Chapter 3 Flashcards
Storage types
three specific types of storage: long-term, ephemeral, and raw storage.
Volume storage
Object based storage
database
volume: file storage , block storage
Threats to cloud storage:
Long term
Long term storage threat:
threats include exposure and malicious access due to credential theft or compromise or privilege escalation, risks to the integrity of the data due to issues with the underlying service, and exposure of the data due to attacks against the encryption protecting it. They can also include denial of service and service outages and attacks that deny access to the data, like cryptographic malware–style attacks.
Threats to cloud storage:
Ephermal storage
sares the same risks and also presents risks to the incident response and forensics process, as ephemeral systems and storage devices may be automatically destroyed or removed when those systems are terminated. Since many environments automatically scale as needed, this means that forensic artifacts may be lost unless they are intentionally preserved.
Threats to cloud storage:
raw storage
it may be allocated directly on devices. In some cloud systems, reallocation of raw storage has left fragments of data available to the next user of that block storage. While that has been remediated in major cloud providers’ infrastructure, that type of risk is another reason to always encrypt data throughout cloud infrastructure so that inadvertent exposure of your storage does not result in a breach.
Threats to cloud storage
Side channel attacks
side channel attacks that operate outside of your environment. Information may be available to attackers or insiders who can perform network traffic capture or even physical theft of the underlying servers or media.
Keys and secrets management
level of protection
key recovery
key distribution
key revocation
key escrow
key lifetime
outsourcing key mgmt
certificate management
Hashing
That means that hashes are used for a variety of purposes, including checking if a file has changed, storing and retrieving data quickly, and a variety of other purposes. It’s important to note that hashing is not encryption, although the two are often confused. Hashes are one-way functions that don’t have keys like regular encryption. This means you can’t decrypt a hash value.
Masking, Obfuscation, Anonymization, and Tokenization
Randomization
The replacement of the data or part of the data with randomized information. Randomization is useful when you want to remove the real data but maintain its attributes, including things like the length of the string, its character set
Anonymization
The replacement of the data or part of the data with randomized information. Randomization is useful when you want to remove the real data but maintain its attributes, including things like the length of the string, its character set
Hashing
Hashing involves using a one-way cryptographic function to create a digest of the original data. Using a hash algorithm to obscure the data gives you the benefit of ensuring it is unrecoverable while retaining the ability to reference the data uniquely. That means that hashes are sometimes used to mask or anonymize data when the data content itself is not important for a field.
Shuffling
Using different entries from within the same dataset to represent the data. This has the obvious drawback of using actual production data but can help to create more realistic test data. A shuffled user field might have a randomized first name, last name, address, and other data from an existing dataset.
Masking
Hiding the data with useless characters; for example, showing only the last four digits of a Social Security number: XXX-XX-1234
