Chapter 8: Network Services, Virtualization and Cloud Computing

A+ Core 1 — 220-1101  |  Objectives 2.4, 4.1, 4.2
Chapter 8:
Network Services, Virtualization & Cloud
Server roles, DNS, authentication, IoT, cloud service models, and hypervisor types. The infrastructure layer every A+ technician must understand.
22 Slides Objectives 2.4 • 4.1 • 4.2 Cloud • Virtualization • DNS • IoT Exam 220-1101
Slide 2 of 22
Server Roles Overview
Networks rely on specialized servers to provide essential services to clients.
Web Server
Hosts websites and web apps. Responds to HTTP (port 80) and HTTPS (port 443) requests. Examples: Apache, IIS, Nginx. Delivers HTML, CSS, JS and dynamic content to browser clients.
File Server
Centralized storage for network files. Manages permissions and access control. Uses SMB on Windows networks, NFS on Linux. Enables shared drives mapped across the domain.
Print Server
Manages networked printers and print job queuing. Can be dedicated hardware or a software role on an existing server. Centralizes printer configuration and driver deployment.
Mail Server
Sends and receives email. Provides anti-spam filtering and quarantine. Protocols: SMTP port 25 (sending), POP3 port 110, IMAP port 143 (receiving). Exchange and Postfix are common examples.
DHCP Server
Automatically assigns IP addresses via the DORA process: Discover, Offer, Request, Acknowledge. Manages scope (IP pool), leases, and static reservations by MAC address.
Proxy Server
Acts as intermediary between clients and the internet. Provides caching (faster repeat requests), content filtering (blocks unwanted sites), and hides client identity from external servers.
Exam Tip: DORA
Remember DORA for DHCP: Discover (client broadcasts) → Offer (server responds) → Request (client selects) → Acknowledge (server confirms). This is heavily tested.
Slide 3 of 22
Dedicated vs. Non-Dedicated Servers
The role a machine plays determines how it should be configured and secured.
Dedicated Server
Performs only server functions. Hardware is optimized for its specific role (file serving, web hosting, database). No user workload. Higher performance, better security posture. Standard in enterprise environments and data centers. Resources are not shared with user activity.
Non-Dedicated Server
Provides services while also being used as a workstation. Common in small offices and home networks. A user PC sharing files or a printer while someone works on it. Performance is reduced and attack surface is increased compared to a dedicated server.
When to Use Dedicated
High-availability environments, regulated industries, any workload requiring consistent uptime. Domain controllers, database servers, and authentication servers must be dedicated.
Non-Dedicated Risk
User errors, malware on the desktop, or resource contention can bring down services. Acceptable for small offices; not acceptable for production environments serving more than a handful of users.
A small 5-person office has one PC sharing a printer and a folder. That is a non-dedicated server. When the business grows to 20 employees, a dedicated file/print server becomes necessary. Know which scenario the exam is describing.
Slide 4 of 22
DNS Hierarchy
The Domain Name System translates human-readable names to IP addresses through a distributed tree structure.
Root Level
13 sets of root name servers operated globally (labeled A through M). Represented as a single dot "." at the top of the DNS tree. Every DNS query ultimately traces back here if not cached locally. Maintained by ICANN and partner organizations.
Top Level Domains (TLDs)
First level below root. Generic TLDs: .com, .org, .net, .edu, .gov. Country-code TLDs: .uk, .de, .jp. Sponsored TLDs: .mil (US military). Each TLD is delegated to a registry organization. IANA oversees the root zone.
Second Level & Hosts
Second level domains are registered by organizations (google, microsoft, harvard). Host names sit below that: www, mail, ftp. Full FQDN reads right to left: www.google.com. = host . domain . TLD . root. The trailing dot is implied in browsers.
How a DNS Query Works
Client checks local cache → checks /etc/hosts (or Windows HOSTS file) → queries configured DNS server → recursive resolver queries root → TLD server → authoritative name server → returns A record to client. Result is cached with TTL.
Slide 5 of 22
DNS Resource Records
Zone files contain resource records (RRs) that map names to addresses and services.
Record Purpose Example
AMaps hostname to IPv4 address (32-bit)www.example.com → 192.168.1.1
AAAAMaps hostname to IPv6 address (128-bit)www.example.com → 2001:db8::1
MXMail Exchange — identifies the mail server for a domainexample.com → mail.example.com
CNAMECanonical Name — alias pointing to another hostnamewww → webserver.example.com
PTRPointer record — reverse lookup (IP to name)192.168.1.1 → www.example.com
TXTText record — used for SPF, DKIM, domain verificationv=spf1 include:... ~all
Exam Tip: A vs AAAA
A record = IPv4 (32-bit, 4 octets). AAAA record = IPv6 (128-bit). The "quad-A" name has 4 letters for the 4x larger address space. This distinction appears frequently on exams.
Memory Trick
A = Address (IPv4) • AAAA = four A's for IPv6MX = Mail eXchange • CNAME = alias • PTR = reverse
Slide 6 of 22
Authentication & AAA Framework
Three distinct functions that together govern secure network access.
Authentication
"Who are you?" Verifies user identity before granting access. Methods: username/password, smart cards, certificates, biometrics, one-time passwords (OTP), and multi-factor authentication (MFA). Credentials must be validated against a trusted directory.
Authorization
"What can you do?" Determines what resources and actions an authenticated user is permitted. Based on roles, group memberships, access control lists (ACLs), and policies. A user can be authenticated but still denied access to specific resources.
Accounting
"What did you do?" Tracks and logs user activity: login times, resources accessed, commands executed. Enables auditing, forensic investigation, and billing. Syslog and RADIUS accounting are common mechanisms.
ProtocolTypeTransportEncryptionKey Feature
RADIUSOpen StandardUDPPassword onlyAuthentication + Authorization; widely supported
TACACS+Cisco ProprietaryTCPFull packetFull AAA; granular command authorization for routers
Exam Tip: RADIUS vs TACACS+
RADIUS = Open standard, UDP, encrypts password only. TACACS+ = Cisco proprietary, TCP, encrypts entire packet, supports full AAA with per-command authorization. If the scenario mentions Cisco devices and granular control, choose TACACS+.
Slide 7 of 22
Syslog Severity Levels
Standard protocol for collecting and storing log messages from network devices. Lower number = more severe.
LevelNameDescription
0EmergencySystem is unusable
1AlertImmediate action required
2CriticalCritical conditions
3ErrorError conditions
4WarningWarning conditions
5NoticeNormal but significant
6InformationalInformational messages
7DebugDebug-level messages
Memory Trick
"Every Alley Cat Eats Watery Noodle In Dishes"
Emergency(0) – Alert(1) – Critical(2) – Error(3) – Warning(4) – Notice(5) – Informational(6) – Debug(7)
Syslog Architecture
Clients send messages with a Facility Code (0–23, device type) and Severity Level. Servers collect, store, and filter. Listener receives on UDP 514. Syslog-ng and rsyslog are common server implementations.
Slide 8 of 22
Internet Appliances
Specialized network devices that improve security, performance, and management without general-purpose OS overhead.
Spam Gateway
Filters malicious and unwanted emails before they reach the mail server. Blocks phishing attempts, quarantines suspicious messages, and enforces sender policy. Sits between the internet and the internal mail server as the first inbound MX hop.
UTM (Unified Threat Management)
"Swiss Army knife" of network security. Combines: Firewall + IDS/IPS + Antivirus + VPN + Content filtering into one appliance. Simplifies management; single vendor for multiple security functions. Popular in SMB environments that lack dedicated security staff.
Load Balancer
Distributes incoming traffic across multiple servers. Provides performance (faster response), scalability (add servers without downtime), and reliability (session persists if one server fails). Layer 4 (transport) or Layer 7 (application) operation.
DMZ & Screened Subnet
Also called Perimeter Network. A network segment between the internal LAN and the internet, protected by firewalls on both sides. Hosts public-facing services (web, mail) while isolating the internal network. Compromise of a DMZ host does not automatically expose the LAN.
Exam Tip
UTM = "unifies multiple security features onto a single platform." Load balancer = distributes traffic for redundancy and performance. DMZ = sits between two firewalls, hosts public-facing services. Know all three definitions cold.
Slide 9 of 22
Legacy & Embedded Systems
Older and purpose-built systems that remain in production due to cost, compatibility, or specialized function.
Legacy Systems
Older hardware, software, or protocols still in use because replacement is too costly or disruptive. May lack modern security features, receive no vendor patches, and require compatibility shims. Security posture depends on network isolation and compensating controls.
Embedded Systems
Small or large non-computer devices with software on microcontrollers dedicated to a specific function. Examples: building HVAC controllers, medical infusion pumps, industrial PLCs. Often run real-time operating systems (RTOS). Update cycles measured in years, not weeks.
SCADA
Supervisory Control and Data Acquisition. Industrial control systems managing infrastructure: power grids, water treatment plants, oil pipelines, manufacturing. Often legacy/embedded. Target of nation-state attacks. Air-gapping and strict network segmentation are common mitigations.
IoT Security Risks
IoT devices (smart thermostats, cameras, doorbells, voice assistants) often ship with weak default passwords, no update mechanism, and minimal security design. Each device is a potential entry point. Best practice: isolate IoT on a separate VLAN, change default credentials, disable unused features.
A hospital uses infusion pumps running a 2008 embedded OS. They cannot be patched. The correct mitigation is network segmentation: place medical devices on an isolated VLAN with no internet access and strict firewall rules. This is a tested scenario pattern.
Slide 10 of 22
Internet of Things (IoT)
Everyday objects connected to the internet, enabling automation and remote management.
Home Automation
Smart thermostats (Nest, Ecobee), lighting systems, window treatments, sprinkler controllers. All connect via Wi-Fi or Z-Wave/Zigbee to a hub or direct cloud service. Reduce energy consumption and enable remote management.
Home Security
Smart door locks, video doorbells (Ring), security cameras, and motion sensors. Stream video to cloud services. Enable remote lock/unlock and instant alert notifications. Attack surface includes cloud accounts, mobile apps, and the devices themselves.
Voice Assistants
Amazon Alexa, Google Assistant, Apple HomePod. Always-listening microphones. Control other smart devices by voice command. Privacy concerns: audio data uploaded to cloud. In enterprise, often prohibited in conference rooms due to eavesdropping risk.
IoT Security Checklist
Change all default passwords immediately. Apply firmware updates. Disable unused features (UPnP, remote access). Isolate on a dedicated IoT VLAN. Monitor for abnormal outbound traffic. These devices are a common lateral movement entry point.
Exam Tip
IoT security is a growing concern on the A+ exam. The exam expects you to know: (1) change default credentials, (2) isolate IoT devices from the main network, (3) keep firmware updated. These three points cover most IoT scenario questions.
Slide 11 of 22
Cloud Service Models (IaaS / PaaS / SaaS)
Three tiers of cloud service, each shifting more management responsibility to the provider.
IaaS — Infrastructure as a Service
Provider gives: network hardware, storage, servers, virtualization layer. You manage: OS, middleware, applications, data. Pay for what you use. Maximum flexibility; maximum responsibility. Examples: AWS EC2, Azure VMs, Google Compute Engine.
PaaS — Platform as a Service
Builds on IaaS. Provider adds: OS, runtime, middleware, development tools. You manage: applications and data only. Ideal for developers who want to deploy without managing servers. Examples: Google App Engine, Azure App Service, Heroku.
SaaS — Software as a Service
Subscription-based. Provider manages everything: hardware, OS, runtime, and the application itself. You manage only your data and user configuration. Examples: Google Workspace, Microsoft 365, Salesforce, Dropbox.
LayerOn-PremisesIaaSPaaSSaaS
ApplicationsYouYouYouProvider
DataYouYouYouYou
OS / RuntimeYouYouProviderProvider
Servers / NetworkYouProviderProviderProvider
IaaS PaaS SaaS Applications Data OS / Runtime Servers / Net Virtualization YOU YOU YOU PROVIDER PROVIDER YOU YOU PROVIDER PROVIDER PROVIDER PROVIDER YOU (data only) PROVIDER PROVIDER PROVIDER
Memory Trick
IaaS = "I" manage the most (raw infrastructure). PaaS = "P"rogrammers love it (platform and tools included). SaaS = "S"imple to use (just log in).
Slide 12 of 22
Cloud Deployment Models
Who owns and operates the infrastructure determines which deployment model applies.
TypeDescriptionBest For
Private CloudDedicated infrastructure for one org; on-premises or hosted; single-tenantEnterprises with compliance/security requirements
Public CloudShared infrastructure from third-party provider; multi-tenantStartups, variable workloads, cost optimization
Hybrid CloudMix of private and public; data and apps move between environmentsOrganizations needing flexibility and compliance
Community CloudShared by organizations with common needs; costs are pooledGovernment agencies, healthcare, research consortia
PUBLIC CLOUD Multi-tenant / AWS, Azure, GCP PRIVATE Single-tenant COMMUNITY Shared org group HYBRID Private + Public mix Public Private Community Hybrid = overlap of Private + Public
Key Cloud Characteristics (NIST)
On-Demand Self-Service: Provision without human intervention
Broad Network Access: Access from any device
Resource Pooling: Multi-tenant shared resources
Rapid Elasticity: Scale up/down instantly
Measured Service: Pay only for what you use
Cloud Storage Services
Dropbox: 2 GB free • iCloud: 5 GB free • OneDrive: 5 GB free • Box: 10 GB free • Google Drive: 15 GB free. Sync apps run in background mirroring local folders to cloud, enabling access from any device and automatic backup.
Slide 13 of 22
Cloud Characteristics
NIST defines five essential characteristics that distinguish true cloud computing.
Rapid Elasticity
Resources can be scaled up or down instantly based on demand. Scale a web farm from 2 to 200 instances in minutes during a traffic spike, then scale back to save cost. Pay-as-you-grow model eliminates overprovisioning. This is the most tested cloud characteristic on the exam.
On-Demand Self-Service
Users can provision computing resources (storage, VMs, bandwidth) through a self-service portal without requiring human interaction from the provider. Immediate access to resources 24/7 via web console or API. No waiting for hardware procurement or datacenter work orders.
Resource Pooling
Provider's resources are pooled to serve multiple consumers (multi-tenancy). Physical and virtual resources are dynamically assigned based on demand. Customers generally do not know or control the physical location of resources. Economies of scale benefit both provider and customer.
Measured Service
Resource usage is metered and reported. Customers pay only for what they consume: compute hours, GB stored, data transferred. Transparency in billing. Supports chargeback models in enterprise IT. Contrast with traditional IT: fixed hardware cost regardless of utilization.
High Availability Tiers
99.9% uptime = "three nines" = 8.7 hours downtime/year. 99.99% = "four nines" = 52 minutes/year. 99.999% = "five nines" = 5 minutes/year. Cloud SLAs define which tier is guaranteed. Redundancy, failover, and geographic distribution achieve higher nines.
Slide 14 of 22
Hypervisor Types
A hypervisor (Virtual Machine Manager) allows multiple operating systems to share a single physical host.
Type 1 — Bare Metal
Installs directly on physical hardware. No host OS layer. The hypervisor IS the operating layer. Maximum performance because there is no host OS overhead. Used in servers and data centers. Examples: VMware ESXi, Microsoft Hyper-V, Citrix XenServer, KVM (when used as primary OS).
Type 2 — Hosted
Runs on top of an existing host operating system as an application. The host OS adds a layer of overhead. Easier to set up for desktop use. Used for development, testing, and personal lab environments. Examples: Oracle VirtualBox, VMware Workstation, Parallels Desktop (macOS).
FeatureType 1 (Bare Metal)Type 2 (Hosted)
Runs onDirectly on hardwareOn top of existing OS
PerformanceBetter (no host OS overhead)Lower (host OS adds overhead)
Use caseProduction servers, data centersDesktop labs, dev/test
ExamplesESXi, Hyper-V, XenServerVirtualBox, VMware Workstation
Type 1 — Bare Metal HARDWARE (Physical Server) HYPERVISOR (VMware ESXi / Hyper-V) VM 1 VM 2 VM 3 No host OS overhead — maximum performance Type 2 — Hosted HARDWARE (Laptop / Workstation) HOST OS (Windows / macOS / Linux) HYPERVISOR APP (VirtualBox / VMware WS) VM 1 VM 2 Host OS adds overhead — easy desktop setup
Memory Trick
Type 1 = #1 performance (bare metal, no host OS). Type 2 = 2 layers (host OS + hypervisor stacked on top). If the scenario mentions servers or data centers, Type 1. If it mentions running VMs on a laptop, Type 2.
Slide 15 of 22
Virtual Machine Use Cases
Why organizations run VMs and the specific advantages each use case provides.
Server Consolidation
Run multiple logical servers on one physical machine. A physical host running 20 VMs replaces 20 physical servers. Reduces hardware cost, power consumption, cooling, and datacenter floor space. Reduces e-waste. ROI is typically achieved within 12–18 months.
Sandbox Testing
Isolated environment for evaluating software, testing configurations, or analyzing malware. Changes do not affect the host. Snapshot before testing; revert after. Security teams run malware in sandboxed VMs to observe behavior without risk to production systems.
Development & QA
Developers spin up VMs matching the production environment. Test against different OS versions. Create snapshot before a destructive test; rollback in seconds. CI/CD pipelines provision disposable VMs for each build. Eliminates "works on my machine" problems.
Snapshot Capability
A snapshot captures the complete VM state at a point in time: disk, memory, CPU state. Revert to any snapshot instantly. Critical for testing patch deployments on production-like VMs before applying to physical systems. Does not replace backup for long-term data protection.
VM Requirements
To run 64-bit VMs: CPU must support hardware virtualization. Enable Intel VT-x or AMD-V in UEFI before installing a hypervisor. Disabled by default on many OEM systems. Failure to enable causes "This host does not support VT-x" errors on first VM creation.
Slide 16 of 22
VM Network Configuration
How virtual machines connect to networks and communicate with the host and external systems.
Bridged
VM appears as a separate device on the physical network. Gets its own IP from DHCP or static assignment. Can be accessed by any device on the network. Best for servers that need to be reachable from other machines. Most closely mimics a physical machine.
NAT (Network Address Translation)
VM shares the host's IP address. The hypervisor translates outbound traffic. VM can reach the internet but external devices cannot initiate connections to the VM. Best for general internet use where inbound access is not needed. Default in VirtualBox and VMware Workstation.
Host-Only
VM can communicate with the host and other VMs on the same host-only network, but has no external network access. Used for isolated test environments, internal lab networks, or when security requires the VM to have no internet connectivity.
VM Resource Allocation
Assign vCPUs, RAM, and virtual disk based on workload. Do not over-commit memory on a Type 2 hypervisor or the host OS will thrash. On Type 1 hypervisors, memory ballooning and overcommit are managed by the hypervisor with memory pages shared where possible.
NIC Teaming & vSwitches
Virtual switches (vSwitches) connect VMs to each other and to physical NICs. NIC teaming bonds multiple physical NICs for bandwidth aggregation or failover. VLANs can be applied to virtual port groups just like on physical switches.
PHYSICAL HOST VIRTUAL SWITCH (vSwitch) VM 1 10.0.0.10 VM 2 10.0.0.11 VM 3 10.0.0.12 VM 4 10.0.0.13 Physical NIC External Network
Slide 17 of 22
Endpoint Management Server
Centralized control of client devices across the network from a single management platform.
Core Functions
Deploy security policies to all endpoints. Install, update, and remove operating systems remotely. Centralized backup management and monitoring. Inventory hardware and software across all managed devices. Enforce compliance posture (patch levels, AV signatures, encryption status).
Software Deployment
Push applications to user machines silently in the background. Manage license compliance. Schedule updates during off-hours maintenance windows. Roll back failed deployments. Create deployment groups by department, location, or machine type. Examples: SCCM, Intune, Jamf.
Remote Control & Assistance
Take control of remote machines for troubleshooting. View the desktop, run commands, transfer files. Tools: Microsoft Quick Assist, Remote Desktop, TeamViewer, LogMeIn. Authentication and logging are required for security and audit trail compliance.
Asset Tracking
Maintain inventory of all managed endpoints: hardware specs, installed software, OS version, warranty status. Automate discovery of new devices joining the network. Track software licenses against installed counts. Generate compliance reports for audits.
An IT department must push a critical security patch to 500 workstations before 5 PM. Without an endpoint management server, that requires 500 manual logins. With SCCM or Intune, a single policy deployment handles all 500 machines in parallel.
Slide 18 of 22
Cloud Exam Keyword Mapping
When the exam asks "Which cloud model...?" look for these trigger words in the scenario.
Keyword in QuestionCorrect AnswerWhy
Virtual servers, raw computing, AWS EC2IaaSProvider gives infrastructure; you manage OS and up
Development platform, deploy apps, App EnginePaaSProvider adds runtime and tools; you write code
Subscription, web-based app, Office 365SaaSProvider manages everything; you just use the app
Own infrastructure, single tenant, compliancePrivate CloudOrg owns and controls all resources
AWS, Azure, Google Cloud, sharedPublic CloudThird-party multi-tenant
Mix on-premises + AWS, burst to cloudHybrid CloudCombination of private and public
Scale up instantly, handle traffic spikeRapid ElasticityNIST characteristic: dynamic scaling
Pay per use, metered billingMeasured ServiceNIST characteristic: usage-based billing
Slide 19 of 22
Scenario Practice
A+ style questions. Cover the answers and reason through each before revealing.
Q1
A company uses AWS to run virtual servers and manages their own OS and applications. Which cloud model is this? — IaaS. Provider supplies virtual infrastructure; customer manages OS and applications.
Q2
A technician's hypervisor runs directly on hardware with no underlying OS. Which hypervisor type is this? — Type 1 (Bare Metal). Direct hardware access, no host OS layer.
Q3
Which authentication protocol is Cisco proprietary, uses TCP, and encrypts the entire packet? — TACACS+. RADIUS is open standard, uses UDP, and only encrypts the password.
Q4
A DNS query for webmail.company.com returns a CNAME record pointing to mail.company.com. What does this mean? — webmail is an alias. The actual mail server is at mail.company.com. A separate A record resolves mail.company.com to its IP.
Q5
Syslog message level 2 arrives on the server. What does this indicate? — Critical. Level 0=Emergency, 1=Alert, 2=Critical. Lower number = more severe.
Q6
An IoT device on the network sends unusual outbound traffic to an unknown IP. First mitigation step? — Isolate the device immediately (VLAN or port disable), then investigate firmware and credentials.
Slide 20 of 22
Chapter 8 Quick Reference
Key terms, ports, and abbreviations from this chapter.
Ports to Memorize
HTTP — 80 • HTTPS — 443
SMTP — 25 • POP3 — 110
IMAP — 143 • DNS — 53
DHCP — 67/68 • Syslog — 514 (UDP)
RADIUS — 1812/1813 • TACACS+ — 49
Acronym Reference
AAA — Authentication, Authorization, Accounting
DHCP — Dynamic Host Configuration Protocol
DMZ — Demilitarized Zone
DORA — Discover, Offer, Request, Acknowledge
UTM — Unified Threat Management
SCADA — Supervisory Control and Data Acquisition
VMM — Virtual Machine Manager (Hypervisor)
Cloud Service Tiers
IaaS — You manage OS and above
PaaS — You manage apps and data
SaaS — You manage only data
Private — Single tenant, org controlled
Public — Multi-tenant, provider controlled
Hybrid — Mix of private and public
Hypervisors
Type 1 — Bare metal (ESXi, Hyper-V)
Type 2 — Hosted (VirtualBox, Workstation)
VT-x / AMD-V — Enable in UEFI first
Snapshot — Point-in-time state capture
Bridge/NAT/Host-Only — VM network modes
Slide 21 of 22
Exam Practice: More Scenarios
Six additional A+ style questions covering cloud, virtualization, and network services.
Q1
An organization needs resources that can scale up instantly during a product launch then scale back down. Which cloud characteristic describes this? — Rapid Elasticity. Resources scale dynamically on demand.
Q2
A developer uses VirtualBox on their Windows laptop to run a Linux VM for testing. Which hypervisor type? — Type 2. VirtualBox runs on top of the Windows host OS.
Q3
A load balancer distributes requests to three web servers. One server fails. What happens to traffic? — The load balancer detects the failure and reroutes all traffic to the remaining two healthy servers automatically.
Q4
Which DNS record type is used to point webmail.example.com to the actual mail server hostname? — CNAME (Canonical Name). It creates an alias from webmail to the real hostname.
Q5
A customer pays for Google Workspace per user per month. Which service model is this? — SaaS. Subscription-based, provider manages everything, user just uses the application.
Q6
Which appliance combines firewall, IDS/IPS, antivirus, and VPN in a single device? — UTM (Unified Threat Management). It unifies multiple security features onto a single platform.
Slide 22 of 22 — Chapter 8 Complete
Chapter 8 Summary
Eight key takeaways from Network Services, Virtualization and Cloud Computing.
1
Server roles include web (80/443), file (SMB/NFS), print, mail (25/110/143), DHCP (DORA), and proxy. Each has a specific function and port set.
2
DNS records: A = IPv4, AAAA = IPv6, MX = mail, CNAME = alias, PTR = reverse. A vs AAAA is the most tested distinction.
3
AAA: Authentication (who), Authorization (what), Accounting (audit). RADIUS = open/UDP/password-only. TACACS+ = Cisco/TCP/full packet encrypted.
4
Syslog levels 0–7: lower = more severe. Emergency(0) through Debug(7). Mnemonic: "Every Alley Cat Eats Watery Noodle In Dishes."
5
Cloud models: IaaS (you manage OS+), PaaS (you manage apps+), SaaS (you manage data only). Private/Public/Hybrid/Community deployment types.
6
Rapid Elasticity = scale resources instantly on demand. The most tested NIST cloud characteristic on the exam.
7
Type 1 hypervisor = bare metal (ESXi, Hyper-V). Type 2 = hosted on OS (VirtualBox, VMware Workstation). Enable VT-x/AMD-V in UEFI before creating VMs.
8
IoT security: change default credentials, isolate on separate VLAN, update firmware. UTM = unified security appliance. DMZ = hosts public services between two firewalls.