site_logo

Previous Next


  1. Server+ Practice Tests
  2. Server+ Cram Notes
  3. Security+ Practice Exam
  4. A+ Lab Simulator

Server+ Certification Cram Notes

Common Security Checks

Fencing: Fencing is a physical security measure used to create a barrier around a facility or property. Fences are commonly made of metal or chain-link and can range in height and strength depending on the level of security needed. Fencing can also include gates and access controls to restrict entry and exit points.

Security guards: Security guards are personnel trained to monitor and protect a facility or property from unauthorized access, theft, vandalism, or other threats. They can perform a variety of duties including monitoring security cameras, patrolling the premises, checking for proper identification, and responding to alarms or suspicious activity.

Security cameras: Security cameras are video surveillance systems used to monitor and record activity within a facility or property. Cameras can be placed both inside and outside the building to capture footage of people and vehicles entering and exiting the premises. Some cameras have advanced features such as motion detection and facial recognition software to enhance their surveillance capabilities. The recorded footage can be used for investigations, identifying suspects, and as evidence in legal proceedings.

Common Security Measures

Locks: Locks are the most common physical security measures used to secure doors, cabinets, and other entry points. They come in many types and forms, such as padlocks, combination locks, and keycard locks. Biometric locks use unique human characteristics like fingerprints, retina, or voice recognition to allow access to a secure area.

Mantraps: A mantrap is an access control mechanism that consists of two or more interlocking doors that control access to a secure area. This physical security measure helps prevent unauthorized access to restricted areas.

Safes: Safes are containers used to store valuable items and protect them from theft, fire, or other environmental hazards. They come in various sizes, types, and levels of security, such as fire-resistant safes, burglar-proof safes, and electronic safes.

Security Guards: Security guards are trained personnel who are employed to secure a facility, patrol the premises, monitor security cameras, and respond to security breaches. They are trained to maintain order and protect people and property.

Security Cameras: Security cameras are electronic devices that capture images and videos of the monitored area. They can be used to monitor people and assets, detect intrusion attempts, and provide visual evidence of criminal activity. CCTV (Closed Circuit Television) cameras are widely used in public places, offices, and industrial settings to monitor security.

Environmental controls

Environmental controls are measures put in place to regulate the physical conditions of a data center or server room. These measures are critical to ensure that the equipment is kept in optimal working condition and that the environment is safe for personnel. Some of the common environmental controls include:

Fire suppression: Data centers have fire suppression systems installed to minimize the risk of fire. These systems can be activated automatically or manually, and they use different methods such as water, gas, or foam to suppress the fire.

Heating, ventilation, and cooling (HVAC): HVAC systems are used to regulate temperature and humidity in the data center. The HVAC system ensures that the temperature and humidity are kept at optimal levels, which helps to prevent equipment failure due to overheating or damage due to excessive humidity.

Sensors: Sensors are used to monitor different parameters in the data center, such as temperature, humidity, water, and smoke. These sensors can be configured to send alerts or take corrective actions automatically when certain conditions are met. For example, a temperature sensor can send an alert when the temperature in the data center exceeds a certain threshold.

Identity and access management

Identity and access management (IAM) refers to the processes and technologies used to manage and secure user identities and access rights within a computing environment. In server administration, IAM plays a critical role in ensuring that only authorized users are granted access to sensitive resources, such as servers, databases, and applications.

IAM typically involves the following components:

1. Authentication: This is the process of verifying a user's identity. Common authentication methods include passwords, biometrics, and multifactor authentication.

2. Authorization: This is the process of granting or denying access to resources based on a user's identity and permissions. Authorization is typically managed through access control policies and role-based access control (RBAC).

3. Provisioning: This is the process of creating, modifying, and deleting user accounts and associated permissions.

4. Single sign-on (SSO): This is a feature that enables users to access multiple applications and resources with a single set of login credentials.

5. Auditing and reporting: This involves monitoring user activity and generating reports to help identify potential security risks or compliance violations.

Effective IAM is critical for maintaining the security and integrity of a computing environment. It helps prevent unauthorized access, reduces the risk of data breaches, and facilitates compliance with regulatory requirements.

Common Terms

User accounts: In server administration, a user account is an identity that allows a user to log in and access resources on the system. It typically includes a username and password or other forms of authentication, such as biometric or smart card-based authentication.

User groups: User groups are collections of user accounts that share the same access rights to resources on the system. Assigning users to groups is a common way to simplify the management of access controls, as permissions can be granted to a group instead of to each individual user.

Password policies: Password policies are a set of rules that dictate how passwords are created and used to ensure the security of user accounts. Some common policies include:

  • i. Length: Passwords must be a minimum length to make them harder to guess or crack.

  • ii. Lockout: If a user enters an incorrect password too many times, their account is locked out to prevent unauthorized access.

  • iii. Enforcement: Password policies can require the use of strong passwords that include a combination of uppercase and lowercase letters, numbers, and special characters.

Password policies help prevent unauthorized access to systems by making it harder for attackers to guess or crack passwords.

In summary, identity and access management involves managing user accounts and groups, as well as implementing password policies to ensure the security of these accounts.

Permissions and access controls

Permissions and access controls are used to manage access to resources and actions within an IT environment. Some of the key concepts related to permissions and access controls are:

Role-based access control (RBAC): This is a method of assigning permissions to users based on their job function or role within an organization. For example, a system administrator might have full access to all resources, while a user in the sales department might only have access to customer data.

Rule-based access control: This is a method of assigning permissions based on a set of predefined rules. For example, a rule might be that only users with a certain job title or in a certain department can access a particular resource.

Scope-based access control: This is a method of assigning permissions based on the scope of the resource being accessed. For example, a user might have read-only access to a specific file, but full access to a folder containing multiple files.

Segregation of duties: This is a principle of access control that aims to prevent conflicts of interest and reduce the risk of fraud or errors. For example, a user who has the ability to create and approve purchase orders should not also have the ability to process payments.

Delegation: This is the process of assigning permissions to another user or group. This can help distribute workload and responsibility, and is often used in larger organizations where different teams or departments manage different parts of the IT environment.

Auditing

Auditing refers to the process of recording and reviewing events and actions taken on a system or application. In server administration, auditing is used to track and monitor user activity, logins, group memberships, and deletions, among other things.

Some examples of auditing include:

  • User activity: Recording the actions taken by a user on a system, such as the files they access or the commands they run.

  • Logins: Tracking when users log in or out of a system, as well as failed login attempts.

  • Group memberships: Monitoring changes to user group memberships, such as when a user is added or removed from a group.

  • Deletions: Keeping a record of when files, directories, or user accounts are deleted from a system.

Auditing is important for a variety of reasons. It can help identify security breaches, track compliance with company policies and regulations, and provide a record of actions taken on a system. In addition, auditing can be useful for troubleshooting and diagnosing issues, such as identifying who made changes that caused a system to malfunction.

Overall, auditing is a critical component of identity and access management in server administration, as it helps ensure the security and integrity of a system.


Previous Next



simulationexams.com ad

certexams.com ad