hello everyone this is nicing again and i know it's been quite a while i haven't created any any video and apart from uh i think more than one month i was coming live on the youtube and also uploaded some uh old live session on to this channel as you know my channel uh all channel got deleted and on this channel i couldn't upload the practical videos due to the copyright issue so like from now onwards i'll try to upload some informative videos which can help you out to learn cyber arc and other pam tools also uh on this channel now i'll be focusing on cyber beyond trust and other pam tools plus your aws and cloud related thing also like slowly i'll start uploading some informative some theoretical videos which will help you out to understand the basics and you can also uh like get an idea if you want to make your career in this technology or not so we'll be discussing some key points and what are the basics required to learn a tech technology because as you know the basics your basic should be strong if you if you are learning any technology whether it's a pam or aws or cloud or endpoint security etcetera anything if you are learning your fundamentals should be clear then only you will be able to learn any technology okay so in uh today's uh session i'll be uh going through these topics first we'll discuss about the like what is spam and i believe in most of the interviews some interviewer is asking this question like what is spam and why it's required then uh scope of uh then we'll discuss uh in today's session we'll discuss a little about cyber arc and its components and some like reports also where i'll be showing you uh like cyborg again came leading in the pam technology then other basics like the basics your fundamentals required to learn cyber rock or any other pen technologies if your basics are clear your basics are strong you can learn any pam technology whether it's cyborg beyond trust or arkon dalinia etc so let's start with the uh today's session and also i would like to request uh if you haven't subscribed to this channel please subscribe to this channel and going forward uh from now onwards i'll start uploading some um informative some theoretical videos only which you can see and understand the term likes i know many of you wanted to switch your career in cyber arc as cyber rack is a leading in pam and there are lots of like jobs in the market for cyber arc okay so let's start with the first what is pen and what's the need for the pen so generally if i talk about the pam is it's a privilege access manager or you can say the management and generally uh it is used to manage your access like suppose uh in your organization you have a different team like for a let's say for example l1 tml2 l3 and on the basis of their uh profile they are having access like as l1 will have only read only access to a application then l2 will have some more access than your l1 and similarly lc will be having full access and it depends depends upon the company also like in some company your l1 will be having full access so it depends but in we are talking in general terms so in access your pam is managing your access like right person having right access and because like suppose uh a new joiner join your company and in starting you cannot provide him full access to a application whether it's cyber rock or a windows server or any technology you will not be providing full access because he is new to the company and he may not be like uh knowing something and if like suppose he's having all access he can do anything so where in in that scenario your pam comes in into the picture using pam you can access like you can manage your privilege access like privilege access means the uh access like which can just modify or install or do anything on a server or or an application so that's your pam and your privilege access management using the pam you can manage the access you have lots of thing in it like the recordings and keystroke logs etc so in simple terms you can say pam can be used to organize the your privilege access to a application and including some your video recordings for the audit purpose and it it then it it you can just narrow down your access and like right person having right access to application as you know uh because we don't provide the full access of privilege access to a user who is who is new to the company or don't have much experience in the technology because as you know there are several stacks sorry cyber that attacks are going on in the uh market and they are and after this corporate also there are lots of cyber rock attacks and attacks has been increased and all hackers and they are scanning the network and just try to find out any loophole in your application or in your company and if suppose uh there is a new joiner you have provided full access and some and there's some hacker who came to know like this uh he's a new joiny and he has joined the company recently so he will be sending some information uh via mail or some any social media so by mistake if new joiners just click on it and provide all the information then hacker can steal all the information can can hack his account and then later on he can just get into the company's network and can access everything so that's why the pam is being used and it is being used to isolate or the providing the uh relevant access to a relevant person then like right identity having right access to a application and add on it does have the video recordings and your keystroke logs etcetera that's why there is a after the corvette because everyone is working from home and we are connected to our wi-fi are like having separate uh different internet server service provider because when we were working in the company so we were using the company's internet which is and on the company's internet they have firewall and many other many other encryption which is used to encrypt your network so that no outsider can access that network but in your home you might be using vpn or some like the aws console or cyberact remote access to access your applications so more security is being added so after this coverage the demand for the pam was in increase and you have seen a recent hike and hike in the pam jokes whether it's cyber rock or biantra bjorn trust or archon or delenia etc so if in the interview it is asked you can just simply say pam is a privileged access management tool which can be used to provide the uh secure privilege access to a critical server or critical application meeting the compliance requirement and then you have additionally have your monitoring uh the in the like psm records your video recordings and keystroke logs for the audit purpose okay what's the scope of cyborg and if like many of you are are already working in cyborg and some wants to switch their career so scope of cyber rock is like as you know cyber rack is booming and after this corvette the demand for the pam tools have been increased and scope if if you are active on the some naukri or job sites or the linkedin you might have seen there are lots of jobs for the pam and including cyborg and on-site opportunities are have been increased so if you want to start your career in cyber arts so this is the right time you can uh start learning cyber rock and and can just uh grow your career okay and also uh this is the gartner report and i have copied this from the gartner website only and i be because as you know my all channel got copyright issue so that's why i'm saying this is for the information purpose only and this was available on the public domain so i have used i have copied from the public domain only like from the google and i just found this uh image so that i can show you as per the gartner report in the in this year 2022 rock is the leading you can see this cyber arc is the leading and after that we have arkon dalinia beyond trust one identity and wallex and savion so these are the different uh pam tools and from past few years cyber arc is leading the market and it's uh like coming on the top in the pam technologies but ah you can see arcon is also giving the tough comp competition to cyber ark okay and also uh this is the link if you want to see like uh the this gartner report you can see and you can just read out the information or you can just google it and you can just google it pam gartner report for 2022 and you can just get the information like yes this is the uh gartner report and they have more information like why it was uh on the far so they have some parameters and some parameters and on the basis of that they judge like which technology will be on the top okay okay so this is the question and i have received lots of mails and comments also on the youtube channel because there are some freshers and some uh from the different background and they always ask me uh if i am i belong to a marketing company or a non-iit can i learn cyber arc or any coding required in this cyber arc so to uh like so in this uh i'll be clearing your doubts also and like suppose you are refresher or you are from a different background like different kpo or bpo or any background you are so you can learn anyone can learn cyber arc and there are as such there are no coding background is required because uh in cyber arc you have multiple things like you have the or implementation you have full operations like with uh then you have the your upgrade and etcetera and then comes the development part also so if you want to learn cyber arc and you don't have any coding background still you can learn cyber art because in cyber art we have the installation and you can also design the architecture and then onboarding the accounts the cyber health check and the operation part in the operation we have lots of thing other than the development in most of the organization you will find a separate team is there for the developer like development team will be there who will be developing the automation or some script which is which be which is being used in cyber arc but still like if you have a good knowledge on this scripting powershell python java with this maybe script etcetera so this will be add-on thing for you like you already know this language so when you after learning the cyber art you can use your skills to move into the development area move to the developer and being a cyberlock developer and also along with the implementation operation you can be a developer also so that it you can get a good package and the placement but who are who don't have any coding bank background or who want to switch their career from non-iit to i.t yes they can switch and there are lots of jobs in the market and you can get a job in the big mncs big four etc for that please watch this video till the end if you are from the non-iit background or want to switch your career in cyber because in today's session i'll be discussing the basics which will help you out to learn cyber rock or any other technology whether you are learning the archon delinea aws azure or any other technology so these terms which i am going to discuss in the coming slide will help you out to understand the technology and also your basics will be clear because if you will start learning cyber act directly your you won't be able to get because there are some terms which are being used in cyber rock and other technologies also and if you don't know about those terms you will be like missing because your fundamentals if your fundamentals are clear you can learn any technologies so first please work on your basics try to clear your basics then you can start learning any technologies okay so let's start with the first i'll be uh going through the overview so the cyber can in which technology deals so i believe many of you already know about the cyber arc and many who are fresher or from the non-iit background if they are watching so this is for you so please don't skip the video and watch till the end or and also subscribe to this channel and because going forward it will i'll be uploading more uh like informative videos which will make which may help you out in understanding the other technologies as well as if you want to learn aws or azure or move to cloud security as well as okay so cyber arc uh does provide a pam solution and it does have the sas also the cloud uh lexi product privilege cloud is also there and it does have the pam and hybrid model also in the support so in today's session first we'll start with the pam only and in the coming session i'll be discussing about the cloud also like the architecture of your privileged cloud and what are the components and how the workflow and etc so your privileged access management manager is like and and this includes your access management you have the your video recordings i isolating of this session and many more because cyberduck does have a layer of security in the pam solution so that your critical data is secure and suppose you want to store some data so there are layer of security you can see the firewall it does have a vpn authentication access and different encryption methods also in the coming uh say coming slides i'll be discussing more on to these topics so in the using the pam solution you can secure your and you can provide more security to your critical information critical servers like suppose in your organization you are having more critical servers and on those servers uh you have some more information so use using your pam solution you can protect your server every information will be encrypted and it will be stored in the cyber rock world server and you have different layers of security firewall and this session like suppose you are connecting to your server so the that session will be also isolated and if you are using some critical accounts your windows administrator or root account so the password also of those accounts can be managed easily and you can you you have in cyborg pam we have multiple policies like support if you are using an account that is a critical account so after every use you can also have a policy after every use password can be changed you can have one time password policy and similarly you have the approval policy also duel control if like someone someone wants to access an account so you can create the layer of approval in between and that request will be sent out to your manager or the senior manager or the lead after they approve your request then only uh one user and respective user will be connecting or will be using that account so we have the like firewall a different encryption methods then the recordings keystroke logs password management and master policies and role-based access so that comes under your privilege session manager and there are different tools different components of the cyber arc which are being used for different functioning or you can say the segregation of duties segregation of duties means there are several components in cyber pam tool which are doing their own work like like we have world server okay let me move to next so these are the uh your pam tools and we have other pam tool also so in today's session i am just discussing the basics and some advanced advance like pam tools cyber doctors also have the cloud the conju remote access epm etc but we'll be discussing the basics and the mandatory components so these are the cyberdog components and every components have its own functioning so you can see the vault the password vault web access or you can say the pvwa private our client and central policy manager and privilege session manager so these are the like first five are the mandatory components if you want to install the cyber arc and want to use the operation want to connect and want to manage your password want to onboard the account so first com first five components are the mandatory components whether you are installing on the on-prem solution or installing on the cloud so these are the mandatory components so i'll be focusing more on these mandatory components because if you are good with the mandatory the basic components then you can crack any interview also because in the interview they mostly focus on these components only because in in every organization you will not see the pta this is the pta and this is the psmp or you can say the privilege session manager for ssh or opm in in it depends company to company if they are using these components or not because it does have you need to procure a different license if you want to use this but first five components are the mandatory components if you want to implement the cyber arc environment want to install the cyber rack in your infrastructure so one by one i'll be discussing about the uh components so let's start with the first component okay and this is the architecture so you can see this is the your primary vault or you can say the production wall this is the pure production mode primary data center and this is your secondary data center or you can say the dr site so in your production also you can have your pvw cpm psm and pta pti is optional but these three pvwa cpm and psm is mandatory component if you don't have pt also it's fine and similarly you can have your pvdfwa cpm and psm and pta in the secondary data center with you can say it's a standby server a backup server when your primary data center is going down automatically this dr walt server will become active and dr vaught will become as a primary it will be promoted as a primary vault so you can have the switchover or the failover and the failover can be manual and the automatic also in the coming session i'll be discussing those in detail so this is a basic architecture and your pta is again optional but these are the mandatory your primary wall pvw cpm and psm and dr so these are the mandatory components and also if you don't have pa separate components for your dr it's totally fine you can always use your primary components you can point always point this primary component to the dr because in company to company depends they don't want to have the separate component for your dr site also okay let's first discuss about the wall server as and also one more thing the vault i'm referring to where you can say it's a cyberrack digital vault or enterprise vault or simply vault you can say the it's uh all same different terms are being used by every person so volt is the critical server of the cyber arc and it's the you can say the hub every your this uh this component your pvwa cpm and psm and every component just communicate to your primary vault only because every your information is getting stored on the vault server and encryption different layers of encryption you have firewall and vpn and different authentication method you have in the vault and every your data will be encrypted let's uh understand with the example like suppose in a bank locker you have a safe if you have uh like have a locker in the in the bank so in that locker is being opened using your key you will be having one key and one key will be there with your bank manager or or the manager or the you can say the uh who manage the complete your bank so one key will be there within so after applying both the keys at the same time then only you will be able to open your locker so similar you can co-relate with the vault server it's also the same there are different encryption methods are being used to open these safe where you have put your important information so different mechanism encryption and decryption mechanisms are being used to provide the extra security so in simple terms of wall server you can say it's a one of the critical server of the cyber arc on which you have uh you can store your information your passwords and some other important uh or critical information and this is the main server of the cyber arc and it does have several layers of security firewall encryption segregation of duties and session encryption etc okay next is this is a private our client and you using this private r client you are accessing this digital vault because digital world is a console and uh using some client or some web application only you can access an application whether it's cyber rock or any other uh technology so in cyber art ark private.client is the client which is used to access your vault information and this is an agent you can say it's an agent you need to install on the world server and also you can install on other components also like on the psm server prior pvw cpm server you can install it so it requires 185 feet port to communicate to the vault server so suppose you want to install on your base machine or on a jump server or any server from that server 185 feet port should be open to the wall server and then you can install it and you can use it you can log in and it does have different layers of authentication like it does have the your private authentication which is the default cyberdoc authentication you have and pki etc so these are the different authentication you can use to login to your vault server so this is an agent okay moving to the next component so this is also one of the main component of the cyber arc and this is a password vault web access or you can say a pvwa so in the previous slide we discussed about the private client and now this is a pvwa so you can access your vault using pvw also because it's a web interface and when you are installing the pvwa you need to have a web url and using that web url only you can access your vault server so there are different methods of accessing your vault either you can access using the private r client or you can access with the pvw server or you can say the web interface okay next is one again one of the main component which is the cpm or you can say the central policy manager and this component is generally used to manage your passwords like suppose you have your administrator or any account in cyber so using this component only you can rotate the password you can verify the password often of that particular account and cpm is also being used to like for your auto detection like auto detection is also on boarding you can automate your workstation and laptop or desktop accounts using the auto detection and that is run by using the cpm the password manager user which is the cpm user and then you have the your auto discovery also cpm scanner service is being used to run the auto your auto discovery and again that is auto discovery is again uh like using that you can scan your domain and also you can onboard the unix accounts that i'll be discussing in the uh like coming uh session okay so in simple terms cpm you can say it's a password management component which is used to rotate the password verify the password of an account it can just automate automatically can change the password depending upon the the policies you have configured in cyber arc if you want to generate a password it does have the password complexity also you can define a password complexity like there will be these number of characters 12 characters one uppercase one lowercase so you can define that as per your company's policy and using this you can just manage the password of an account next is your psm so it's also one of the main component of cyber privileged session manager and this component is generally used to establish a connection to the target server like establishing a connection means like suppose you are connecting you have a rdp protocol you are connecting to a machine a different server using a rtp protocol or if you are connecting to the your unix you are using ssh connection ssh protocol so similarly your psm you can say psm is a privilege session manager or you can also say it's a jump server using this you are connecting to a target server and then you are having your the video recordings and you have your keystroke logs so this will record your complete session and it will have your video recordings and that video recordings it will be storing on the wall server in a recording safe and as for the policy you can watch that recording for the audit purpose like so suppose a user connected to a server and that user deleted something from that server so you can always watch that recording and you can identify which user logged into that server and what they have deleted so using the psm you can manage that thing also it's also one of the main component and mandatory component of cyber arc okay so moving to next so this is the psmp or you can say a proxy psm server and or you can say the privilege session manager for ssh because it's a linux based device using this psnp you can connect to a unix server only but using your this psm if you are using the psm you can connect to a windows or unix or database any account you can connect but this psmp is a proxy server you can just connect to the linux devices only because it's meant for the linux server only or you can say the unix servers only and you need to use a putty or any other third party tool to connect to the psmp and this will be your unix server only and why this psmp is being used because this is a what we say the optional component and this is not the mandatory component this is generally being used because in your organization you will see there will be a unix team who who love to work in a cli only command line interface they don't like the gui like your user friend user interface just like the windows server we have like your desktop windows desktop but some team unix team they just love to work on the command line interface for for them only generally we have the psmp so that they can directly log into the command line interface they don't need to use the windows or your graphic user interface and again you can have your different authentication methods also in the psmp you can use your ad or your domain accounts to connect to the psnp server and then you can connect to the target account so that's your psmp or you can say the psm for ssh or a proxy server okay so what is opium opm is also one of the uh optional component this is not mandatory and it's not mandatory to have this component and this is also a linux based using this opium you can manage your permission like the access you can control and monitor privilege access like you have uh super users super accounts on your unix server root account or you if you have created some accounts also and given the admin privilege so you using your opm you can manage this permission you can restrict your user to run some commands so using opm you can just achieve that like suppose there is a root user root user can access and can can do anything on the unix server but using the opm you can restrict the root user also to run uh to not to run some specific commands some delete or some kill command you cannot uh like your root user cannot run if you have restricted that using your opium uh component it's an on-demand privilege manager components and it's the optional component don't it's not a mandatory component okay this is your also a optional component not the mandatory but you should have a overview in the interview they may ask this question and you can always say it's a overview i i have overview idea of the that this component you can say in that way so pta is a privileged threat analytics and it's totally based on the artificial intelligence and using this component you can just uh like uh on board the accounts automatically it can just change the password of an account like invoking the cpm it can just invoke the cpm and change the password and also you can just terminate the session also it can just monitor your network if any suspicious activities is going on in the network so using the pta you can just perform this function because it's one of the cyber component totally based on your artificial intelligence it does have its uh algorithm using this algorithm it you it can scan the your network and tap into the your network using this dpi technologies and it can just detect if any suspicious activities or some attacks are being uh going on in the network so this is also the one of the pta uh like the component of cyborg but not the mandatory component because it requires a different uh license for installing it so it depends upon company to company if they want to install it or not okay okay so now we'll i'll be starting with the basics very basics which will help you out to understand or to learn any technology whether it's cyber rock or any other pen technologies if you have a good idea on the basics you can learn any technologies okay what is firewall in i believe if you are from the btec background or bsc in in uh in school days also i believe something you have heard about the firewall so firewall you in simple terms you can say providing extra security and the encryption method between your communication like suppose you want to communicate to a server so in between your communication there will be a firewall where your the communication will be encrypted so that no other hacker or no other person can view that communication cannot view so that's in the simple terms you can say it's a firewall the you are having a extra security in a in between your communication your communication will be encrypted so that no one can just access that information okay and there will be different types of firewall so we don't know need to go in the depth because there will be i think a hybrid firewall or application or i don't remember the types of but you should have at least what a firewall is and why it is being used because when you want to implement the cyber arc you need to have a discussion with the firewall team and need to describe about what ports what communication you should open from the cyberduck server to the target servers so that they can access so the communication can happen between the cyber arc and the other application your target servers and cyber arc what cyber dog does it's a installation thing so when you are installing the cyber arc vault it does just convert the windows firewall to cyber hard end firewall and it just deletes some unused uh files and the disable some services and only allow the communication using this 185 feet port only you can communicate to the vault server using 1858 port only so uh in let's summarize this in simple terms you can say firewall can be a device which you can use to uh communicate you can use to securely communicating between these servers and the applications the communication is happening with the uh over encrypted channel so that no third party or no one can uh just see that communication what's going on between it okay so this is your encryption and the decryption and encryption uh let's uh understand first what's an encryption is so encryption means you are like suppose you have a document let's take an example of any document you have so you are converting that document in such a format so that no one can understand that format if it will be some encrypted using some third party tool or some encryption you just converted that your information to a code so that no other person can directly understand what it is so that's your encryption and whereas decryption is you are converting that decryption in a readable format so that we can read that in a it will be in a plain text and we can read that you might have seen the uh the these uh terrorist or something based movies in the bollywood movies or other movies hollywood movies they are using some quotes like some someone is calling someone and they are using some codes to give their information so you can correlate with that so that's your encryption and there are two types of the encryption we have first is the symmetric and another is the asymmetric in encryption so in the symmetric in encryption there is a single key is used to encrypt and decrypt the data but in the asymmetric encryption there are two keys are being used to encrypt and decrypt the data so in cyber arc these are the two keys aes 256 is the encryption key which is used to encrypt your data and it's a symmetric encryption and rsa2048 is a asymmetric encryption with where you you use two keys to encrypt and decrypt your data so that's your encryption and decryption and in cyber arc or in any any other technology you should have a overview on this so that you can understand if in any interview or any discussion if someone is using these terms okay so windows server over you because most of the your cyborg and pam technology is totally based on the windows only so you should have a good idea about the windows how to use that some commands how to define an ip address and what are the users policy local policy how to ping a server and what are some basic understanding you should have at least so that because most of the errors are originated from windows only so if you have a good idea about the windows server like where which policy i can find there what is the ip and what are the overview like overview of windows server so it will help you out to understand any technology much faster and you can also troubleshoot that easily if you if you have a good idea on the windows server okay and these are the different windows server and latest one is 2019 okay next is the unix server so similarly you should have overview knowledge of the unix server because it's a cli command line interface and it's totally different from your windows so at least you should know some basic commands like how to log into a unix server the how to change the password how to move to one path to the another path and what how to check the configuration how to copy how to move so at least that basic knowledge you can have so that you it will be easy easy for you to learn uh because in in cyber dog or in other pam technology you need to add you need to onboard the unix account also so if you have a good idea about the unix so you can easily onboard those accounts and you can also troubleshoot the issue if the issue is coming from your unix servers and there are different for different flavors or you can say the types of the unix or linux it's hp solaris aix sun os so these are the different flavors different types of the operating system unix operating system and this does have some little uh command difference so you should have uh only the basics i'm just talking about the basic thing just go with the basic try to learn the some basic commands how to change the password login and how to move and copy that's it because everything is done using a command only you cannot directly go to copy paste on something just like the windows number you need to use the command cp command is used to copy your one file to another path cp [Music] okay so overview of vmware so vmware is a workstation you can say or you can say it's a box which is generally used to create the virtual servers so if you want to create a virtual server virtual server means you are installing a software in a box and creating a server so this is you can say the uh fundamental this is a box and where you you need you can create a windows or unix servers so in most of the organization uh vmware is being used where you deploy you need to this is a setup file you just need to install on a server on a machine you can install it and inside that you can just create the virtual server inside that box so there are different types of servers like the physical servers which does include your physical the hardware and plus software so those are considered as a physical servers you might have seen the warehouse in the movies also you have seen there is a warehouse where you find the servers physical servers and virtual servers like installing a software you have and just like the it can just give the performance just like your physical servers so those you can consider as a virtual and on your vmware box you can install the windows mac operating and also your unix okay moving to next privilege clown privilege accounts so privilege account is uh you can say in simple terms privilege accounts which have more more permission let's take an example of your laptop you have an administrator account so that is considered as a privilege accounts if someone gets the password of that account he can just install or delete anything on that machine on to that server so those are considered as a privilege accounts which have more privilege more permission to install delete or upgrade anything in in your production your you will be having the administrator account or the root account which are considered as a privilege accounts okay okay so domain controllers so domain controller generally you can say you are managing the access it's a centrally manage the access let's take another let's understand with the example suppose you join a company and first thing what they do they just create your id on the domain controller and then they just provide you access by adding to some security groups so they will be having some security groups some groups on the domain controller like support you want to access to some application so you will request to some respective team they will add you in a respective group then only you will get the access so you can say yo you are managing the access centrally manage access from the domain controller and your ad is a database where you have the all the uh information like your user information if you have some you have laptops and you have made that laptops a part of domain so that information is also there on your ad and there are different types of domain controllers one is the read-only domain controllers rodc and another is write table domain controllers in rodc you cannot modify or cannot delete or add something because it's a read only domain controller you can only read the information but in the right table domain controller you need to you can just modify or add or delete anything because it's a write table domain controller so in every organization you may see they are using read only and write table domain controller rules because for some application they want the user to only read the information in that case they use rodc read only domain controller so it's also important because in cyber arc or in any other application beyond press or aws you need to integrate your domain with the application so that you can access that application using your domain account your ad account so that's why it's uh most important because in for every application you will be integrating your domain with the domain controller so that you can manage the access centrally manage access okay okay so ports so port number as you say the communication happening between the two servers is happening uh with via port only you can say it's a virtual point where your network communication start and end so these are the some common ports which are being used in cyber rock and mostly in every organization except your this vault and this your sim ldap smtp these are the common ports which are being used in every uh application so your world use 185 feet for the communication your siem use 514 ldap lapis 66 so similarly these are these are the ports which are being used uh by mostly every applications and you should have an idea about these ports so that because in the interview also sometimes they ask about the port also like what are the ports being used for this communication so these are the common ports you should know these ports for the communication because your and also one more important thing in the interview also they asked this question can we just use a customized port they say we don't want to use this 514 or 636 port so yes you can use the customized spots also like if your company is having some customized ports like 67 or any port they are having yes you can use that but for that you need to do some manual changes on to your application side also and on your server side also so that you can establish a connection using a customized port number okay so this is also one of the advanced topic and you should have an overview knowledge of whatever what is a stop and rest api so so you can say it's just a protocol and it's also using the swap you can also call the api and you can also just communicate like suppose uh the communication is happening between two server using some api so that can be done using the swap and rest api both but the main difference between the strobe and rest api is swap is a little slow than the rest api and in rest api you have the multiple format like it support different format you can get your output in json in xml html etc but in the show protocol it just uh use only your this xml and http so that's the main difference and also the speed okay let's understand with this example so you can consider shop is just like an envelope and it requires more bandwidth more uh work on both like uh opening and closing so that's your shop whereas rest is just like a postcode postcard and it's very lightweight and simple too and easier to update and it's much faster than the strobe protocol so that's the main difference between stroke and rest api okay okay so moving to dns so what is a dns so dns can be defined as a domain name system and generally uh what does a domain name system does like suppose you have a google.com so that's your domain and dot com is your extension so dns because your machine understand the ip address one it doesn't under understand this url like seconds lending.com so your machine your system your computer will understand only the dns this ip address only so every application have the ip address also along with the url or the dns so dns is generally used to convert your this like support let's take an example of seconds learning to ip address so that your machine can understand what's the request and from where it's coming so that's the dns and it is required in the cyborg and other technologies also because in in your production you will be having some url and you require a dns to convert that url to a ip address so that your server and the machine can understand your application and can understand that what's the requirement and what's the message so that's why a dns is being used it translate you can see human readable domain name to machine readable domain readable ip address it can be any ip every machine has a different ip address okay so what is a cluster cluster can be defined as a group of servers because uh there are more than one servers in the cluster and ins if i talk about in context of cyber arc it does have a high availability or the cluster vault manager in which it it has a active and the passive server so that's your cluster active passive means suppose your active server is going down so automatically your passive the standby server will come online and no user will be impacted so you you can say let's take an example in simple terms uh you you are using google.com so for the google.com there will be the number of servers it cannot be like just like they are having single servers for google.com it's hosted somewhere so they have multiple n number of servers if one server is going down automatically another server will uh accessing your request so that's you can correlate with the active and passive if your active server is going down you your passive server will become active and it will start responding to your request so that's the actual meaning of the cluster okay local group policy and the domain group policy so what's the difference and what are these policies so local group policy means the which are locally which are just for your computer only for that server only so that is considered as a locally whereas domain group policy is the policy which is created on your domain on your ad on your domain controller and that is being pushed to other servers or you can just just push that policy to your pc your laptop or server so that is your domain group policy you can just take an example like suppose you have your personal computer personal system laptop so that is a local group policy because it's not connected to any domain it's connected to the work group so that's why the policy is related only locally only on to that your personal laptop but whereas you have your company's laptop and your company's laptop is connected to your company's domain and you might have seen there are many policies are pushed on your company's laptop automatically and you need to restart to update those policies so that is considered as a domain group policy and in cyborg and in other technology beyond pressure or any aws this is being used because you need to make necessary changes on the locally also and sometimes domain also if something is like you have disabled something on the domain group policy so you need to request you need to reach out to the respective team and ask them to just create some exception or disable this policy so you should have a uh overview knowledge on this policy and these terms so that's why i'm discussing these terms so that if you had these terms in while working in cyber rock or in any other technology you will understand what what these terms are next is your work group and domain and what's the difference between the work so previously we discussed about the local and the uh your domain group policy so similarly work group is your personal system is a part of the work group and that work group doesn't have any centralized access that doesn't have because it's only your system only if you are making changes uh your that changes will reflect on your personal laptop only it will not replicate to other servers so whereas domain domain means you have a centralized access you can just push some push if like server is connected to domain you can push some policies you can manage the access to that server using some security groups so that's your domain so using simple terms you can say workgroup is a single system and that you have the local policies and that structure and that is related to single machine only whereas your domain it does have a group like you can connect several applications several servers to a domain and if you want to manage something you can manage using your domain your security groups from policies you can create on domain you can compare with the your personal system and the your company's laptop you will understand the difference between domain and you can also go to the respective uh your this pc properties and you can find out whether you're what are the domain and your your system is connected to work group or domain okay so that's uh all for uh the discussion and these are the some basic terms which are used and which which we discussed in this session so i would uh just recommend you please go through the basics before learning any technology whether it's cyberduck or beyond trust or proof point or aws or cloud anything you are working on so just clear your basics then you can learn any technologies and also uh again i'm giving a disclaimer so all these resources which i which i am using in this video were available on the public domain i just get those information from the google itself and i am using this uh information in this video and this channel is not an affiliate i'm not doing any marketing of this cyberact software this is for the uh information only i'm just sharing my knowledge with you so that you can just understand about the technology whether it's a cyber dock or any other pam technology or any other any cloud technologies as well as if you want to learn and also i'll be giving my credit to sly slide scope because using this let's go only i am able to make this pippity and it's very useful you can just use this slide score and they have different templates and themes so you can use in your while making a ppt just like a professional one so these were the some topics we discussed today and i hope you will like this video and subscribe to this channel because uh these topics these basics introduction will help you out to learn any technology whether it's a any pam tool beyond trust change auditor or pro point or aws etc and if you like this video please subscribe to this channel if you haven't subscribed and i would be creating now more informative videos which will help you out to understand at least the i can just give you the information because now i cannot make any practical videos as again i'll be getting some copyright issue so that's uh all from my side if you have any doubt you can comment on this channel and also don't forget to like share comment and subscribe to this channel so thank you guys for joining and have a good day thank you very much