10. Cloud and Virtualization Security Flashcards
What domain covers threats, vulnerabilities, and mitigations in the CompTIA Security+ exam?
Domain 2.0
This domain includes various types of vulnerabilities and their implications.
What are two types of vulnerabilities mentioned in Domain 2.3?
Virtualization (VM escape, Resource reuse) and Cloud-specific
These vulnerabilities present unique challenges in security.
What domain focuses on security architecture in the CompTIA Security+ exam?
Domain 3.0
This domain includes concepts related to different architecture models.
Name two architecture concepts compared in Domain 3.1.
- Cloud
- Infrastructure as code (IaC)
Other concepts may include Serverless, Microservices, and Containerization.
What is a key general data consideration mentioned in Domain 3.3?
Data sovereignty
This pertains to the legal and regulatory considerations surrounding data storage and processing.
What domain addresses security operations in the CompTIA Security+ exam?
Domain 4.0
This domain includes applying common security techniques to computing resources.
What is meant by hardening targets in Domain 4.1?
Cloud infrastructure
This involves implementing security measures to protect cloud environments.
What advantages does cloud computing offer organizations?
- Agility
- Flexibility
- Cost-effectiveness
- Scalability
These advantages have led to widespread adoption across industries.
What approach do new businesses often take regarding cloud computing?
Born in the cloud
This approach allows businesses to operate without managing physical servers.
What are the main concerns for security professionals regarding cloud computing?
Common cloud security concerns and security controls
These are essential for ensuring the confidentiality, integrity, and availability of cloud operations.
Fill in the blank: The chapter discusses aspects of cloud computing most important for _______.
security professionals
This is crucial for those preparing for the Security+ exam.
What is cloud computing?
A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources.
What are the key characteristics of cloud computing?
- Ubiquitous access
- On-demand self-service
- Rapid provisioning and releasing
- Minimal management effort
- Shared pool of resources
What does multitenancy mean in cloud computing?
A cloud infrastructure where multiple users share the same physical hardware without knowledge of each other.
What is the difference between scalability and elasticity?
- Scalability: Rapidly increasing capacity
- Elasticity: Expanding and contracting capacity as needs change
What is measured service in cloud computing?
Cloud providers track resource usage, allowing customers to pay only for what they use.
What are the five key roles in cloud computing?
- Cloud service providers
- Cloud consumers
- Cloud partners (brokers)
- Cloud auditors
- Cloud carriers
What are the three major cloud service models?
- Infrastructure as a Service (IaaS)
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
What is Infrastructure as a Service (IaaS)?
A model allowing customers to purchase and manage basic computing resources like storage and networks.
What is Software as a Service (SaaS)?
A model providing fully managed applications running in the cloud accessible via a web browser.
What is Platform as a Service (PaaS)?
A model that offers a platform for customers to run their own applications, including execution environments and tools.
What is the role of Managed Service Providers (MSPs)?
Organizations that provide IT services, potentially across both cloud and on-premises deployments.
What defines a public cloud?
Infrastructure accessible to any customers under a multitenant model.
What is a private cloud?
Cloud infrastructure provisioned for use by a single customer, either managed by them or a third party.