Chapter 6 - Securing The Cloud

Question 1

What are the 3 service models of the cloud?

6 - 196

Answer 1

software as a service
platform as a service
infrastructure as a service

Question 2

Define software as a service.

6 - 197

Answer 2

the consumer can use the provider’s applications running on a cloud infrastructure

Question 3

tell me the details of the SaaS service model

6-197

Answer 3

provider - application, middleware, operating system, hardware, network, and facility

consumer - user

Question 4

Define Platform as a Service

6 - 198

Answer 4

consumer gets to use tools from the provider to create applications that will be deployed to the cloud infrastructure

Question 5

tell me the details of the PaaS model

6 - 198

Answer 5

same as the SaaS model, but the application has moved to the consumer side, below User

Question 6

define Infrastructure as a service

6 - 199

Answer 6

the consumer has control over processing, storage, networks, on a cloud infrastructure

Question 7

tell me the details of the IaaS model

6 - 199

Answer 7

user, application, middleware, and operating system are all under consumer. hardware, network, and facility are all under provider

Question 8

Each of these service models has 5 things in common that they all include. what are they?

6 - 199

Answer 8

on-demand self service
broad network access
resource pooling
rapid elasticity
measured service

Question 9

what are the 4 different delivery models?

6 - 200

Answer 9

private
public
community
hybrid

Question 10

which kind of cloud is owned by the organization with that organization acting as both the provider and the consumer?

6 - 200

Answer 10

private cloud

Question 11

which cloud uses a pay-as-you-go model?

6 - 200

Answer 11

public cloud

Question 12

which cloud involves joint interests and limited enrollment?

6 - 201

Answer 12

community cloud

Question 13

what kind of cloud will you have if you mix private and public clouds together?

6 - 201

Answer 13

a hybrid cloud

Question 14

when your servers become too busy, you offload traffic to resources from a cloud provider. what is this technique called?

6 - 201

Answer 14

cloud bursting

Question 15

what is the single most critical component for cloud computing?

6 - 201

Answer 15

virtualization

Question 16

there are two types of hypervisor models. tell me their nicknames and explain the differences.

6 - 201, 202

Answer 16

type 1 - bare metal, the hypervisor boots before the operating system and is independent of it

type 2 - hosted, dependent on the operating system and therefore boots AFTER the OS is up and running

Question 17

the machine performing the virtualization is called a ____ and the virtual machines running on that machine are called ______.

6 - 203

Answer 17

host

guests

Question 18

there are 5 primary virtualization topics you should be familiar with. what are they?

6 - 203, 204

Answer 18

snapshots
patch compatibility
host availability/elasticity
security control testing
sandboxing

Question 19

what do snapshots contain? 3 items

what can snapshots be used for?
6 - 203

Answer 19

a copy of the virtual machine settings
info on all virtual disks attached
memory state of the machine

virtual machine cloning

Question 20

what is the concept behind patch compatibility?

6 - 203

Answer 20

making sure patches are compatible with each other

Question 21

what’s the goal with host availability?

6 - 204

Answer 21

the five 9’s. 99.999% uptime

Question 22

in security control testing, you are looking for weaknesses. what 3 things will be included in your search?

6 - 204

Answer 22

interviews, examinations, testing of systems

Question 23

when you are sandboxing, what are you doing?

what will this activity limit?

6 - 204

Answer 23

running applications in restricted memory areas

the possibility of an app’s crash

Question 24

if you aren’t sandboxing, what could happen in the event of an app crash?

6 - 205

Answer 24

if someone’s app crashes and you aren’t sandboxing, it is possible for them to server hop to your data

Question 25

what is multinenancy?

6 - 205

Answer 25

putting data from various clients on the same machines

Question 26

under law and regulations per NIST, the organization providing the cloud service is responsible for what 2 things?

6 - 205

Answer 26

the choice of public cloud

security and privacy of the outsourced service

Question 27

what can you do to reduce some of the risks associated with multitenancy?

6 - 205

Answer 27

data segregation

Question 28

tell me 3 examples of large local hard drives

6 - 206

Answer 28

Direct Attached Storage
Network Area Storage
Storage Area Networks