Cloud Operations and Compliance Flashcards
What is a tightly coupled cluster?
focused on primary storage. The data is divided up and used in disk-to-disk back up systems.
What is a loosely coupled cluster?
It offers cost-effective building blocks that can start small and grow as applications demand.
What should storage clusters be designed to do?
meet the required service levels
provide the ability to separate customer data in multitenant hosting environments
securely store and protect data through the use of availability, integrity, and confidentiality mechanisms, such as encryptions, hashing, masking, and multipathing.
What is a KVM console?
it is an application running in the browser window for remote maintenance of a Cloud Server or virtual server cloud.
What is CIMC?
Cisco Integrated Management Controller is used to manage and monitor the C-Series Rack servers.
It provides options like WebGUI, CLI, and IPMI for managing and monitoring tasks.
What are VLANs?
it is a set of workstations within a LAN that can communicate with each other as though they were on a single, isolated LAN.
Let’s you segment a physical network so that two machines in the network can’t transmit packets back and forth.
What is Transport Layer Security(TLS)?
is a cryptographic protocol designed to provide communication security over a network.
What are the two layers of TLS?
TLS record protocol provides connection security and ensures that the connection is private and reliable.
TLS handshake protocol allows the client and server to authenticate each other and negotiate an encryption algorithm and cryptographic keys before date is sent and received.
What is DNS
is a distributed database that contains mappings of the DNS domain names to various types of data, such as IP addresses.
What is DNSSEC?
a suite of extensions that adds security to the domain name system protocol by enabling DNS responses to be validated.
What are the THREATs to the DNS Infrastructure?
Footprinting, DoS Attacks, Data modification, Redirection, and Spoofing.
What is DNS footprinting?
collecting information about DNS zone data, which includes information about key hosts in the network
What is active footprinting?
the process of using tools and techniques for performing ping sweep and traceroute commands to gather information on a target.
What is a firewall?
a software or hardware-based network security system that controls the incoming and outgoing network traffic based on an applied rule set.
What is an IDS?
An intrusion detection device is passive watching of data transverse the network from monitoring ports, comparing traffic to configured rules, and setting off an alarm if it detects anything suspicious.
What is NIDS?
Network Intrusion Detections Systems are placed at a strategic point within the network to monitor traffic to and from all devices on the network.
What are IPSs?
Intrusion Prevention Systems sit inline with traffic flow on a network, actively shutting down attempted attacks as they are sent over the wire.
What are Honeypots?
they are used to detect, deflect, or counteract attempts at unauthorized use of information systems.
What is patch management?
the process of identifying, acquiring, installing, and verifying patches for products and systems.
What should patches address?
Vulnerability detection and evaluation
Subscription mechanism to vendor patch
Severity assessment of the patch by the receiving enterprise using that software
Applicability assessment of the patch on target systems
Opening of tracking records
Customer notification of applicable patches
Change management
Successful patch application verification
Issue and risk management
Closure of tracking record
What are some Remote Access Threats?
Lack of Physical Security Controls
Unsecured Networks
Infected endpoints accessing the internal network
External access to internal resources
How do you control Remote Access Threats?
Tunneling via a VPN
Remote desktop protocol, which allows for desktop access to remote systems
Access via a secure terminal
Deployment of a DMZ
How should you monitor cloud environments?
Network: Excessive dropped packets.
Disk: Full Disk or slow reads and writes to the disks.
Memory: Excessive memory usage or full utilization of available memory allocation.
CPU: Excessive CPU utilization.
What is shadow IT?
is often defined as money spent on technology to acquire services without the IT department’s dollars or knowledge.
What is auditing?
a systematic process of obtaining and evaluating evidence based on assertions about economic actions and events and establishing criteria and communicating the results to interested users.
What is internal auditing?
is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization.
What is an IT audit?
Provide audit services where processes or data, or both, are embedded in technologies.
What are fraud audits?
Provide investigation services where anomalies are suspected, to develop evidence to support or deny fraudulent activities.
What is an external audit?
the objective is that in all material respects, financial statements are a fair representation of the organization’s transactions and account balances.
What is the Security and Exchange Commission’s role?
oversees securities exchanges, securities brokers and dealers, investment advisors, and mutual funds in an effort to promote fair dealing, the disclosure of important market information, and to prevent fraud.
What is attestation?
the act of witnessing the signing of a formal document and then also signing it to verify it was properly signed by those bound by its contents.
What is an audit assertion?
are implicit or explicit claims and representations made by management responsible for the preparation of financial statements regarding the appropriateness of the various.
What are the phases of auditing?
Planning
Obtaining Evidence
Ascertaining Reliability
Communicating Results
What are the 4 types of opinions?
Unqualified
Qualified
Adverse
Disclaimer
What is an audit risk?
The probability that the auditor will give an inappropriate opinion on the financial statement. The statements will contain materials misstatements that the auditor fails to find
What is an inherent risk?
The probability that material misstatements have occurred.
What is a control risk?
The probability that the internal controls will fail to detect material misstatements.
What is a detection risk?
The probability that the audit procedures will fail to detect material statements.
