Cloud Data Security Flashcards
What are the main types of storage in cloud ?
Volume, Object, CDN, Database
What are the two types of Volume based storage ?
File and Block
What is block based storage ?
Block - blank volume that the user can put anything on to - more flexibility and higher performance but may need higher admin and os installed
What is file based storage ?
Stored and Displayed as a file structure - popular with Big Data tools and processes.
What is object storage ?
Stored as objects alongside meta data and a unique address identifier allows for high classification and labelling. Storage is in a flat structure.
What is a CDN ?
Data Caching near geophysical or edge locations for high use or demand e.g. multimedia streaming
Name the six phases in the data lifecycle ?
Create Store Use Share Archive Destroy
Describe Archive storage ?
Long Term Storage - Cryptography essential
Location and Format should also be a consideration
Staff access both in and outside of the cloud
Procedure how is that data to be restored.
What features are within the Use stage of the lifecycle ?
All connections to be secured usually with an encrypted tunnel.
Data Owners should minimise access to data as well as the use of logging and audit trails. Virtual hosts must be separated from each other and provider should also have controls about what, where and when their own staff have access to infrastructure.
What is a consideration with the Share phase ?
Jurisdiction
What are the main features of DLP ?
Additional Security, Enhanced Monitoring, Policy Enforcement, Regulatory Compliance
When should encryption be used in cloud ?
Used to protect data at rest, in transit and in use.
What are the main characteristics of Key Management in cloud ?
Distribution, Escrow, Recovery, Revocation, Protection, Outsourcing
What is Key escrow ?
This is where a third party have a copy of the keys.
Name the 4 main goals of SIEM ?
Automated Response, Dashboarding, Enhanced Analysis, Log Centralisation
What is key outsourcing ?
Keys should not be stored with the data they are processing. One solution is for the cloud customer to retain the keys, but that requires an expensive and complicated set of infrastructure and skilled personnel. We can offload this to CASB to look after IAM and Key management.
Give two examples of SIEM enhanced analysis ?
Includes Trend Analysis
APT detection
What are the seven common obfucation techniques ?
Masking, Nulls, Shuffling, Randomisation,Tokenisation, Hashing and Anonymisation
What is anonymisation ?
Removing tell tale identifiers - difficult and
What is hashing ?
Converts data via cryptography into fixed length strings. Drawback is some characteristics such as format and length are lost.
What is masking ?
Hiding data with useless characters such as showing last four digits of SSN - keeps data characteristics
What is randomisation ?
Replacing data or part of data with random characters
What is shuffling ?
Using different enteries in the same data to represent the data - drawback is you are still exposing production data
What is tokenisation ?
Replace data with a token involves two databases one for token and one for the actual data - Significant overhead as we have to translate the token into true value and also read two databases when assigning, reading, updating and deleting.