6: 5 Cloud Security Controls

Question 1

Network Security Groups

Answer 1

Takes place of firewall to segment networks in an IaaS

Question 2

Who controls firewalls in a cloud environment

Answer 2

Cloud Providers

Question 3

Network Security Groups

Answer 3

Control traffic that passes from internet to system, for the customer

Question 4

Cloud Controls

Answer 4

can map directly to on-prem security controls sometimes, sometimes are unique

Question 5

TLS

Answer 5

Transport Layer Security - Encrypts data in transit

Question 6

Full Disk Encryption

Answer 6

Encrypts data at rest

Question 7

Application Virtualization

Answer 7

Centralizes sensitive data

Question 8

Secure Web Gateway

Answer 8

Filters web traffic - allows users to surf the web safely

Question 9

Defense in-depth

Answer 9

Having controls overlap so that if one fails, another one can cover that scope.

Question 10

Cloud-Native Controls

Answer 10

Security controls offered by cloud provider, tightly integrated with provider’s service offerings.

Question 11

Third-Party Controls

Answer 11

Security controls offered by third-party vendors that integrate with cloud providers through their API, may work across multiple cloud platforms

Question 12

Resource Policy

Answer 12

Limits Cloud service usage

Question 13

Transit Gateway

Answer 13

Links on premises and cloud networks (secure connections, cloud routers that provide strongly encrypted connections)

Question 14

Secret Management

Answer 14

Protects keys and other credentials