multi-cloud are also covered in this course.
Audience Profile
CompTIA Cloud+ validates the skills needed to deploy and automate secure cloud environments that support the high availability of business systems and data.
Learning Objectives
Cloud Architecture & Design – Analyze the different cloud models to design the best solution to support business requirements.
Cloud Security – Manage and maintain servers, including OS configurations, access control and virtualization.
Cloud Deployment – Analyze system requirements to successfully execute workload migrations to the cloud.
Operations & Support – Maintain and optimize cloud environments, including proper automation and orchestration procedures, backup and restore operations, and disaster recovery tasks.
Troubleshooting – Troubleshoot capacity, automation, connectivity and security issues related to cloud implementations.
Certification Exam
This course is to be taken in preparation for the CV0-003 exam.
Prerequisites
CompTIA Network+ and Server+ and 2-3 years of experience in systems administration or networking.
What’s included?
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands-on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing- (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Academy for an engaging and effective learning experience.
Methods
- Instructor Led (the best training format we offer)
- Live Online Classroom – Online Instructor Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
Start | Finish | Public Price | Public Enroll | Private Price | Private Enroll |
---|---|---|---|---|---|
12/25/2023 | 12/29/2023 | ||||
1/15/2024 | 1/19/2024 | ||||
2/5/2024 | 2/9/2024 | ||||
2/26/2024 | 3/1/2024 | ||||
3/18/2024 | 3/22/2024 | ||||
4/8/2024 | 4/12/2024 | ||||
4/29/2024 | 5/3/2024 | ||||
5/20/2024 | 5/24/2024 | ||||
6/10/2024 | 6/14/2024 | ||||
7/1/2024 | 7/5/2024 | ||||
7/22/2024 | 7/26/2024 | ||||
8/12/2024 | 8/16/2024 | ||||
9/2/2024 | 9/6/2024 | ||||
9/23/2024 | 9/27/2024 | ||||
10/14/2024 | 10/18/2024 | ||||
11/4/2024 | 11/8/2024 | ||||
11/25/2024 | 11/29/2024 | ||||
12/16/2024 | 12/20/2024 | ||||
1/6/2025 | 1/10/2025 |
Curriculum
1.0 Cloud Architecture and Design
1.1 Compare and contrast the different types of cloud models.
• Deployment models
– Public
– Private
– Hybrid
– Community
– Cloud within a cloud
– Multicloud
– Multitenancy
• Service models
– Infrastructure as a Service (IaaS)
– Platform as a Service (PaaS)
– Software as a Service (SaaS)
• Advanced cloud services
– Internet of Things (IoT)
– Serverless
– Machine learning/Artificial intelligence (AI)
• Shared responsibility model
1.2 Explain the factors that contribute to capacity planning.
• Requirements
– Hardware
– Software
– Budgetary
– Business need analysis
• Standard templates
• Licensing
– Per-user
– Socket-based
– Volume-based
– Core-based
– Subscription
• User density
• System load
• Trend analysis
– Baselines
– Patterns
– Anomalies
• Performance capacity planning
1.3 Explain the importance of high availability and scaling in cloud environments.
• Hypervisors
– Affinity
– Anti-affinity
• Oversubscription
– Compute
– Network
– Storage
• Regions and zones
• Applications
• Containers
• Clusters
• High availability of network functions
– Switches
– Routers
– Load balancers
– Firewalls
• Avoid single points of failure
• Scalability
– Auto-scaling
– Horizontal scaling
– Vertical scaling
– Cloud bursting
1.4 Given a scenario, analyze the solution design in support of the business requirements.
• Requirement analysis
– Software
– Hardware
– Integration
– Budgetary
– Compliance
– Service-level agreement (SLA)
– User and business needs
– Security
– Network requirements
– Sizing
– Subnetting
– Routing
• Environments
– Development
– Quality assurance (QA)
– Staging
– Blue-green
– Production
– Disaster recovery (DR)
• Testing techniques
– Vulnerability testing
– Penetration testing
– Performance testing
– Regression testing
– Functional testing
– Usability testing
2.0 Security
2.1 Given a scenario, configure identity and access management.
• Identification and authorization
– Privileged access management
– Logical access management
– Account life-cycle management
– Provision and deprovision accounts
– Access controls
– Role-based
– Discretionary
– Non-discretionary
– Mandatory
• Directory services
– Lightweight directory access protocol (LDAP)
• Federation
• Certificate management
• Multifactor authentication (MFA)
• Single sign-on (SSO)
– Security assertion markup language (SAML)
• Public key infrastructure (PKI)
• Secret management
• Key management
2.2 Given a scenario, secure a network in a cloud environment.
• Network segmentation
– Virtual LAN (VLAN)/Virtual extensible LAN (VXLAN)/ Generic network virtualization
encapsulation (GENEVE)
– Micro-segmentation
– Tiering
• Protocols
– Domain name service (DNS)
– DNS over HTTPS (DoH)/DNS over TLS (DoT)
– DNS security (DNSSEC)
– Network time protocol (NTP)
– Network time security (NTS)
– Encryption
– IPSec
– Transport layer security (TLS)
– Hypertext transfer protocol secure (HTTPS)
– Tunneling
– Secure Shell (SSH)
– Layer 2 tunneling protocol (L2TP)/ Point-to-point tunneling protocol (PPTP)
– Generic routing encapsulation (GRE)
• Network services
– Firewalls
– Stateful
– Stateless
– Web application firewall (WAF)
– Application delivery controller (ADC)
– Intrusion protection system (IPS)/Intrusion detection system (IDS)
– Data loss prevention (DLP)
– Network access control (NAC)
– Packet brokers
• Log and event monitoring
• Network flows
• Hardening and configuration changes
– Disabling unnecessary ports and services
– Disabling weak protocols and ciphers
– Firmware upgrades
– Control ingress and egress traffic
– Allow list (previously known as whitelisting) or blocklist (previously known as
blacklisting)
– Proxy servers
– Distributed denial of service (DDoS) protection
2.3 Given a scenario, apply the appropriate OS and application security controls.
• Policies
– Password complexity
– Account lockout
– Application approved list (previously known as whitelisting)
– Software feature
– User/group
• User permissions
• Antivirus/anti-malware/endpoint detection and response (EDR)
• Host-based IDS (HIDS)/Host-based IPS (HIPS)
• Hardened baselines
– Single function
• File integrity
• Log and event monitoring
• Configuration management
• Builds
– Stable
– Long-term support (LTS)
– Beta
– Canary
• Operating system (OS) upgrades
• Encryption
– Application programming interface (API) endpoint
– Application
– OS
– Storage
– Filesystem
• Mandatory access control
• Software firewall
2.4 Given a scenario, apply data security and compliance controls in cloud environments.
• Encryption
• Integrity
– Hashing algorithms
– Digital signatures
– File integrity monitoring (FIM)
• Classification
• Segmentation
• Access control
• Impact of laws and regulations
– Legal hold
• Records management
– Versioning
– Retention
– Destruction
– Write once read many
• Data loss prevention (DLP)
• Cloud access security broker (CASB)
2.5 Given a scenario, implement measures to meet security requirements.
• Tools
– Vulnerability scanners
– Port scanners
• Vulnerability assessment
– Default and common credential scans
– Credentialed scans
– Network-based scans
– Agent-based scans
– Service availabilities
• Security patches
– Hot fixes
– Scheduled updates
– Virtual patches
– Signature updates
– Rollups
• Risk register
• Prioritization of patch application
• Deactivate default accounts
• Impacts of security tools on systems and services
• Effects of cloud service models on security implementation
2.6 Explain the importance of incident response procedures.
• Preparation
– Documentation
– Call trees
– Training
– Tabletops
– Documented incident types/categories
– Roles and responsibilities
• Incident response procedures
– Identification
– Scope
– Investigation
– Containment, eradication, and recovery
– Isolation
– Evidence acquisition
– Chain of custody
– Post-incident and lessons learned
– Root cause analysis
3.0 Deployment
3.1 Given a scenario, integrate components into a cloud solution.
• Subscription services
– File subscriptions
– Communications
– Email
– Voice over IP (VoIP)
– Messaging
– Collaboration
– Virtual desktop infrastructure (VDI)
– Directory and identity services
– Cloud resources
– IaaS
– PaaS
– SaaS
• Provisioning resources
– Compute
– Storage
– Network
• Application
– Serverless
• Deploying virtual machines (VMs) and custom images
• Templates
– OS templates
– Solution templates
• Identity management
• Containers
– Configure variables
– Configure secrets
– Persistent storage
• Auto-scaling
• Post-deployment validation
3.2 Given a scenario, provision storage in cloud environments.
• Types
– Block
– Storage area network (SAN)
– Zoning
– File
– Network attached storage (NAS)
– Object
– Tenants
– Buckets
• Tiers
– Flash
– Hybrid
– Spinning disks
– Long-term
• Input/output operations per second (IOPS) and read/write
• Protocols
– Network file system (NFS)
– Common Internet file system (CIFS)
– Internet small computer system interface (iSCSI)
– Fibre Channel (FC)
– Non-volatile memory express over fabrics (NVMe-oF)
• Redundant array of inexpensive disks (RAID)
– 0
– 1
– 5
– 6
– 10
• Storage system features
– Compression
– Deduplication
– Thin provisioning
– Thick provisioning
– Replication
• User quotas
• Hyperconverged
• Software-defined storage (SDS)
3.3 Given a scenario, deploy cloud networking solutions.
• Services
– Dynamic host configuration protocol (DHCP)
– NTP
– DNS
– Content delivery network (CDN)
– IP address management (IPAM)
• Virtual private networks (VPNs)
– Site-to-site
– Point-to-point
– Point-to-site
– IPSec
– Multiprotocol label switching (MPLS)
• Virtual routing
– Dynamic and static routing
– Virtual network interface controller (vNIC)
– Subnetting
• Network appliances
– Load balancers
– Firewalls
• Virtual private cloud (VPC)
– Hub and spoke
– Peering
• VLAN/VXLAN/GENEVE
• Single root input/output virtualization (SR-IOV)
• Software-defined network (SDN)
3.4 Given a scenario, configure the appropriate compute sizing for a deployment.
• Virtualization
– Hypervisors
– Type 1
– Type 2
– Simultaneous multi-threading (SMT)
– Dynamic allocations
– Oversubscription
• Central processing unit (CPU)/ virtual CPU (vCPU)
• Graphics processing unit (GPU)
– Virtual
– Shared
– Pass-through
• Clock speed/Instructions per cycle (IPC)
• Hyperconverged
• Memory
– Dynamic allocation
– Ballooning
3.5 Given a scenario, perform cloud migrations.
• Physical to virtual (P2V)
• Virtual to virtual (V2V)
• Cloud-to-cloud migrations
– Vendor lock-in
– PaaS or SaaS migrations
– Access control lists (ACLs)
– Firewalls
• Storage migrations
– Block
– File
– Object
• Database migrations
– Cross-service migrations
– Relational
– Non-relational
4.0 Operations and Support
4.1 Given a scenario, configure logging, monitoring, and alerting to maintain operational status.
• Logging
– Collectors
– Simple network management protocol (SNMP)
– Syslog
– Analysis
– Severity categorization
– Audits
– Types
– Access/authentication
– System
– Application
– Automation
– Trending
• Monitoring
– Baselines
– Thresholds
– Tagging
– Log scrubbing
– Performance monitoring
– Application
– Infrastructure components
– Resource utilization
– Availability
– SLA-defined uptime requirements
– Verification of continuous monitoring activities
– Service management tool integration
• Alerting
– Common messaging methods
– Enable/disable alerts
– Maintenance mode
– Appropriate responses
– Policies for categorizing and communicating alerts
4.2 Given a scenario, maintain efficient operation of a cloud environment.
• Confirm completion of backups
• Life-cycle management
– Roadmaps
– Old/current/new versions
– Upgrading and migrating systems
– Deprecations or end of life
• Change management
• Asset management
– Configuration management database (CMDB)
• Patching
– Features or enhancements
– Fixes for broken or critical infrastructure or applications
– Scope of cloud elements to be patched
– Hypervisors
– VMs
– Virtual appliances
– Networking components
– Applications
– Storage components
– Firmware
– Software
– OS
– Policies
– n-1
– Rollbacks
• Impacts of process improvements on systems
• Upgrade methods
– Rolling upgrades
– Blue-green
– Canary
– Active-passive
– Development/QA/production/DR
• Dashboard and reporting
– Tagging
– Costs
– Chargebacks
– Showbacks
– Elasticity usage
– Connectivity
– Latency
– Capacity
– Incidents
– Health
– Overall utilization
– Availability
4.3 Given a scenario, optimize cloud environments.
• Right-sizing
– Auto-scaling
– Horizontal scaling
– Vertical scaling
– Cloud bursting
• Compute
– CPUs
– GPUs
– Memory
– Containers
• Storage
– Tiers
– Adaptive optimization
– IOPS
– Capacity
– Deduplication
– Compression
• Network
– Bandwidth
– Network interface controllers (NICs)
– Latency
– SDN
– Edge computing
– CDN
• Placement
– Geographical
– Cluster placement
– Redundancy
– Colocation
• Device drivers and firmware
– Generic
– Vendor
– Open source
4.4 Given a scenario, apply proper automation and orchestration techniques.
• Infrastructure as code
– Infrastructure components and their integration
• Continuous integration/continuous deployment (CI/CD)
• Version control
• Configuration management
– Playbook
• Containers
• Automation activities
– Routine operations
– Updates
– Scaling
– Shutdowns
– Restarts
– Create internal APIs
• Secure scripting
– No hardcoded passwords
– Use of individual service accounts
– Password vaults
– Key-based authentication
• Orchestration sequencing
4.5 Given a scenario, perform appropriate backup and restore operations.
• Backup types
– Incremental
– Differential
– Full
– Synthetic full
– Snapshot
• Backup objects
– Application-level backup
– Filesystem backup
– Database dumps
– Configuration files
• Backup targets
– Tape
– Disk
– Object
• Backup and restore policies
– Retention
– Schedules
– Location
– SLAs
– Recovery time objective (RTO)
– Recovery point objective (RPO)
– Mean time to recovery (MTTR)
– 3-2-1 rule
– Three copies of data
– Two different media
– One copy off site
• Restoration methods
– In place
– Alternate location
– Restore files
– Snapshot
4.6 Given a scenario, perform disaster recovery tasks.
• Failovers
• Failback
• Restore backups
• Replication
• Network configurations
• On-premises and cloud sites
– Hot
– Warm
– Cold
• Requirements
– RPO
– RTO
– SLA
– Corporate guidelines
• Documentation
– DR kit
– Playbook
– Network diagram
• Geographical datacenter requirements
5.0 Troubleshooting
5.1 Given a scenario, use the troubleshooting methodology to resolve cloud-related issues.
• Always consider corporate policies, procedures, and impacts
before implementing changes.
1. Identify the problem
– Question the user and identify user changes to the computer and perform backups before making changes
– Inquire regarding environmental or infrastructure changes
2. Establish a theory of probable cause (question the obvious)
– If necessary, conduct external or internal research based on symptoms
3. Test the theory to determine cause
– Once the theory is confirmed, determine the next steps to resolve the problem
– If the theory is not confirmed, re-establish a new theory or escalate
4. Establish a plan of action to resolve the problem and implement the solution
5. Verify full system functionality and, if applicable, implement preventive measures
6. Document the findings, actions, and outcomes throughout the process.
5.2 Given a scenario, troubleshoot security issues.
• Privilege
– Missing
– Incomplete
– Escalation
– Keys
• Authentication
• Authorization
• Security groups
– Network security groups
– Directory security groups
• Keys and certificates
– Expired
– Revoked
– Trust
– Compromised
– Misconfigured
• Misconfigured or misapplied policies
• Data security issues
– Unencrypted data
– Data breaches
– Misclassification
– Lack of encryption in protocols
– Insecure ciphers
• Exposed endpoints
• Misconfigured or failed security appliances
– IPS
– IDS
– NAC
– WAF
• Unsupported protocols
• External/internal attacks
5.3 Given a scenario, troubleshoot deployment issues.
• Connectivity issues
– Cloud service provider (CSP) or Internet service provider (ISP) outages
• Performance degradation
– Latency
• Configurations
– Scripts
• Applications in containers
• Misconfigured templates
• Missing or incorrect tags
• Insufficient capacity
– Scaling configurations
– Compute
– Storage
– Bandwidth issues
– Oversubscription
• Licensing issues
• Vendor-related issues
– Migrations of vendors or platforms
– Integration of vendors or platforms
– API request limits
– Cost or billing issues
5.4 Given a scenario, troubleshoot connectivity issues.
• Network security group misconfigurations
– ACL
– Inheritance
• Common networking configuration issues
– Peering
– Incorrect subnet
– Incorrect IP address
– Incorrect IP space
– Routes
– Default
– Static
– Dynamic
– Firewall
– Incorrectly administered micro-segmentation
– Network address translation (NAT)
– VPN
– Source
– Destination
– Load balancers
– Methods
– Headers
– Protocols
– Encryption
– Back ends
– Front ends
– DNS records
– VLAN/VXLAN/GENEVE
– Proxy
– Maximum transmission unit (MTU)
– Quality of service (QoS)
– Time synchronization issues
• Network troubleshooting tools
– ping
– tracert/traceroute
– flushdns
– ipconfig/ifconfig/ip
– nslookup/dig
– netstat/ss
– route
– arp
– curl
– Packet capture
– Packet analyzer
– OpenSSL client
5.5 Given a scenario, troubleshoot common performance issues.
• Resource utilization
– CPU
– GPU
– Memory
– Storage
– I/O
– Capacity
– Network bandwidth
– Network latency
– Replication
– Scaling
• Application
– Memory management
– Service overload
• Incorrectly configured or failed load balancing
5.6 Given a scenario, troubleshoot automation or orchestration issues.
• Account mismatches
• Change management failures
• Server name changes
• IP address changes
• Location changes
• Version/feature mismatch
• Automation tool incompatibility
– Deprecated features
– API version incompatibility
• Job validation issue
• Patching failure