Descrizione
I libri eKIT VMware rappresentano il materiale didattico ufficiale del canale Academy VMware. Ebook di preparazione agli esami di certificazione in linea completa con il corso ufficiale corrispondente. Tutti i libri eKIT VMware sono preparati da professionisti di livello internazionale per rispondere a pieno alle esigenze di raggiungimento della certificazione corrispondente e alla produttività professionale. Il materiale didattico è di tipo digitale ed è realizzato per massimizzare l’auto apprendimento tipico dei corsi in self-study. Tutti i libri sono corredati da esempi pratici di verifica. Questi prodotti formativi si prestano in modo ottimale anche al supporto della normale attività di training classica in aula o a distanza e in video presenza tempo reale.
Objectives: | | By the end of the course, you should be able to meet the following objectives: • Describe the concepts involved in securing an SDDC and protecting the data in the data center • Manage vSphere administrator access to hosts and the VMware vCenter Server® system based on identified job roles and requirements • Implement security best practices of vSphere components based on organizational security policies • Configure data protection for data at rest and data in motion • Manage protection for server and desktop-class virtual machines, endpoints, and networks • Use microsegmentation to protect and manage multitier applications and network data • Describe VMware AirWatch® functionality to protect mobile computing and EUC deployments • Perform activity monitoring and logging, and explore relevant logs to meet compliance requirements • Use VMware NSX® security groups, policies, and tags to automate deployment and security processes • Use automation to respond to security-related events |
|
Intended Audience: | | • Experienced system administrators • Cloud administrators • System integrators • Operational developers |
|
Prerequisites: | | This class requires completion of one of the following courses: • VMware vSphere 6.x: Install, Configure, Manage • VMware vSphere 6.x: Fast TrackAn understanding of corporate or enterprise network implementations Experience working at the command prompt and with scripting tools likes Windows PowerShell is highly recommended. |
|
Outline: | | - Course Introduction
- Introductions and course logistics
- Course objectives
- Security Concepts
- Key IT security principles for the SDDC
- Differences between securing traditional infrastructures and virtual infrastructures
- Identity and access management concepts for the SDDC
- Methods to secure your virtual infrastructure components
- EUC and mobile computing risks
- Guest operating system access security
- Hardening concepts and how they apply to virtual infrastructure components
- vSphere Security Identity and Access Management
- Role-based access control concepts for vSphere and View
- Configuring role-based access control for ESXi, vCenter Server, and View
- Configuring vSphere single sign-on for administrative access
- Password hardening options
- Configuring ESXi local user management and integration with Active Directory
- ESXi security profiles and access to services
- vSphere Hardening
- ESXi host hardening
- Implementing lockdown mode on ESXi hosts
- Configuring ESXi host-based firewall settings
- vCenter Server hardening
- Tools to reduce infrastructure vulnerabilities
- Implementing hardening best practices based on the vSphere Hardening Guide
- Data Protection
- Data encryption technology
- Data-at-rest encryption options for server and desktop virtual machines
- View endpoint protection best practices
- Datastore security options
- View PCoIP encryption
- VMware Operating System Optimization Tool for desktop and server virtual machines
- Introducing VMware AirWatch for mobile and desktop security
- VMware AirWatch and VMware NSX integration
- Configuring vSphere security certificate management using VMware Certificate Authority and VMware Endpoint Certificate services
- Using the Certificate Automation Tool to manage vSphere certificates
- Establishing and using an IPsec VPN
- Using the VMware Endpoint Certificate Store
- Network Security
- Managing network data in an SDDC
- Security policies and settings of vSphere switches
- Configuring vSphere advanced security features for distributed switches
- Using the VMware NSX distributed firewall and distributed router to implement microsegmentation
- Protecting and managing north-south traffic with VMware NSX® Edge™ services gateway and physical firewalls
- Managing access to the vSphere management network
- Using VMware NSX® Virtual Switch™ features to implement network security
- Designing clusters and racks to minimize vulnerabilities
- Limiting access to vSphere management networks
- Hardening network infrastructure components
- Virtual Machine, Mobility, and Application Protection
- Securing virtual machine guest operating systems
- Mobile device security with VMware AirWatch
- Using VMware NSX with Service Composer for Endpoint Protection
- Using distributed firewalls and microsegmentation to isolate and protect virtual machines
- Using VMware NSX identity-based firewalls to control network traffic based on Active Directory user IDs
- Additional VMware NSX functionality using integration with third-party solutions
- Data Center Monitoring and Compliance
- Using vRealize Log Insight to identify and analyze security-related log entries
- Implementing a distributed logging environment
- vRealize Configuration Manager compliance checkers
- vRealize Configuration Manager compliance monitoring
- Automating Data Center Security
- Using VMware functions and tools to enforce consistent organizational security policies during infrastructure deployment
- Automating responses to security events
- Implementing security automation with security groups, security policies, and security tags
- Automatically applying security settings to newly provisioned virtual machines based on VMware NSX security policies
|
Solamente clienti che hanno effettuato l'accesso ed hanno acquistato questo prodotto possono lasciare una recensione.
Recensioni
Ancora non ci sono recensioni.