Chapter 4 Flashcards

1
Q

Correct Order of Cloud Secure Data Lifecycle

A
  • Create
  • Store
  • Use
  • Share
  • Archive
  • Destroy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Three Components of DLP are

A
  • Discovery and Classification
  • Monitoring
  • Enforcement
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

This type of storage typically uses APIs or network requests

A
  • Object
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DLP implementation goals

A
  • Policy Enforcement
  • Data Discovery
  • Data Loss Mitigation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Six Steps of the tokenization Architecture

A
  1. An application collects or generates a piece of sensitive data.
  2. Data is sent to the tokenization server; it is not stored locally.
  3. The tokenization server generates the token. The sensitive data and the token are stored in the token database.
  4. The tokenization server sends back the token to the application.
  5. The application stores the token instead of the original data.
  6. When sensitive data is required, an authorized application or user requests it.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Approaches to data masking

A
  • Random Substitution: Replace the Value with a Random Value
  • Algorithm Substitution: Replaces the value with an algorithm-generated value
  • Shuffle: Shuffles different values from the data set
  • Masking: Hides certain parts of the data using specific characters
  • Deletion: Deletes the data or uses a null value
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Encryption Engine

A

File-Level Encryption - Database servers typically reside on volume storage. For this deployment, you are encrypting the volume or folder of the database, with the encryption engine and keys residing on the instances attached to the volume.

Transparent Encryption - Many Database-management systems have the ability to encrypt the entire database or specific portions, such as tables. The encryption engine resides within the database and it is transparent to the application.

Application-level Encryption - The encryption engine resides at the application that is utilizing the database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The Key Principles of enterprise architecture that should be followed at all times :

A
  • Explain protections that enable trust in the cloud
  • Provide directions to secure information preserved by regulations
  • Prepare the resilient architecture and support multi landlord platforms
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cloud storage architectures and their associated cloud models

A

IaaS: Volume-based and object-based storage

PaaS and SaaS: Databases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Challenges associated with Key Management

A
  • Backup and Replication
  • Access to the Keys
  • Key Storage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly