DOMAIN 13 Security as a Service Flashcards

1
Q

Major Categories of Security as a Service Offering:

A

Identity, Entitlement, and Access Management Services,
Cloud Access and Security Brokers,
Web Security (Web Security Gateways),
Email Security,
Security Assessment,
Web Application Firewalls (WAF),
Intrusion Detection/Prevention (IDS/IPS),
Security Information & Event Management (SIEM),
Encryption and Key Management,
Business Continuity and Disaster Recovery,
Security Management,
Distributed Denial of Service Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

There are three main categories of security assessments:

A

•• Traditional security/vulnerability assessments of assets that are deployed in the cloud (e.g.
virtual machines/instances for patches and vulnerabilities) or on-premises.
•• Application security assessments, including SAST, DAST, and management of RASP (Runtime Application Self-Protection).
•• Cloud platform assessment tools that connect directly with the cloud service over API to assess not merely the assets deployed in the cloud, but the cloud configuration as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly