Cloud Security

Question 1

What is Cloud?

Answer 1

Refers to a cloud computing which is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly
provisioned and released with minimal management effort or service provider interaction.

Question 2

What is Cloud Computing?

Answer 2

Concept of creating a service using shared resources that may hosted on the internet or private networks.

Question 3

What are the benefits of Cloud Computing?

Answer 3

Scalable, Flexibility, Integration, Fast Access, Lower Cost, Simplicity

Question 4

What are the 3 Cloud Computing Service Models?

Answer 4

IaaS (Infrastructure as a Service)
PaaS (Platform as a Service)
Saas (Software as a Service)

Question 5

What are the 3 Deployment Model?

Answer 5

Public Cloud, Private Cloud and Hybrid Cloud

Question 6

What are the 3 Service Models?

Answer 6

Xaas (Anything as a Service), Saas (Desktop as a Service), DRaaS (Disaster Recovery as a Service)

Question 7

What are the 2 Cloud Vendors?

Answer 7

AWS (Amazon Web Services), Microsoft Azure, Google Cloud Platform

Question 8

What is the responsibility of the Cloud Provider?

Answer 8

Responsible mainly for infrastructure, in accordance with the service plan.

Question 9

What is the responsibility of the Cloud Client?

Answer 9

Responsible for the data and accountability within the framework of the service plan (data, OS, apps, etc.)

Question 10

What is Public Cloud?

Answer 10

Uses provider resources and host services open to others (sharing)

Question 11

What is Private Cloud?

Answer 11

Separate for each customer, private customizable environment, offers a higher level of reliability

Question 12

What is Hybrid Cloud?

Answer 12

Public and Private combined, running app interchangeably, privately, or public

Question 13

What is EC2?

Answer 13

Amazons Elastic Compute Cloud

Question 14

A type of cloud infrastructure available solely for a single organization is known as?

Answer 14

Private Cloud

Question 15

Which is a cloud computing delivery model in which cloud infrastructure is provisioned for open use by the general public?

Answer 15

Public Cloud

Question 16

A cloud delivery model consisting of two or more interlinked cloud infrastructures (private, community, or public) is referred to as a hybrid cloud.

Answer 16

True

Question 17

Which cloud infrastructure type would be the most suitable for a group of organizations sharing common interests?

Answer 17

Community cloud

Question 18

Which is a cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

Answer 18

IaaS

Question 19

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called:

Answer 19

SaaS

Question 20

Which cloud service model would provide the best solution for a web developer intending to create a web app?

Answer 20

PaaS

Question 21

In cloud computing, the term “Metered service” refers to the cloud provider’s ability to track the computing resources consumers are accessing as well as the amount of resources they are consuming. It provides transparency for both the provider and consumer and is used, among other applications, for the purpose of billing.

Answer 21

False

Question 22

In cloud computing, the term “Measured service” refers to a situation in which gaining access to resources does not require a flat fee. This type of billing model allows consumers to be charged variable rates depending on the exact amount of utilized resources.

Answer 22

False

Question 23

Which of the terms listed below refers to a cloud computing feature that allows for automatic allocation of computing resources in proportion with the demand?

Answer 23

Rapid elasticity

Question 24

What is metered service?

Answer 24

A fee charged by cloud service providers on the basis of how much of a resource was used.

Question 25

What is measured service?

Answer 25

A billing model cloud service providers use to charge for services in small increments based on the computing resources the customer consumes

Question 26

What is persistent VDI?

Answer 26

each user gets his or her own persistent virtual desktop – also known as a one-to-one ratio. User connects to the same desktop each time, and user can personalize the desktop for their needs since changes are saved even after the connection is reset.

Question 27

What is nonpersistent VDI?

Answer 27

Nonpersistent desktops are many-to-one, meaning that they are shared among end users. In nonpersistent none of the users’ configurations or application data gets saved

Question 28

What is VM escape?

Answer 28

Is an attack that allows an attacker to access the host system from within the virtual system. attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.

Question 29

How do mitigate VM escape?

Answer 29

Updating software regularly. Installing updates and patches the moment they are available will reduce the risk of someone exploiting bugs in the virtualization software or other software running in the virtual environment. Isolating virtual environments.

Question 30

What is VM sprawl?

Answer 30

VM sprawl - occurs when the number of virtual machines (VMs) on a network reaches a point where administrators can no longer manage them effectively.

Question 31

How do mitigate VM sprawl?

Answer 31

Audit VMs. It may seem like a simple solution, but make it a policy that every VM and virtual server must be documented and registered.
Optimize storage and implement data policies. …
Implement lifecycle management tools. …
Implement VM archiving.

Question 32

What is an example of on-premises VDI solution?

Answer 32

Local server hosting virtualized OS

Question 33

What its a characteristic of persistent VDI: (Select 2 answers)

Answer 33

Each user runs their own copy of virtual desktop, At the end of a session, user data and personal settings are saved

Question 34

What its a characteristic of a non-persistent VDI? (Select 2 answers)

Answer 34

At the end of a session, user desktop reverts to its original state, Virtual desktop is shared among multiple users

Question 35

Which of the following answers refers to a cloud-based VDI service?

Answer 35

DaaS

Question 36

Which of the terms listed below refers to a solution that allows multiple operating systems to work simultaneously on the same hardware?

Answer 36

Virtualization

Question 37

What is virtualization?

Answer 37

a solution that allows multiple operating systems to work simultaneously on the same hardware? Share resources

Question 38

What is a hypervisor?

Answer 38

is used to virtualize a system and manage virtual system resources.

Question 39

In virtualization technology, a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system is known as:

Answer 39

Hypervisor

Question 40

Which of the following statements describe disadvantages of virtualization? (Select 2 answers)

Answer 40

Multiple virtual machines run on a single host share hardware resources which has a degrading effect on performance
Hardware used for hosting virtual machines becomes a single point of failure

Question 41

For best performance, a custom workstation designed for virtualization tasks needs: (Select 3 answers)

Answer 41

Large, fast hard drive, Maximum RAM, Maximum CPU cores

Question 42

A set of Intel CPU HAV enhancements is called?

Answer 42

VT-x

Question 43

Which of the answers listed below refers to HAV enhancements developed by AMD for its CPUs?

Answer 43

AMD-V

Question 44

The term “VM sprawl” is used to describe a situation in which large number of deployed virtual machines lack proper administrative controls.

Answer 44

True

Question 45

The term “VM escape” refers to the process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine

Answer 45

True

Question 46

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

Answer 46

Usage audit and asset documentation

Question 47

What are the countermeasures against VM escape?

Answer 47

Sandboxing and patch management

Question 48

What is the difference in Hypervisor Type 1 and Hypervisor Type 2

Answer 48

Type 1 runs directly on system hardware and Type 2 runs on the host operating system

Question 49

What is on-premise?

Answer 49

Computing services that operated locally

Question 50

What is off-premise?

Answer 50

Computing services that operated remotely

Question 51

What are containers?

Answer 51

Containers are packages of software that contain all of the necessary elements to run in any environment.

Question 52

What is used to run containers run on and what platform?

Answer 52

Docker is a PaaS that uses virtualization to deliver software in packages called
containers

Question 53

Virtual Containers and virtual machines are the same?

Answer 53

False Virtual machine is has its own OS kernal container share hot OS kernal
VM separate libraries and config file, container share
boot time quicker on container and smaller size

Question 54

What is Security as a Service (SECaaS)?

Answer 54

A cloud-based method of outsourcing your cybersecurity. Outsourced security can cover data protection, VoIP security, database security, and general network security.

Question 55

What are the benefits of SECaas?

Answer 55

Cost savings, outsource experts, intelligence sharing, flexibility new information

Question 56

What are concerns of SECaas?

Answer 56

Visibility and data concealment, regulation, monitoring restrictions, information leakage, switching providers

Question 57

What is Cloud Access Security Broker (CASB)

Answer 57

A software or service (such as Forcepoint ONE) that acts as a gatekeeper and monitors data flow. Provides techniques for encryption, monitoring, identity management, and more.

Question 58

What is a Virtual Appliance?

Answer 58

Software appliance installed on a virtual machine. Preconfigured and ready to use OSs. They do not require installation. Use Open Virtualization Format (OVF) and
Open Virtual Appliance (OVA

Question 59

What is OVF?

Answer 59

Open Virtualization Format (OVF) is an open standard which contains multiple files as a package. For example, .ovf, .vmdk, .nvram, and so on. OVF supports exchange of virtual appliances across products and platforms.

Question 60

What is OVA?

Answer 60

Open Virtual Appliance (OVA) OVA is a single file distribution of the OVF file package.

Question 61

What is Data Center?

Answer 61

Collection of computing and network devices placed in a centralized location for more powerful computing power

Question 62

What is a SLA?

Answer 62

An agreement between the service provider and client regarding the provided service features and implementation

Question 63

What is the purpose of Virtualization?

Answer 63

Use a single machine for multiple simulated environments.

Question 64

What is the purpose of Cloud Computing?

Answer 64

Pool resources and automate for on-demand-use