Jason Edwards
Certified: The CompTIA CloudNetX Audio Course
The CloudNetX PrepCast is an exam-focused audio course designed to teach you how to think like a network architect operating in modern hybrid environments. Rather than memorizing protocols or vendor features in isolation, this course trains you to interpret scenario-based questions, identify constraints, and select designs that balance security, availability, performance, and cost the way the CloudNetX exam expects. Each episode builds practical architectural reasoning skills, covering topics such as routing intent, segmentation strategy, identity-driven access, cloud interconnects, resilience...
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
Episode 120 — IAM Deep Dive: PAM, RBAC/ABAC, PKI, KMS, SCIM, CIEM in network scenarios 16.01.2026 22:04
Identity and access management concepts are central in CloudNetX because modern network security and connectivity decisions depend on who is requesting access, what they are allowed to do, and how trust is established across systems. This episode defines PAM as managing privileged access with stronger controls and accountability, RBAC as granting permissions through role assignments, ABAC as grant...
Episode 119 — Conditional Access and Geofencing: policy decisions that reduce credential risk 16.01.2026 20:03
Conditional access appears in CloudNetX because it enables identity decisions based on context rather than static rules, reducing the effectiveness of stolen credentials and strengthening remote access controls. This episode defines conditional access as applying access requirements based on signals such as user risk, device compliance, network location, time, and behavior patterns, and it defines...
Episode 118 — MFA and Passwordless: what each solves and when it’s required 16.01.2026 19:34
MFA and passwordless authentication appear in CloudNetX scenarios because credential compromise is common, and stronger authentication changes the outcome of many access and threat scenarios. This episode defines MFA as requiring an additional factor beyond a password, such as device approval or a hardware key, and it defines passwordless authentication as replacing memorized secrets with stronger...
Episode 117 — Federation and SSO: SAML vs OAuth 2.0 vs OIDC, clearly explained 16.01.2026 21:22
Federation and SSO appear in CloudNetX scenarios because modern hybrid environments rely on shared identity across many services, and correct protocol selection affects both security and user experience. This episode defines SAML as a protocol commonly used for enterprise single sign-on where an identity provider issues assertions to service providers, OAuth 2.0 as a framework for delegated author...
Episode 116 — CASB: visibility and control for cloud usage and data flows 16.01.2026 19:51
CASB appears in CloudNetX objectives because cloud adoption shifts data movement into SaaS and managed platforms where traditional perimeter controls may have limited visibility. This episode defines a CASB as a control layer that provides visibility into cloud application usage and applies policies to govern how users and devices interact with cloud services. The first paragraph focuses on the pr...
Episode 115 — SASE and SSE: tying controls to users, devices, and apps 16.01.2026 20:17
SASE and SSE appear in CloudNetX because hybrid work and cloud adoption reduce the effectiveness of perimeter-centric designs, and scenarios often require choosing architectures that enforce consistent policy regardless of user location. This episode defines SASE as an approach that combines networking and security capabilities delivered as a service, and it defines SSE as the security-focused sub...
Episode 114 — ZTNA: replacing broad trust with precise access decisions 16.01.2026 19:37
ZTNA appears in CloudNetX because it represents a practical application of Zero Trust that changes how remote access is granted, moving from broad network connectivity toward application-specific access. This episode defines ZTNA as a model that grants users access to specific applications based on identity and context rather than extending full network reach, typically by brokering sessions throu...
Episode 113 — Microsegmentation: limiting east/west movement without chaos 16.01.2026 19:21
Microsegmentation is included in CloudNetX because internal lateral movement is one of the fastest ways attacks spread, and scenarios often test whether you can limit east/west flows without breaking critical dependencies. This episode defines microsegmentation as applying fine-grained controls between internal workloads based on role, identity, or labels, rather than assuming broad trust within a...
Episode 112 — Zero Trust Fundamentals: identity as perimeter and continuous verification 16.01.2026 19:06
Zero Trust appears in CloudNetX objectives because modern networks cannot rely on location-based trust, and scenario questions often test whether you can design access around identity, context, and verification rather than assumptions. This episode defines Zero Trust as a model that assumes no implicit trust, requiring explicit verification for each access request and enforcing least privilege by...
Episode 111 — Port Security: limiting lateral movement at the edge 16.01.2026 18:43
Port security appears in CloudNetX objectives because edge access is where unauthorized devices most often enter, and controlling that entry reduces lateral movement risk before higher-layer controls ever engage. This episode defines port security as limiting what devices can use a switch port, often by restricting the number of learned MAC addresses, enforcing expected device identity, and trigge...
Episode 110 — DLP Controls: preventing leakage without stopping business 16.01.2026 19:04
DLP is a recurring CloudNetX control because it addresses one of the hardest security problems: preventing sensitive data from leaving through legitimate channels without breaking core workflows. This episode defines DLP as a set of detection and enforcement mechanisms that identify sensitive patterns in data and apply actions such as alerting, blocking, quarantining, or encryption based on policy...
Episode 109 — URL and Content Filtering: categories, apps, file blocking tradeoffs 16.01.2026 19:14
URL and content filtering is included in CloudNetX because it is a common control for reducing web-borne risk and limiting unsafe data movement, and scenarios often test whether you can apply it without crippling productivity. This episode defines category filtering as blocking classes of destinations based on risk or policy, application-aware filtering as controlling behavior across changing URLs...
Episode 108 — Geolocation Rules: when geo blocking helps and when it backfires 16.01.2026 18:47
Geolocation-based rules appear in CloudNetX scenarios as a simple control that can reduce exposure, but the exam expects you to understand its limitations and operational impact. This episode defines geolocation rules as policies that allow or deny traffic based on the inferred geographic location of an IP address, often used to reduce inbound attack surface from regions where an organization has...
Episode 107 — IDS/IPS Signatures: what to automate and what to constrain 16.01.2026 17:56
Signature-driven detection and prevention are included in CloudNetX because they represent a practical security control that must be tuned and governed to avoid either missed threats or self-inflicted outages. This episode defines signatures as patterns used to identify suspicious traffic, known exploit behavior, or malicious payloads, and it explains that signatures can drive either alerts or blo...
Episode 106 — NACL vs NSG: stateless/stateful thinking and inbound/outbound logic 16.01.2026 20:05
CloudNetX scenarios often include cloud filtering controls that sound similar but behave differently, and the exam expects you to reason about state, direction, and enforcement scope. This episode defines network ACLs as stateless filters applied at a subnet boundary, meaning inbound and outbound rules are evaluated independently and return traffic must be explicitly allowed. It defines network se...
Episode 105 — Decryption Rules: when inspection is required and common pitfalls 16.01.2026 19:24
Decryption rules are a focused CloudNetX topic because they determine where encrypted traffic becomes visible for security controls and where it remains private, which directly affects risk management and operational stability. This episode defines decryption rules as policies that decide which traffic should be decrypted for inspection and which traffic should be exempted, based on destination ca...
Episode 104 — Firewall Rule Design: src/dst, allowlists/blocklists, app-aware logic 16.01.2026 18:45
Firewall rule design is a recurring CloudNetX skill because scenarios often hinge on whether you can translate an intended flow into enforceable policy without creating accidental exposure. This episode defines rule components in operational terms: source and destination define who communicates, ports and protocols define what services are allowed, and app-aware logic enables policy based on appli...
Episode 103 — NAC Concepts: posture assessment, enforcement points, dynamic lists 16.01.2026 19:43
Network access control appears in CloudNetX because it is a practical way to decide who and what can connect, and to adapt that decision based on device trustworthiness rather than assuming all endpoints are equal. This episode defines posture assessment as evaluating device conditions such as patch level, security agent presence, and compliance state, and it defines enforcement points as the plac...
Episode 102 — Secure Web Gateway vs Application Gateway: choosing the right control point 16.01.2026 18:29
CloudNetX scenarios often include “gateway” terminology that can be misleading unless you focus on traffic direction and enforcement intent, and this episode clarifies secure web gateways versus application gateways as distinct control points. It defines a secure web gateway as a control for outbound user web access that enforces browsing policy, filtering, and threat prevention, and it defines an...
Episode 101 — TLS Inspection: what it reveals, what it breaks, performance impact 16.01.2026 18:47
TLS inspection appears in CloudNetX scenarios as a deliberate tradeoff between visibility and privacy, and the exam expects you to understand both the security value and the operational risk. This episode defines TLS inspection as decrypting encrypted traffic at a controlled point, inspecting content for policy enforcement or threat detection, then re-encrypting traffic for delivery to its destina...
Episode 100 — Encryption Basics: symmetric vs asymmetric and scenario expectations 16.01.2026 18:43
Encryption appears throughout CloudNetX scenarios as a foundational mechanism for protecting confidentiality and integrity, and this episode clarifies the practical distinction between symmetric and asymmetric cryptography. It defines symmetric encryption as using a shared secret key that is fast and efficient for bulk data, and it defines asymmetric encryption as using a key pair that supports id...
Episode 99 — IDS vs IPS: detection versus prevention and tuning tradeoffs 16.01.2026 18:29
IDS and IPS decisions appear in CloudNetX scenarios because teams must balance visibility, prevention, and operational stability, and the exam expects you to recognize when blocking is appropriate and when it is too risky. This episode defines an IDS as a detection system that monitors traffic and raises alerts without blocking, and an IPS as a prevention system that blocks traffic based on signat...
Episode 98 — Firewall Types: NGFW vs cloud-native firewall vs WAF 16.01.2026 19:41
Firewall selection is a common CloudNetX decision point because different firewall types operate at different layers and solve different problems, and scenarios test whether you can match the control to the traffic. This episode defines an NGFW as a firewall with application-aware inspection and richer policy controls, a cloud-native firewall as an integrated provider control that aligns with clou...
Episode 97 — Framework Fluency: MITRE ATT&CK, Cyber Kill Chain, CCM in exam language 16.01.2026 18:59
Framework references appear in CloudNetX scenarios to test whether you can apply structured thinking about threats and controls, not whether you can recite taxonomy names. This episode defines MITRE ATT&CK as a catalog of attacker techniques that helps teams describe how attacks occur, the Cyber Kill Chain as a staged model for understanding progression from reconnaissance to objectives, and t...
Episode 96 — Mitigation Toolkit: DLP, IPAM, CIS benchmarks, config reviews, null routing 16.01.2026 17:57
CloudNetX scenarios often present a risk and ask for the most appropriate mitigation, so this episode clarifies how several commonly referenced controls function and when each is the best fit. It defines DLP as detecting and controlling sensitive data movement, IPAM as managing address assignments and reducing conflicts while supporting segmentation planning, CIS benchmarks as standardized secure...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.