Chapter 6 - Securing The Cloud Flashcards
What are the 3 service models of the cloud?
6 - 196
software as a service
platform as a service
infrastructure as a service
Define software as a service.
6 - 197
the consumer can use the provider’s applications running on a cloud infrastructure
tell me the details of the SaaS service model
6-197
provider - application, middleware, operating system, hardware, network, and facility
consumer - user
Define Platform as a Service
6 - 198
consumer gets to use tools from the provider to create applications that will be deployed to the cloud infrastructure
tell me the details of the PaaS model
6 - 198
same as the SaaS model, but the application has moved to the consumer side, below User
define Infrastructure as a service
6 - 199
the consumer has control over processing, storage, networks, on a cloud infrastructure
tell me the details of the IaaS model
6 - 199
user, application, middleware, and operating system are all under consumer. hardware, network, and facility are all under provider
Each of these service models has 5 things in common that they all include. what are they?
6 - 199
on-demand self service broad network access resource pooling rapid elasticity measured service
what are the 4 different delivery models?
6 - 200
private
public
community
hybrid
which kind of cloud is owned by the organization with that organization acting as both the provider and the consumer?
6 - 200
private cloud
which cloud uses a pay-as-you-go model?
6 - 200
public cloud
which cloud involves joint interests and limited enrollment?
6 - 201
community cloud
what kind of cloud will you have if you mix private and public clouds together?
6 - 201
a hybrid cloud
when your servers become too busy, you offload traffic to resources from a cloud provider. what is this technique called?
6 - 201
cloud bursting
what is the single most critical component for cloud computing?
6 - 201
virtualization
there are two types of hypervisor models. tell me their nicknames and explain the differences.
6 - 201, 202
type 1 - bare metal, the hypervisor boots before the operating system and is independent of it
type 2 - hosted, dependent on the operating system and therefore boots AFTER the OS is up and running
the machine performing the virtualization is called a ____ and the virtual machines running on that machine are called ______.
6 - 203
host
guests
there are 5 primary virtualization topics you should be familiar with. what are they?
6 - 203, 204
snapshots patch compatibility host availability/elasticity security control testing sandboxing
what do snapshots contain? 3 items
what can snapshots be used for?
6 - 203
a copy of the virtual machine settings
info on all virtual disks attached
memory state of the machine
virtual machine cloning
what is the concept behind patch compatibility?
6 - 203
making sure patches are compatible with each other
what’s the goal with host availability?
6 - 204
the five 9’s. 99.999% uptime
in security control testing, you are looking for weaknesses. what 3 things will be included in your search?
6 - 204
interviews, examinations, testing of systems
when you are sandboxing, what are you doing?
what will this activity limit?
6 - 204
running applications in restricted memory areas
the possibility of an app’s crash
if you aren’t sandboxing, what could happen in the event of an app crash?
6 - 205
if someone’s app crashes and you aren’t sandboxing, it is possible for them to server hop to your data
what is multinenancy?
6 - 205
putting data from various clients on the same machines
under law and regulations per NIST, the organization providing the cloud service is responsible for what 2 things?
6 - 205
the choice of public cloud
security and privacy of the outsourced service
what can you do to reduce some of the risks associated with multitenancy?
6 - 205
data segregation
tell me 3 examples of large local hard drives
6 - 206
Direct Attached Storage
Network Area Storage
Storage Area Networks
