Cloud Computing Threats and Countermeasures Flashcards
Which of the following cloud deployment models is a combination of two or more clouds that remain unique entities but are bound together, where an organization makes available and manages certain resources in-house and obtains other resources externally?
Hybrid Cloud: It is a cloud environment comprised of two or more clouds (private, public, or community) that remain unique entities but are bound together to offer the benefits of multiple deployment models. In this model, the organization makes available and manages some resources in-house and provides other resources externally.
Identify the cloud deployment model representing a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals.
Multi Cloud: It is a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals. Multi cloud environments are mostly all-private, all-public or a combination of both. Organizations use multi cloud environments for distributing computing resources, thereby increasing computing power and storage capabilities, and limiting the data loss and downtime risk to a great extent.
Given below are the list of tiers present in container technology architecture:
Developer machines
Testing and accreditation systems
Registries
Orchestrators
Hosts
Which of the following components in the Docker engine is the command-line interface used to communicate with the daemon?
Client CLI
a command-line interface that provides access to the IBM® UrbanCode™ Deploy server.
Irin, a cloud security architect, is a disgruntled ex-employee of an organization who has access to cloud resources and knows about the organization’s cloud network. Using this information, she deliberately accesses critical documents and compromises the sensitive information available in the cloud.
Identify the cloud threat demonstrated in the above scenario.
Malicious Insiders: Malicious insiders are disgruntled current/former employees, contractors, or other business partners who have/had authorized access to cloud resources and could intentionally exceed or misuse that access to compromise the confidentiality, integrity, or availability of the organization information.
Which of the following countermeasures helps administrators secure the cloud network from side-channel attacks?
Check for repeated access attempts to local memory and to any hypervisor processes or shared hardware cache by tuning and collecting local process monitoring data and logs for cloud systems.
Which of the following types of cloud services provides data processing services, such as IoT services for connected devices, mobile and web applications, and batch-and-stream processing?
Function-as-a-service (FaaS)
a kind of cloud computing service that allows developers to build, compute, run, and manage application packages as functions without having to maintain their own infrastructure.
Identify the node component of Kubernetes that ensures all pods and containers are healthy and running as expected.
Kubelet is an important service agent that runs on each node and ensures containers running in a pod. It also ensures pods and containers are healthy and running as expected. Kubelet does not handle containers that are not generated by Kubernetes.
In which of the following attacks does an attacker exploit the vulnerability in a bare-metal cloud server and use it to implant a malicious backdoor in its firmware?
Cloudborne attack is a vulnerability residing in a bare-metal cloud server that enables attackers to implant a malicious backdoor in its firmware
Which of the following best practices should be followed for securing a cloud environment?
Verify one’s own cloud in public domain blacklists