Skip to main content
sudoRunner
sudoRunner

IST 402: Cloud Virtualization, Containers & SECaaS Architecture

Cloud / Emerging Technologies Case Study

This portfolio-safe case study summarizes selected IST 402 Emerging Issues and Technologies work focused on cloud computing, virtualization, Microsoft Hyper-V, OpenStack private cloud, Docker containers, cloud network security, zero trust, mutual TLS, secure cloud architecture, workflow modeling, shared responsibility, cloud migration planning, and Security-as-a-Service strategy.

Course IST 402
Project Type Cloud / Emerging Technologies Lab Collection
Focus Virtualization · Containers · Zero Trust · Cloud Security · SECaaS
Tools / Platforms Hyper-V · OpenStack · Docker · Docker Compose · Wazuh · OpenSCAP
Security Concepts mTLS · Certificates · Docker Registry Security · Shared Responsibility
Professional Angle Cloud Infrastructure, Cloud Security, Workflow Modeling, and Security Strategy

Overview
#

IST 402 covered emerging issues and technologies with a strong emphasis on cloud computing, virtualization, infrastructure abstraction, containers, cloud migration, security operations, workflow modeling, and technology strategy.

This course is valuable in my portfolio because it connects practical infrastructure work with cybersecurity decision-making. The lab work involved building and configuring virtualized and cloud-based environments, working with containers, evaluating secure cloud architecture, exploring cloud network security controls, and presenting a Security-as-a-Service strategy.

The strongest portfolio angle is cloud security and emerging technology readiness: understanding how infrastructure, identity, certificates, containers, monitoring, architecture, workflow, and executive security strategy fit together.

This page is intentionally written as a portfolio-safe summary. It does not publish raw screenshots, complete lab submissions, private student details, full academic materials, credentials, internal diagrams, or step-by-step lab procedures.

Why This Project Matters
#

Cybersecurity work increasingly depends on understanding the infrastructure underneath the alerts.

Cloud security, ServiceNow SecOps, vulnerability response, and security operations all benefit from understanding:

  • how virtual machines are provisioned and networked
  • how cloud services abstract infrastructure ownership
  • how containers are built, connected, secured, and deployed
  • how certificate-based trust affects cloud network access
  • how mutual TLS can enforce stronger service-to-service authentication
  • how private cloud platforms expose compute, identity, networking, and dashboard services
  • how shared responsibility changes risk ownership
  • how continuous monitoring supports cloud security
  • how cloud-native security products are evaluated and justified
  • how user workflows can be mapped into systems and security requirements
  • how technical findings are translated into business-facing recommendations

IST 402 helped connect these areas into a broader technical and strategic picture.

Portfolio-Safe Publishing Approach
#

Security note: This case study summarizes lab, workflow, and presentation work without publishing raw lab screenshots, credentials, IP details, complete command history, private student identifiers, full submissions, complete internal diagrams, certificate artifacts, or full vendor materials.

This page excludes:

  • raw screenshots
  • full lab reports
  • exact credentials
  • private academic records
  • private student identifiers
  • full command output
  • certificate material
  • complete step-by-step lab procedures
  • raw presentation files
  • full vendor comparison details
  • complete workflow source diagrams

Instead, it presents:

  • high-level technical themes
  • tools and platforms used
  • infrastructure concepts
  • cloud security lessons
  • zero trust and mTLS concepts
  • workflow modeling evidence
  • portfolio-safe summaries
  • professional lessons learned

Major Workstreams
#

Microsoft Hyper-V Virtualization
#

Configured virtual machines, networking, resource allocation, PowerShell-based VM management, private network connectivity, integration services, and checkpoints.

Virtualization

OpenStack Private Cloud
#

Built private cloud components involving controller services, identity/token behavior, compute services, networking, Horizon dashboard access, flavors, and additional compute resources.

Private Cloud

Docker Containers
#

Worked with container image builds, Docker run behavior, environment variables, file mounting, multi-container applications, container networking, and Docker Compose.

Containers

Cloud Network Security
#

Worked through cloud network security concepts involving certificate trust, root certificates, registry certificates, certificate authority errors, bad certificate validation, Docker registry access, and mutual TLS.

Zero Trust

Secure Cloud Architecture
#

Designed and evaluated secure cloud architecture concepts involving network diagrams, OpenSCAP testing, SSH hardening, Wazuh monitoring, container events, and security profile management.

Cloud Security

Workflow Modeling
#

Created a user-access workflow diagram modeling application access, QR-code login, server/channel interaction, file sharing, voice call behavior, settings, and logout flow.

Process Modeling

Shared Responsibility
#

Course reflections covered shared responsibility, ownership tradeoffs, infrastructure cost, provider-managed controls, automation, Kubernetes, metrics, and hyperconverged infrastructure.

Cloud Governance

Security-as-a-Service Strategy
#

The final presentation evaluated SECaaS, CrowdStrike Falcon, cloud-native security, continuous monitoring, threat intelligence, automated response, compliance, cost reduction, and executive approval.

SECaaS

Cloud Infrastructure Lab Evidence
#

Lab / Topic
Portfolio-Safe Summary
Focus
Hyper-V Virtualization
Configured virtual machines, adjusted memory and CPU resources, validated network connectivity between Windows and Linux VMs, reviewed integration services, and created VM checkpoints.
Virtualization
OpenStack Private Cloud
Set up private cloud services, reviewed project/user/role relationships, generated token information, configured compute services, validated active compute nodes, accessed Horizon, created flavors, and added compute resources.
OpenStack
Docker Containers
Built and ran containers, reviewed working directories and environment variables, configured multi-container applications, created Docker networks, tested application behavior, and worked with Docker Compose.
Docker
Cloud Network Security
Created certificate material for mutual TLS, reviewed root and registry certificates, observed certificate authority and bad certificate errors, validated Docker registry pull behavior, and tested web service access with mutual TLS enabled.
mTLS
Secure Cloud Architecture
Designed cloud architecture diagrams, reviewed OpenSCAP findings, remediated SSH empty-password control issues, validated passing tests, reviewed Wazuh events, and monitored image/container activity.
Cloud Security
Workflow Modeling
Created a user access workflow diagram for Discord covering login flow, QR-code access, server/channel selection, file sharing, voice call behavior, settings navigation, and logout confirmation.
HCI / Workflow
Cloud Strategy Reflections
Course reflection work covered SaaS, private/public cloud migration planning, RFI considerations, shared responsibility, infrastructure automation, Kubernetes, storage, APIs, VDI, NSX, and cloud/mobile usability.
Emerging Tech
SECaaS Executive Presentation
Group presentation proposed Security-as-a-Service adoption for a fictional enterprise, evaluated CrowdStrike Falcon capabilities, and explained security, cost, compliance, operational, and implementation considerations.
Security Strategy

Technical Workflow
#

1

Build the Virtual Infrastructure Foundation
#

Started with virtualization concepts: VM resource allocation, virtual networking, PowerShell-based management, guest/host integration, and checkpoints.

Hyper-V

2

Deploy Private Cloud Services
#

Moved into private cloud concepts by configuring OpenStack services, identity, compute, networking, Horizon dashboard access, and additional compute capacity.

OpenStack

3

Containerize Application Components
#

Worked with Docker images, containers, file access, environment variables, networking, multi-container application patterns, and Docker Compose.

Docker

4

Apply Cloud Network Security Controls
#

Tested certificate-based trust, mutual TLS, Docker registry access behavior, certificate validation failure modes, and service access when stronger authentication was enabled.

mTLS / Zero Trust

5

Validate Secure Configuration and Monitoring
#

Reviewed cloud hardening concepts through OpenSCAP, SSH control validation, Wazuh monitoring, container event visibility, and secure configuration testing.

Cloud Security

6

Model User and System Workflows
#

Mapped a user-access flow to understand application steps, authentication points, user decisions, interaction paths, and logout behavior.

Workflow Modeling

7

Translate Technology into Strategy
#

Connected cloud operations to business decisions through shared responsibility, vendor evaluation, SECaaS, CrowdStrike Falcon, compliance, monitoring, incident response, and executive communication.

Security Strategy

Virtualization Concepts Covered
#

The Hyper-V lab work helped reinforce foundational virtualization concepts:

  • virtual machine creation and configuration
  • VM memory and processor allocation
  • PowerShell-based VM management
  • virtual network configuration
  • Windows-to-Linux VM connectivity
  • private network validation
  • guest-to-host integration services
  • checkpoint and snapshot concepts
  • resource abstraction
  • high availability and recovery thinking

These concepts are useful for security work because endpoint, server, and cloud security often depend on knowing where compute, networking, storage, and management boundaries exist.

Private Cloud Concepts Covered
#

The OpenStack lab work introduced private cloud architecture concepts:

  • controller node services
  • identity and project/user/role relationships
  • token generation
  • compute service setup
  • network service configuration
  • Horizon dashboard access
  • Nova compute resources
  • flavors for compute instances
  • adding additional compute capacity
  • validating active compute nodes

This experience is relevant because cloud security depends heavily on identity, roles, compute, networking, and management-plane visibility.

Container Concepts Covered
#

The Docker labs reinforced container fundamentals:

  • image build process
  • container execution
  • file access inside containers
  • environment variables
  • container networking
  • database container behavior
  • multi-container application patterns
  • Docker Compose orchestration
  • application service validation
  • troubleshooting build/runtime issues

This is useful for cybersecurity because containerized workloads require different thinking from traditional hosts. Security teams must understand images, runtime behavior, exposed services, container networks, dependency issues, and orchestration risk.

Cloud Network Security Concepts Covered
#

The cloud network security lab added a stronger security architecture layer to the course.

The work included:

  • creating certificate material for mutual TLS
  • reviewing root certificate output
  • reviewing registry certificate extensions
  • observing certificate authority trust failures
  • observing bad certificate behavior
  • validating Docker registry pull behavior
  • testing Docker registry access from different systems
  • running frontend and backend containers
  • validating HTTP and HTTPS behavior
  • testing web service access with mutual TLS enabled
  • confirming when direct origin access failed after stronger controls were applied
  • manually checking certificate verification output

This is a strong portfolio signal because it shows that cloud security is not only about deploying workloads. It also involves identity, trust, certificate validation, network access control, service-to-service authentication, and failure-mode testing.

Workflow Modeling and HCI Concepts Covered
#

One IST 402 artifact modeled user access to Discord as a workflow diagram.

The diagram represented a user moving through:

  • computer access
  • application launch
  • login UI
  • QR-code login
  • home screen
  • server list
  • joining a server
  • selecting a channel
  • sharing cloud-stored files
  • sending a message
  • answering and ending a voice call
  • settings navigation
  • logout selection
  • logout confirmation

This supports my broader portfolio theme around HCI-friendly design and workflow clarity. For cybersecurity and ServiceNow work, workflow modeling matters because analysts and users need clear paths through systems. Confusing workflows can create security mistakes, missed steps, poor adoption, and inconsistent process execution.

Secure Cloud Architecture Concepts Covered
#

The secure cloud architecture lab connected infrastructure to security controls.

Key areas included:

  • security-focused architecture planning
  • network diagramming
  • OpenSCAP scanning
  • SSH hardening
  • empty-password control validation
  • Wazuh event monitoring
  • container image pull visibility
  • container start event monitoring
  • security profile management
  • continuous monitoring concepts
  • configuration drift awareness

This portion of the course is especially relevant to security operations because it connects infrastructure configuration to measurable security posture.

Security-as-a-Service Strategy
#

The final presentation focused on a fictional company, Acme Corp, facing major cybersecurity problems and evaluating Security-as-a-Service adoption.

The presentation covered:

  • current security challenges
  • impact of security failures
  • SECaaS definition and benefits
  • scalability and cost-efficiency
  • access to cybersecurity expertise
  • continuous monitoring
  • incident response
  • threat intelligence
  • preventive security measures
  • advanced detection and automated response
  • behavioral analytics
  • integrated defense
  • CrowdStrike Falcon platform evaluation
  • endpoint security
  • cloud workload protection
  • identity protection
  • compliance considerations
  • implementation concerns and mitigation

The most useful portfolio angle is not vendor promotion. The useful angle is that the presentation required translating security technology into executive-facing business value, risk reduction, implementation planning, and governance concerns.

Cloud Security and Governance Lessons
#

Lesson
Why It Matters
Professional Relevance
Trust Must Be Explicitly Designed
Certificate-based authentication and mutual TLS demonstrate that secure communication depends on identity, trust chains, validation behavior, and correct configuration.
Zero Trust
Shared Responsibility Changes Ownership
As providers take on more operational responsibility, organizations may reduce infrastructure burden but must still understand which risks remain theirs.
Cloud Governance
Visibility Is a Security Requirement
Virtual machines, containers, private cloud services, and managed security platforms all require monitoring and event visibility to support incident response.
Security Monitoring
Automation Improves Scale but Adds Risk
Infrastructure automation, containers, Kubernetes-style deployment thinking, and policy automation can improve speed, but misconfiguration can scale quickly.
Automation Risk
Workflow Clarity Supports Security
Clear user and system workflows reduce ambiguity, improve adoption, support process consistency, and help identify where authentication, authorization, and security controls should be placed.
HCI / Process
Cloud Migration Requires Planning
Moving applications and data to cloud environments requires requirements gathering, vendor evaluation, RFI/RFP thinking, dependencies, and risk review.
Migration Planning
Security Strategy Must Be Communicated
Technical security capabilities only matter if stakeholders understand risk, cost, compliance impact, implementation challenges, and expected business value.
Executive Communication

Capability-to-Evidence Map
#

Capability
Evidence from IST 402
Status
Cloud Infrastructure
Hyper-V virtualization, OpenStack private cloud, compute resources, virtual networking, identity roles, Horizon dashboard access, and private cloud resource scaling.
Completed
Container Fundamentals
Docker images, running containers, environment variables, file access, container networking, multi-container applications, and Docker Compose workflows.
Completed
Zero Trust / mTLS Concepts
Certificate creation, certificate validation failures, registry certificate review, Docker registry access testing, mutual TLS for service access, and manual certificate verification.
Completed
Secure Cloud Configuration
OpenSCAP review, SSH hardening, Wazuh monitoring, security profile updates, container event visibility, and secure architecture design.
Completed
Workflow Modeling
Mapped user access workflow for Discord, including login, QR-code authentication, navigation, file sharing, voice call flow, settings, and logout confirmation.
Completed
Cloud Security Strategy
SECaaS evaluation, CrowdStrike Falcon proposal, continuous monitoring, incident response, threat intelligence, compliance, and executive-facing security justification.
Completed
Cloud Governance Awareness
Shared responsibility, provider-managed controls, automation tradeoffs, RFI planning, vendor support boundaries, and cloud migration planning.
Completed

What I Learned
#

This course reinforced several lessons that matter in cybersecurity and consulting work:

  • cloud security starts with understanding infrastructure boundaries
  • virtualization affects networking, resource allocation, recovery, and monitoring
  • private cloud platforms require identity, compute, networking, and dashboard governance
  • containers introduce new runtime and dependency risks
  • certificate-based trust must be configured, validated, and tested
  • mutual TLS can enforce stronger service-to-service authentication
  • failed certificate validation is a useful security signal, not just an error
  • secure configuration should be tested and monitored continuously
  • user workflow modeling helps identify control points and user friction
  • cloud migration requires requirements gathering and vendor evaluation
  • shared responsibility must be clearly understood before moving workloads
  • SECaaS can reduce operational burden but requires governance, SLAs, and oversight
  • executive communication is a major part of successful technology adoption
  • security strategy must connect technical controls to risk reduction and business value

Professional Relevance
#

This project supports roles involving:

  • cloud security
  • cybersecurity analysis
  • security operations
  • ServiceNow SecOps consulting
  • vulnerability management
  • cloud migration support
  • infrastructure security
  • container security fundamentals
  • zero trust architecture concepts
  • certificate-based access control
  • workflow and process mapping
  • security governance
  • executive-facing security communication

It also supports my ServiceNow SecOps direction because cloud environments still require structured triage, ownership, remediation tracking, validation, exception handling, policy mapping, workflow clarity, and stakeholder communication.

Portfolio-Safe Redaction Notes
#

This case study intentionally excludes:

  • raw screenshots
  • exact command history
  • private lab credentials
  • IP addressing details
  • certificate material
  • full lab submissions
  • complete diagrams
  • raw presentation files
  • private student identifiers
  • non-public course materials

The purpose is to show cloud infrastructure, cloud security, zero trust, and workflow modeling understanding without publishing raw academic materials.

Related Portfolio Areas#

Cloud Security
#

This work connects virtualization, containers, private cloud, certificate-based trust, mutual TLS, continuous monitoring, secure configuration, and Security-as-a-Service strategy.

Cloud Security

ServiceNow SecOps
#

Cloud environments still need vulnerability ownership, remediation tracking, security incident workflows, governance, validation, and clear process design.

SecOps-Relevant

Security Operations
#

Continuous monitoring, event review, configuration validation, certificate failure interpretation, and incident response are core security operations concerns.

SOC-Relevant

HCI and Workflow Design
#

The Discord workflow artifact supports user-flow thinking, process modeling, and designing systems that are understandable and navigable.

HCI

GRC / Vendor Risk
#

SECaaS adoption introduces shared responsibility, vendor dependency, compliance, data privacy, SLA, and governance concerns.

GRC-Relevant

Next Steps
#

This project can later be connected to:

  • a cloud security capability section
  • a ServiceNow cloud vulnerability workflow concept
  • a SECaaS vendor evaluation note
  • a shared-responsibility risk matrix
  • a container security checklist
  • a cloud migration security checklist
  • a zero trust / mTLS concept note
  • a workflow modeling and HCI evidence section
  • a ServiceNow IRM/GRC learning path

For now, this page serves as the main portfolio-safe summary of my IST 402 emerging technologies, cloud infrastructure, cloud network security, workflow modeling, and SECaaS strategy work.