Cloud Security Flashcards

1
Q

What is Hyperconverged Infrastructure ?

A

The full integration of the storage network and servers into the cloud without having to perform hardware changes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a VDI?

A

Virtual Desktop Infrastructure -

Allows a cloud provider to offer a full desktop OS to an end user from a centralized server

This desktop is non persistent meaning it is destroyed as soon as the user logs off mitigating the risk of being exploited by an attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What do secure enclaves and volumes do?

A

Keep stored data confidential and separated from the other logical servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a secure enclave?

A

A mechanism that utilizes two distinct areas that data may be stored and accessed from

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a secure volume?

A

Method for keeping data a rest secure from prying eyes. When the data is needed, a secure volume is mounted and decrypted to allow access then is unmounted when no longer needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is multi tenancy ?

A

A term in cloud computing that refers to your data being hosted on the same physical server as another organization’s data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How can you best mitigate cloud security threats?

A
  • Configure, manage and audit user access to virtualize servers
  • Set up virtual servers with proper fail over, redundancy and elasticity (balance the load across several physical machines)
  • Complex passwords and strong authentication
  • Encryption of data for in use and after deprovisioning
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Saas?

A

Software as a Service - provides remote access to applications based on a monthly or annual subscription fee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is IaaS?

A

Infrastructure as a Service - cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is PaaS?

A

Platform as a Service - complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is SECaaS?

A

Security as a Service - provides various types of security services without needing to hire a cybersecurity staff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is Sandboxing?

A

Utilizing separate virtual networks to allow security professionals to test suspicious files or malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is CASB?

A

Cloud Access Security Broker - security policy enforcement software tool or service placed between cloud service users and cloud applications?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is CSA?

A

Cloud Security Alliance - nonprofit organization promoting best practices related to cloud computing environments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is CCM?

A

Cloud Controls Matrix - cybersecurity control framework for cloud computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is VPC?

A

Virtual Private Cloud - enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

17
Q

What is Fog Computing?

A

local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing.

18
Q

What is a Public Cloud?

A

cloud computing deployment model in which the cloud infrastructure is provisioned for open use by the general public

19
Q

What is a Hybrid Cloud?

A

A cloud deployment model consisting of two or more interlinked cloud infrastructures (private, community, or public)

20
Q

What are the countermeasures against VM escape?

A

Sandboxing and patch management

21
Q

What can be used to prevent VM sprawl?

A

Usage audit and asset documentation

22
Q

What is VM Escape?

A

process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

23
Q

What is VM Sprawl?

A

situation in which large number of deployed virtual machines lack proper administrative controls.

24
Q

A file-based representation of the state of a virtual machine at a given point in time is called:

A

Snapshot

25
Q

What is MSSP

A

managed security service provider - company that provides managed security services to help protect a company’s IT systems from cyber threats and attacks. This can include services such as threat monitoring, vulnerability assessments, firewall management, and incident response. The goal of an MSSP is to improve the overall security posture of a company’s IT systems.

26
Q

What is MSP?

A

managed service provider - company that provides proactive IT management services for businesses. This can include managing a company’s computer systems, networks, servers, and other IT infrastructure. The goal of an MSP is to improve the efficiency and reliability of a company’s IT systems while reducing costs and minimizing downtime.