adam's notes

❯

❯

CCSP Critical Network Security Concepts

CCSP Critical Network Security Concepts

CCSP considers 4 critical network security design and architecture concepts:
- Network Security Groups
  - aka security groups
  - are virtual firewalls used in cloud environments
  - use rules to control traffic using ports and protocols
  - can control inbound and outbound traffic separately
  - typically stateful
    - track requests and responses
- Traffic Inspection
  - more challenging in cloud and virtual environments
    - traffic is typically sent directly to the virtual resource
    - isn’t a direct equivalent of promiscuous mode traffic capture
  - cloud providers provide traffic mirroring tools
- Geofencing
  - restrict access to services or systems based on where that access is occurring from
  - built into many apps
  - used to correlate logins and activity to locations to:
    - ensure credentials aren’t being misused
    - identify unexpected traffic patterns
- Zero Trust
  - relies on identities and authorization to ensure that users and entities are validated before they access data
  - can be easier to implement in cloud
    - due to greenfield builds and capabilities build into the environment

Graph View

Backlinks

Responsibilities in the Cloud

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me