1.5 Virtualization and Cloud Flashcards

1
Q

The grouping of virtual hardware (cpu, ram, storage, nic, etc) to form an entire virtual computer.

A

Virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Software layer that creates virtual hardware components and facilitates the communication from the virtual hardware to the physical hardware and vice versa.

A

Hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A layer of abstraction down to the process execution level, where the software installed on a VM is isolated away from the VM itself.

A

Application level virtualization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A series of files on a computing system that, when used by a hypervisor, function as an independent computing device.

A

Virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Software technology that isolates a desktop environment and it’s associated application software from a physical host machine that is used to access it.

A

VDI - Virtual desktop infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

One of the most important security functions that can be performed today. Including but not limited to understanding how a piece of malware works, understanding the command and control functions presented by a piece of malware, and gaining an understanding into the motivations and potential end goals of an adversary.

A

Malware analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Term that is used to describe data that we collect from an IT asset.

A

Digital evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Virtualization security risk that results from the ease at which VMs can be cloned and forgotten about. Virtual machines that exist but are no longer needed.

A

VM sprawl

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The process of creating different tiers of physical host computers where each tier of physical host is only allowed to run guest VMs of that same trust level.

A

Virtualization physical segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Code run from inside a guest VM being executed on the host computer. Being able to execute code outside the bounds of the isolation that is supposed to be afforded to a VM.

A

VM escape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Type of cloud deployment where all services are operated by a third party provider

A

Public cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Type of cloud deployment where IT resources are built, operated, and managed by a single company or organization, typically in their own data centers.

A

Private cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

type of cloud deployment where an organization uses a combination of public cloud services with on-premise or private services. Typically done when there are legacy systems that, for various reasons, cannot be moved to the cloud.

A

Hybrid cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

cloud service model where the provider grants access to a console that allows the customer to provision servers on a virtual Network according to their needs.

A

IaaS - infrastructure as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cloud service model that allows customers to access a platform that enables them to run custom code or applications. Customers do not need to manage the underlying infrastructure.

A

PaaS - platform as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cloud delivery model where the service provider provides access to a hosted web application. Subscription based.

A

SaaS - software as a service

17
Q

Cloud service model where managing the actual hardware is fully assumed by the cloud service provider. Development teams only define and deploy application functions that need to be called.

A

Serverless, or FaaS - functions as a service.

18
Q

Cloud computing trend where software changes to running applications are delivered using automation.

A

CI/CD - continuous integration, continuous delivery

19
Q

This allows us to create infrastructure from templates. Entire architectures that are software defined, with version control, using OOP concepts.

A

IaC - infrastructure as code

20
Q

In regards to cloud security, this term makes it clear that neither a cloud provider nor subscriber is solely responsible for security.

A

Shared responsibility

21
Q

An organization focused on a mission to help raise awareness of cloud security issues and the development of best practices. They publish the GRC stack.

A

CSA - cloud security alliance

22
Q

A logically isolated virtual Network inside an AWS account.

A

AWS virtual private cloud VPC

23
Q

These divide cloud VPCs into smaller virtual Network segments

A

Subnets

24
Q

Resources and private subnets do not have outbound internet access. This is the workaround.

A

Deploy a Network Address Translation (NAT) gateway in the public subnet.

25
Q

Leveraging cloud functionality for security purposes is referred to as

A

Security as a service

26
Q

Planning for how to handle impact to an organization’s operational capabilities, including IT assets.

A

BCP - Business continuity planning.

27
Q

Subset of business continuity planning that focuses on the recovery of key, critical IT assets.

A

Disaster recovery