Chapter 6 - Things To Know Flashcards
What are the securities?
Security Governance, Risk and Compliance (GRC) and data security comes under enterprise responsibility
Physical Security and Infrastructure Security comes under Cloud Provider Responsibility
What are the methods used in securing the networking architecture and components?
Vulnerbility Assessment
Firewall
Honeypot
IDS/IPS
What are the methods to protect data in transit?
Encryption
Virtual Private Network
Strong Authentication
What are the cloud service types?
PaaS
SaaS
laaS
What are the ways used for hardening the OS?
Removing unnecessary services and libraries Closing unused ports Installing antimalware agents Limiting administrator access Ensuring event logging is enabled
What are the processes that facilitate the data access methods?
Customer Directly Administers Access
Provider Administers Access on behalf of the Customer
Third-Party Administers Access on behalf of the Customer
What are the SOC report categories?
SOC 1
SOC 2
SOC 3