Chapter 4 – Cloud Data Security Flashcards
What are the phases of the Data Lifecycle?
Create > Store > Use > Share > Archive > Destroy
What is the purpose of the Create phase?
Defines classification levels.
How should data created remotely be handled?
Data created by the user should be encrypted before uploading to the cloud; protects against MIIM attacks/insider threats at cloud data center; connection should be secure too (IPsec or TLS VPN solution).
How should data created within the cloud be handled?
Should be encrypted upon creation; allows both read and process functions to be performed.
What does the Store phase refer to?
Usually refers to near-term storage; this phase will happen when the data is created (occurs simultaneously).
What security measures should be taken during the Store phase?
Encryption at rest/transit should happen before this phase begins.
What is important during the Use phase?
Platforms used to connect to data in the cloud need to be secure (VPN, IRM, DLP); data owners should restrict permissions; logging and audit trails are important when data are manipulated.
What should be considered when sharing data?
Craft sharing restrictions based on jurisdiction; limit/prevent data being sent to certain locations (export/import controls); implement some form of egress monitoring.
What are ITAR and EAR?
ITAR prohibits defense-related exports; EAR prohibits dual-use items (technologies used for both commercial/military purposes).
What is the Wassenaar Arrangement?
A group of 41 members that have agreed to mutually inform each other about conventional military shipments to nonmember countries; not a treaty, not legally binding.
What is the purpose of the Archive phase?
Phase for long-term storage; cryptography is the essential consideration.
What is crucial for key management in the Archive phase?
Key management is important; if lost, it can lead to exposure or total loss.
What is the only feasible means of destruction?
Crypto shredding is the only feasible and thorough means available.
What is Volume Storage?
Customer is allocated storage space; represented as an attached drive to user’s VM.
What are the threats associated with Volume Storage?
All traditional data storage threats remain; malware, deletion of data, and physical disk failure.
What is Block Storage?
Provides low latency and high-performance values; useful for structured storage.
What are the threats associated with Block Storage?
Requires greater amount of administration; risk of malware is reduced but parasitical viruses can infect specific files.
What is File Storage?
Data stored/displayed with a file structure in a traditional environment (files/folders).
What is Object-Based Storage best used for?
Best used for large unstructured data when durability, unlimited storage, scalability, and metadata management are factors for overall performance.
What are the threats associated with Object-Based Storage?
Risk of malware is reduced but parasitical viruses can infect specific files; loss due to physical disk failure.
What is Ephemeral Storage?
Temporary resource used for processing; referred to as instance store volumes.
What are the threats associated with Ephemeral Storage?
Data will be lost if VM instance is shut down or physical drive fails.
What is Long-Term Storage?
Durable data storage capacity; offered at low cost and large amounts; used for archiving/backups.
What are the threats associated with Long-Term Storage?
Insider threat; intermediary (MiiM attacks); ransomware; vendor lock-in.
