10: Cloud & Virtualization Security

Question 1

What are the three major cloud service models?

Answer 1

Infrastructure-as-a-service (IaaS), Software-as-a-service (SaaS), Platform-as-a-service (PaaS)

These models represent different levels of service and management in cloud computing.

Question 2

What does Infrastructure-as-a-service (IaaS) provide?

Answer 2

Basic building blocks of a technology infrastructure

Customers can purchase and interact with virtualized computing resources over the internet.

Question 3

What is the primary function of Software-as-a-service (SaaS)?

Answer 3

Access to a fully managed application running in the cloud

Users do not need to manage or control the underlying infrastructure.

Question 4

What does Platform-as-a-service (PaaS) offer customers?

Answer 4

A platform to run applications developed by the customers themselves

It provides a framework for developers to create applications without worrying about the infrastructure.

Question 5

Describe the public cloud deployment model.

Answer 5

Infrastructure accessible to any customers in a multitenant model

Public cloud services are provided over the internet and shared among multiple users.

Question 6

What is a private cloud?

Answer 6

Cloud infrastructure provisioned for use by a single customer

Offers greater control and security for sensitive data.

Question 7

What characterizes a community cloud service?

Answer 7

Shares characteristics of both public and private models; multitenant environment limited to a specific community

Designed for organizations with shared concerns.

Question 8

Define hybrid cloud.

Answer 8

Cloud deployments that blend public, private, and/or community cloud services

Allows data and applications to be shared between them.

Question 9

What is the shared responsibility model of cloud security?

Answer 9

Division of responsibilities between service providers and customers’ cybersecurity teams

Ensures both parties understand their security obligations.

Question 10

In an IaaS environment, what is the provider responsible for?

Answer 10

Security for everything below the operating system layer

The customer is responsible for everything above that layer.

Question 11

What additional responsibility does a cloud provider take on in a PaaS environment?

Answer 11

Security of the operating system itself

This includes managing the underlying infrastructure and platform.

Question 12

In a SaaS environment, what is the cloud provider responsible for?

Answer 12

Security of the entire environment except for access control configuration and data choice

Customers must manage how they access and use the application.

Question 13

What should cloud customers understand to implement appropriate security controls?

Answer 13

Controls offered by providers and third parties

This includes how to maintain resource policies and ensure high availability.

Question 14

From a storage perspective, what should cloud customers consider?

Answer 14

Permissions, encryption, replication, high availability

Ensures data security and reliability.

Question 15

What network design considerations should cloud customers keep in mind?

Answer 15

Design of virtual networks with public and private subnets for appropriate segmentation

Helps in managing access and security.

Question 16

What should customers do from a compute perspective in cloud security?

Answer 16

Design security groups to restrict network traffic and maintain instance security

Protects against unauthorized access and threats.