Objectives Upon completion of this chapter, you will be able to answer the following questions: • What is the difference between the roles of the MAC address and the IP address? • Why it is important to contain broadcasts within a network? Key Terms This chapter uses the following key terms. You can find the…
Web Application Firewall (WAF)
Web Application Firewall (WAF) AWS Web Application Firewall (WAF) is a managed security service that helps protect web applications from common web exploits and malicious traffic. When you use this service, you define customizable security rules to filter and block potentially harmful requests. By leveraging AWS WAF, organizations can fortify their web applications against various…
Gateways to Other Networks Summary
The following is a summary of each topic in the chapter and some questions for your reflection. What Did I Learn in this Module? (12.3.1) • Network Boundaries— Every host on a network must use the router as a gateway to other networks. Therefore, each host must know the IPv4 address of the router interface…
Some AWS Security Features
Some AWS Security Features I want to be perfectly clear: There are currently a ton of security services and tools in the AWS portfolio of products. In this section of the chapter, we will explore two that are fundamental to the operation of AWS: security groups and network access control lists (NACLs). We will also…
Routers as Boundaries Between Networks
The wireless router acts as a DHCP server for all local hosts attached to it, either by Ethernet cable or wirelessly. These local hosts are referred to as being located on an internal, or inside, network. Most DHCP servers are configured to assign private addresses to the hosts on the internal network, rather than internet…
Other Access Management-Related AWS Services
Other Access Management-Related AWS Services At this point in this text, I am sure you are not surprised to learn that there are plenty of services available in AWS to assist with identity and access management. Let’s look at just some of them here: AWS IAM Identity Center: This service was previously named AWS Single…
Gateways to Other Networks – 100-150 Exam Guide
Objectives Upon completion of this chapter, you will be able to answer the following questions: • What are network boundaries? • What is the purpose of Network Address Translation in small networks? Key Terms This chapter uses the following key terms. You can find the definitions in the Glossary. Network Address Translation (NAT) Introduction (12.0)…
Best Practices with IAM – CLF-C02 Exam Guide
Review IAM permissions: You should not use a “set and forget” policy when it comes to your permissions in IAM. You should consistently review the permissions level assigned to ensure that you are following least privilege concepts and that you are still granting those permissions to the groups that require them. There is even a…
Best Practices with IAM – CLF-C02 Exam Guide
Best Practices with IAM While IAM in AWS provides many exciting capabilities, its complexity can cause organizations to make fatal mistakes when working with the service. This section highlights some best practices that can save you from making such mistakes. You should consider following most (if not all) of these recommendations: Use the root account…
Dynamic Addressing with DHCP Summary
The following is a summary of each topic in the chapter and some questions for your reflection. What Did I Learn in this Module? (11.3.1) • Static and Dynamic Addressing—With a static assignment, the network administrator must manually configure the network information for a host. At a minimum, this includes the host IPv4 address, subnet…