Chapter 10: Cloud and Virtualization Security

Question 1

Name of the term that is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Answer 1

Cloud Computing

Question 2

The fact that many different users share resources in the same cloud infrastructure is known as _______.

Answer 2

Multitenancy

Question 3

Cloud resources are available when and where you need them?
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 3

a. On-demand self-service computing

Question 4

As the demand for a cloud-based service increases, customers can manually or automatically increase capacity of their operations.
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 4

b. Scalability

Question 5

______ increases the capacity of existing servers. For example, you might change the number of CPU cores or the amount of memory assigned to a server.
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 5

c. Vertical Scaling

Question 6

________ adds more servers to a pool of clustered servers.
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 6

d. Horizontal Scaling

Question 7

Providers use this to track the number of seconds of processing you consume, the amount of storage you occupy, the number of log entries that you generate, and many other measures. They use this usage to determine the charge.
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 7

f. Measured Service

Question 8

The speed of provision cloud resources and the ability to use them for short periods of time.
a. On-demand self-service computing
b. Scalability
c. Vertical Scaling
d. Horizontal Scaling
e. Elasticity
f. Measured Service
g. Agility and Flexibility

Answer 8

g. Agility and Flexibility

Question 9

________ are the firms that offer cloud computing services to their customers.

Answer 9

Cloud service providers

Question 10

_____ are the organizations and individuals who purchase cloud services from cloud service providers.

Answer 10

Cloud Consumers

Question 11

______ are organizations that offer ancillary products or services that support or integrate with the offerings of a cloud service provider.

Answer 11

Cloud Partners

Question 12

_________ are independent organizations that provide third party assessments of cloud services and operations.

Answer 12

Cloud Auditors

Question 13

______ serve as the intermediaries that provide the connectivity that allows the delivery of cloud services from providers to consumers.

Answer 13

Cloud Carriers

Question 14

________ offerings allow customers to manage and configure computing, storage and networks. The customer does not need to worry about the underlying hardware.

Answer 14

Infrastructure as a service

Question 15

_________ offerings provide customers with access to a fully managed application running in the cloud. The provider is responsible for everything from the operation of the physical datacenters to the performance management of the application itself.

Answer 15

Software as a Service (SaaS)

Question 16

_______ offerings provide the customer with managing their own server where they may run applications. Infrastructure is managed by the provider.

Answer 16

Platform as a service

Question 17

________ platforms are an example of PaaS computing. This approach allows the customers to upload their own code functions to the provider and then the provider will execute those functions on a scheduled basis.

Answer 17

Function as a Service

Question 18

Serverless computing environments are an example of ________.

Answer 18

Function as a Service

Question 19

________ are service organizations that provide information technology as a service to their customers. They may handle an organization’s IT needs completely, or they may offer focused services such as network design and implementation, application monitoring, or cloud cost management.

Answer 19

Managed Service Providers

Question 20

________ allocates large volumes of storage for use by virtual server instances. These volumes are then formatted as virtual disks by the operating system on those server instances and used as they would a physical drive.

Answer 20

Block Storage

Question 21

________ provides customers with the ability to place files in buckets and treat each file as an independent entity that may be accessed over the web or through the provider’s API.

Answer 21

Object Storage

Question 22

AWS simple storage service is an example of _________.

Answer 22

object storage

Question 23

EBS is an example of __________.

Answer 23

Block Storage

Question 24

Name 3 security considerations mentioned from the book to keep in mind when working with cloud storage.

Answer 24

1. Set Permissions Properly
2. Consider high availability and durability options.
3. Use encryption to protect sensitive data.

Question 25

Cloud networks supports ____________.

Answer 25

Software Defined Networking

Question 26

VPC

Answer 26

Virtual Private Cloud

Question 27

______ allows network engineers to place systems of differing security levels and functions on different network subnets.

Answer 27

Segmentation

Question 28

Using ____, teams can group systems into subnets and designate those subnets as public or private, depending on whether access to them is permitted from the internet.

Answer 28

VPC

Question 29

What do VPC endpoints offer?

Answer 29

They allow the connection of VPCs to each other using the cloud provider’s secure network backbone.

Question 30

Cloud _______ extend VPC endpoints by allowing the direct interconnection of cloud VPCs with on-premises VLANs for hybrid cloud operations.

Answer 30

Transit Gateways

Question 31

A principle that states that data is subject to the legal restrictions of any jurisdiction where it is collected, stored, or processed.

Answer 31

Data Sovereignty

Question 32

VM sprawl

Answer 32

IaaS users create a virtual service instances then abandons them.

Question 33

_________ are software tools that serve as intermediaries between cloud service users and cloud service providers.

Answer 33

Cloud access security brokers (CASBs)

Question 34

______ CASB solutions physically or logically reside in the connection path between the user and the service. They may do this through a hardware appliance or an endpoint agent that routes requests through the CASB.

Answer 34

Inline CASB

Question 35

______ CASB solutions do not interact directly with the user but rather interact directly with the cloud provider through the provider’s API.

Answer 35

API-based CASB

Question 36

Which CASB solution blocks requests that violate the policy.

Answer 36

Inline CASB solution. API-based CASB solution does not allow that.

Question 37

Cloud providers offer ______ that customers use to limit the actions that users of their accounts may take.

Answer 37

Resource policies