3.6 cards Flashcards

1
Q

What is an Availability Zone (AZ)

A

Isolated locations with a cloud region

Each AZ has independent power, HVAC, and networking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name the two encryption types and name some attributes associated with them

A
Server-side encryption
- Encrypt data in the cloud
- Data is encrypted when stored on disk
Client-side encryption
- Data is already encrypted when it's sent to the cloud
- performed by the application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Identity and Access Management (IAM)

A

Used to define who gets access and who gets access to what

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What connects cloud compoents, allows users communication with the cloud, and allows cloud devices communicate between each other

A

Cloud Networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some differences between the private and public cloud

A
private cloud
- All internal IP addresses
- Connects to the private cloud over a VPN
- No access from the internet
public cloud
- External IP addresses
- Connects to the cloud from anywhere
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Virtualized security technologies

A

Web application Firewall (WAF)
Next-Generation Firewall (NGFW)
- Intrusion Prevention System (IPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

microservice architecture is the underlying application which is a security concern

A

API monitoring should include the following:

  • View specific API queries
  • Monitor incoming and outgoing data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The IaaS component for the cloud computing environment. Also manages computing resources

A

Compute cloud Instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

List security groups for Securing Compute Clouds

A

A firewall for compute instances
Layer 4 port number
Layer 3 address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Dynamic Resource Allocation

A

Provision resources when they are needed
Scale up and down
Ongoing monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is instance awareness

A

Granular security control

Ability to define and set policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This cloud security solution is great for determining visibility, compliance, threat prevention, and data security

A

CASB

- Cloud access security broker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are 4 factors associated with CASB

A

Visibility
Compliance
Threat prevention
Data security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does a Next-Gen Secure Web Gateway (SWG) do?

A
  • Protects users and devices
  • Go beyond URLs and GET requests
  • Examine JSON strings and API requests
  • Instance-aware security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

True or False, can a cloud have a firewall? If true, name some properties?

A

Control traffic flows in the cloud
Cost
Segmentation
OSI layers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly