Domain 3 Flashcards
What is the primary requirement for cloud functionality?
ISP connectivity
What provides immediate, battery-driven power for a short period of time?
UPS - uninterruptible power supplies
What’s the best option for providing backup power for a sustained period of time?
Generators
Redundant arrays of inexpensive disks (RAID) and redundant servers are examples of what kind of controls?
high-availability
What identifies sensitive information stored on endpoint systems or in transit over a network?
DLP systems
What is a duplicate of your system – including lines of communication and network devices – that can act as your business’s main operating system if your primary server goes down for any reason?
Redundant server
What creates a single usable data disk, where several physical disks are combined into an array for better speed and fault tolerance.
Redundant arrays of inexpensive disks (RAID)
What are the following key concepts for:
* Mirroring: copying data to more than one disk
* Striping: splitting data across more than one disk
* Error correction (fault tolerance): redundant data is stored to allow problems to be detected and possibly fixed
RAID
Is RAID a backup solution?
No
What is a network encryption protocol used to protect sensitive information?
TLS
Can TLS identify sensitive information?
No
T/F: The management plane of a cloud service provider’s datacenter should be reserved for use by the provider’s own engineers.
True
What does traffic on the management plane control?
Operation of the infrastructure
What’s a cost-effective way to track items in a facility?
RFID - Radio frequency identification technology
What type of site includes the basic capabilities required for datacenter operations, like space, power, HVAC, and communications?
Cold site, but it lacks hardware required to restore operations
What is the most simplistic type of disaster recovery site consisting of elements providing power, networking capability, and cooling
Cold site
What type of DR site has storage hardware such as tape or disk drives, servers, and switches but has to have data transported for use in recovery?
Warm site
What type of DR site is ideal but challenging to attain that is a fully functional backup site that already has important data mirrored to it?
Hot site
What is the maximum acceptable delay between the interruption of service and restoration of service. This determines an acceptable length of time for service downtime.
RTO - recovery time objective
What is the maximum acceptable amount of time since the last data recovery point. This determines what is considered an acceptable loss of data.
RPO - recovery point objective
Every region consists of multiple __________.
Availability zones
What DR strategy is when data is live, services are idle, and some resources are provisioned and scaled after event?
Pilot light
What DR strategy is always running, business critical, and scales AWS resources after event?
Warm standby
What DR strategy has real-time RPO and RTO, zero downtime, near zero data loss, and is for mission critical services?
Multi-site, active/active
What provides the best redundancy and resiliency for backup?
Having your backup at another cloud provider
What is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers.
Docker
What packages software into standardized units called containers that have everything the software needs to run including libraries, system tools, code, and runtime.
Docker
What is the highest priority in security?
Human safety
What allows every resource on the server to be placed in a partition and can be used to achieve multitenancy, logical separation of data, scalability, and geographic sharding?
Tenant partitioning
What partitions virtual machines belonging to different tenants on a virtualization platform?
Hypervisor
Where should datacenters be located?
In the core of a building
What principle states an individual should react in a situation using the same level of care expected from any reasonable person?
Due care principle
What states an individual assigned a responsibility should exercise due care to complete it accurately and in a timely manner?
Due care
In what service model is the vendor responsible for hardware related and network related responsibilities?
IaaS
*configuring network firewalls
*maintaining hypervisor
*managing physical equipment
Are three _____ responsibilities in _____.
vendor / IaaS
What is customer responsible for in IaaS?
Patching OS on VM and managing ingress/egress via NSGs.
What data is included in incremental backup?
Only the data modified since the most recent incremental backup
What data is included in differential backup?
All data modified since last full backup
What data is included in the full backup?
All data on the server
What are transaction log backups designed to support?
Database servers, not effective on file server
A computer responsible for the storage and management of data files so that other computers on the same network can access the file.
What is a file server
What is a machine running database software dedicated to providing database services.
Database servers
What do SIEMs do?
Correlate info from multiple sources and perform analysis on data
What does SOAR stand for?
Security orchestration, automation, and response
What do SOAR platforms provide?
automated playbook responses
What do intrusion prevention platforms do?
Block traffic based on analysis performed by the IPS itself.
Do log repositories perform analysis?
No, they just collect log info
Do SIEM solutions create an audit trail?
Yes
What does an audit trail show you?
Sequential record of all the activity on a specific system
What analyzes and blocks suspicious network traffic?
IPS
What monitors endpoints for malware and responds to malware infections?
Endpoint detection and response platforms
The process of protecting devices like desktops, laptops, mobile phones, and tablets from malicious threats and cyberattack
Endpoint security
What are physical devices that connect to a network system such as mobile devices, desktop computers, virtual machines, embedded devices, and servers.
Endpoints
Who enforces an org’s security policies across cloud providers?
CASB - Cloud access security broker
What can handle large-scale DDoS attacks?
Content delivery network
What is a network of servers that distributes content from an origin server by caching content close to where each end user is accessing the internet via a web-enabled device.
CDN - content delivery network. It speeds up webpage loading for data-heavy applications.
What is designed to overwhelm a system until it can no longer process legitimate requests?
DoS attack
What principle does DDoS affect?
Availability
Is an IPS an example of risk mitigation?
Yes
What determines the critical path of assets, resources, and data w/in an org?
BIA - business impact plan - useful in shaping BC/DR plan
What should be redundant in a well-designed datacenter?
power, cooling, and network connectivity
What allows for the programmatic interaction w/ services and platforms?
APIs
What is a file that generally contains a short self-contained set of instructions, i.e., lines of code, that perform a specific task.
Python script
What do the following do:
Use HTTPS
Activate Authentication & Authorization
Validate User Input
Limit Access to Sensitive Data
Monitor and Log API Activity
Keep Software and Libraries Up-to-date
Perform Regular Security Audits
Secure the backend
What are the elements of hardware and software that ensure that a system can only be controlled by those w/ proper permissions
TCB - Trusted Computing Base
What coordinates access to physical hardware and enforces isolation b/w different virtual machines running on the same physical platform?
Hypervisor
What’s the most cost-effective way to provide network segmentation that’s used to create logical separation b/w systems in a datacenter?
Virtual local area networks (VLANs)
What’s used to connect remote users and sites over an insecure network?
VPN - virtual private network
What’s an option to route traffic b/w network sites?
BGPs - border gateway protocol
What tier is expected to achieve 99.741% availability?
Tier 2
What tier is expected to achieve 99.671% availability?
Tier 1
What tier is expected to achieve 99.982% availability?
Tier 3
What tier is expected to achieve 99.995% availability?
Tier 4
Does running unnecessary services on a server increase the attack vector?
Yes
How are compute nodes measured?
In terms of how many CPUs/how much RAM is available in the center
Do compute nodes include virtual and hardware machines?
Yes
T/F: Block storage provides disk volumes for use by servers.
True
What is a named logical area of the physical disk?
Volume
B/c entire machines could be stolen in highly-portable, easily copied formats, _____ must be protected?
VM file stores
What is a common attack vector that uses malicious SQL code for backend database manipulation to access PI?
SQL Injection
What is a programming language for storing and processing information in a relational database?
SQL
What attack executes code on a remote user’s system?
Cross-site scripting
What attack exploits trust relationships by tricking systems into authorizing unauthorized activity?
Cross-site request forgery and server-side request forgery
What is a measure of data that can be lost in an outage w/out damaging the organization?
RPO
What strategy most affects RPO?
Data replication
What’s a measure of how long an org can endure an outage w/out irreparable harm?
RPO
This is how long an org can suffer an outage before ceasing to be an org
MAD - maximum allowable downtime
What technology performs the following:
Encryption: hides the data being transferred from third parties
Authentication: ensures that the parties exchanging information are who they claim to be
Integrity: verifies that the data has not been forged or tampered with
TLS
What’s the primary protocol used to implement HTTPS for secure communication?
TLS
What is separating and storing data in separate logical partitions or storage areas, even if those partitions or storage are on the same physical device.
Logical separation
What is separating and storing data on different physical systems or networks.
Physical separation
What is a protocol used to implement VPNs?
IPsec
What is a group of protocols for securing connections between devices that helps keep data sent over public networks secure. It is often used to set up VPNs?
IPsec
What works by encrypting IP packets, along with authenticating the source where the packets come from to secure connections b/w devices?
IPsec
What is it called when you assign users only the permissions they need to perform their job responsibilities?
Least privilege
What is the unintentional accumulation of privileges over time?
Aggregation or privilege creep
What is it called when two people must work together to perform a sensitive action?
Two-person control
What is the reliance upon secrecy of security mechanisms to provide security for a system or process?
Security through obscurity
What hypervisor provides a greater degree of security b/c they run directly on top of hardware, decreasing the attack surface?
Type 1 (bare-metal)
What’s the major driver to lease space in a colocation facility?
A reduction in cost achieved by sharing cost among multiple clients.
At a minimum, the Uptime Institute requires it to offera UPS; a designated space for IT systems; dedicated cooling equipment that runs outside of office hours; and an engine generator.
Tier 1 datacenters
What is a voltage regulator that protects sensitive electronics, such as computers, lab equipment, home theaters from voltage fluctuations and power surges?
Line conditioners
Dual-power supplies are a requirement for what datacenter tier?
Tier 3
What handles traffic b/w SDN controllers and SDN applications?
NBI - northbound interface
What is used to access the SDN controller and allows a network administrator to access the SDN to configure it or to retrieve information from it?
NBI - northbound interface
In what do applications often need to communicate with network controllers to query or modify the current state of the network?
SDN - Software defined networking
What is an approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network?
SDN - Software defined networking
What is basically SSO across multiple organizations?
Federation
What is a method of linking a user’s identity across multiple separate identity management systems allowing users to quickly move between systems while maintaining security.
Federated identity
What are hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates.
Hardware security modules
What technology provides for the management of physical keys?
KMBs - Key management boxes
Components of Kerberos authentication process.
TGT - ticket granting tickets
What is a computer network security protocol that authenticates service requests between two or more trusted hosts across an untrusted network, like the internet. It uses secret-key cryptography and a trusted third-party for authenticating client-server applications and verifying users’ identities.
Kerberos
What provides a secure operating environment inside a computer system?
TCB - trusted computing base
Technological capabilities of virtualization create the ease of use that can cause ______.
Sprawl
Sprawl should be addressed from a _________ perspective.
Managerial
T/F: It’s helpful to have a moderator to guide participants thru tabletop exercises.
True
The ________ contains the suite of security controls applied uniformly thru an environment.
Baseline
Forensic analysis is an important part of ______.
Incident response
What is the term used to describe the ability of customers to access their systems remotely?
Ping
What is the term used to describe the network connectivity that supports servers’ connections to the internet?
Pipe
What is the software layer between the hardware and the guest operating systems that acts as a resource manager to enable the sharing of processing power and memory.
Hypervisor
What reroutes traffic based on current customer demand, creates logical subnets w/out having to change any physical connections, and filters access to resources based on specific rules or settings?
SDNs
What splits a large network into a grouping of smaller, interconnected networks to help minimize traffic and increases network speed?
Subnet
What delivers streaming media content efficiently by placing it closer to the end user?
CDN
What is a group of servers with mostly shared storage between them that can be used to facilitate high availability for your applications and services and can also be used to create the benefits of reliability, performance, and lower TCO?
Failover clusters
What is a group of independent computers that work together to increase the availability and scalability of clustered roles
Failover cluster
What’s another word for clustered servers?
Nodes
How can you ensure your data is not held hostage or lost if a provider becomes unusable?
Having a backup with a different provider.
What are two things that provide compute capability?
Virtual server instances and containers
____ is the most significant reason cloud datacenters use VMs
Cost
What shuts down the primary operating facility and shifts operations to the backup facility?
Full tests or full interruption tests
What test for backup and restore capabilities restores a system that hasn’t actually broken down to an alternate location?
Parallel test - activates the facility but doesn’t move production responsibility to it.
What kind of attack is when the attacker is able to leave the confines of its own VM and access resources belonging to another customer?
Escape attack
What type of vulnerability occurs when there is more data in a buffer than it can handle and causes data to overflow into adjacent storage, which can cause a system crash or, worse, create an entry point for a cyberattack.
Overflow vulnerability
What kind of vuln exists in the following example: A search form where visitors send their search query to the server, and attackers typically send victims custom links that direct unsuspecting users toward a vulnerable page.
Scripting vulnerability
What vulnerability causes escape attacks to occur?
A vuln in the hypervisor, b/c it’s supposed to be the separation that prevents customers from accessing each other’s resources.
Disk volumes are stored on _____ storage, except when snapshotting is used to create a backup, then they’re stored on less expensive ______ storage.
Block - Object
Hot and warm sites are not needed when your data is backed up __________.
In the cloud
T/F: A specified configuration built to defined standards and with a controlled process can be used to show that all VMs w/in an environment include certain controls.
True
What records provide the “telephone bill” level of communication detail but not the content?
Netflow records
What is a commonly used standard for monitoring network flow data that allows you to monitor IP network traffic information as data packets enter or exit an interface.
NetFlow
What standard provides the most accurate reconstruction of user activity but is costly to implement due to data storage requirements?
Packet capture
What is a networking term for intercepting a data packet that is crossing a specific point in a data network, and once captured in real-time, is stored for a period of time so that it can be analyzed, and then either be downloaded, archived or discarded.
Packet capture
What type of backup provides the best redundancy and resiliency?
Having your backup at another cloud provider
Every plan/policy should include mention of:
The governance documents, by reference, that drive the formation of the plan/policy
What is SAML?
Security Assertion Markup Language - based on XML
What is an open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP).
SAML
HTTP is used for port ___ web traffic
80
What is used to load web pages using hypertext links?
HTTP - hypertext transfer protocol
What is used to present web pages?
HTML
What is the universal alphanumeric character set?
ASCII
Moving information into another jurisdiction may affect your:
Regulatory compliance
What are the 4 major risk management strategies?
Risk acceptance
Risk transference
Risk avoidance
Risk reduction
What most affects RPO?
Data replication strategies, which determine how much recent data is available for recovery purposes
T/F: Data replication affects RPO more than RTO.
True
What is the process of granting users and other security principles access to resources in an environment?
Authorization
When using two different cloud providers, a customer runs the risk of:
Data/software formats being different and not readily adapted, causing delays during a failover
In what model does the customer have most configuration control?
IaaS
In what model does the customer have least configuration control?
SaaS
Public cloud makes a ______ _______ more likely.
Guest escape
What is used to create an encrypted communication tunnel over an untrusted medium?
VPN
What are used for central repositories for identification, authentication, and authorization purposes?
ACLs
What is an access control model used to assign permissions based on job functions w/in an org?
RBAC
What is the address at which an item (memory cell, storage element, network host) appears to reside from the perspective of an executing application program.
Logical address
What is the least disruptive type of disaster recovery test?
Checklist review
Accessing source code is necessary for ______
Static analysis
Which dev model is most frequently associated with cloud services?
Agile
What is the best solution to prevent 3Ps from intercepting and accessing data sent via API calls?
TLS
What provides protection against inadvertent data exposure when multiple tenants share the same underlying infrastructure?
Encryption at rest
T/F: Multiple paths are ideal for CI/CD pipeline.
False
Automation, use of metrics, and version control are all recommended best practices for ________.
CI/CD pipelines
IdPs integrate with _______ or ______.
OpenID Connect or SAML
In what phase of the SDLC is user input most necessary?
Define
Customer responsible for apps, data, runtime, middleware, and OS. CSP responsible for virtualization, servers, storage, and networking.
IaaS
Customer responsible for apps and data. CSP responsible for runtime, middleware, OS, virtualization, servers, storage, and networking.
PaaS
Shared responsibility for apps and data. CSP also responsible for runtime, middleware, OS, virtualization, servers, storage, and networking
SaaS
Standard measures such as locks, security personnel, lights, fences, visitor check in procedures.
CSP data center physical security measures
_____ controls Identity and access management (IAM), single
sign on (SSO) provider, multifactor authentication (MFA) and logging.
Logical access
Customer is responsible for configuring the VMs, virtual network, and guest OS security as if the systems were on premises. CSP responsible for physical host, physical storage, and physical network. CSP provides the tooling to secure the VM but customer must configure them.
IaaS
CSP is responsible for the physical components, the internal network, and the tools provided. Cheaper for customer, but less control. Customer is responsible for configuration of application and data access security. CSP is responsible internal network, and the tools provided.
PaaS
The customer remains responsible for configuring access to the cloud service for their users, as well as shared responsibility for data recovery. CSP owns physical infrastructure, as well as network and communication. CSP may provide the tools for data recovery, but customer may need to perform recovery in some cases.
SaaS
Maximum utilization of compute resource by a customer (e.g. VM) which are allowed to change dynamically based on current conditions and consumption
limits
A weighting given to a particular VM used to calculate percentage based access to pooled resources when there is contention. In cases of shortage, host scoring determines who gets capacity.
shares
A minimum resource that is guaranteed to a customer.
reservation
The infrastructure components that deliver compute resources, such
as the VMs, disk, processor, memory and network resources.
compute
The _____ remains responsible for the maintenance and security of the physical components of compute.
csp
The security of the hypervisor is always the responsibility of the _____.
csp
– Flawed hypervisor can facilitate inter VM attacks
– Network traffic between VMs is not necessarily visible
– Resource availability for VMs can be impacted
– VMs and their disk images are simply files, can be portable and movable
risks associated with virtualization
Install all updates to the hypervisor as they are released by the vendor.
Restrict administrative access to the management interfaces of the hypervisor.
Capabilities to monitor the security of activity occurring between guest operating systems (VMs).
hypervisor security recommedations
Install all updates to the guest OS promptly.
Back up the virtual drives used by the guest OS on a regular basis
Security recommendations for the guest OS
- preventing physical access to the servers.
- limiting both local and remote access to the hypervisor.
csp’s hypervisor security
T/F: The virtual network between the hypervisor and the VM is also a potential attack surface.
True - Responsibility for security in this layer is often shared between the CSP and the customer. These components include virtual network, virtual switches, virtual firewalls, virtual IP addresses, etc.
A malicious user breaks the isolation between VMs running on a hypervisor by gaining access outside their VM.
VM escape
Ensure patches on hypervisor and VMs are always up to date. Ensure guest privileges are low, server level redundancy and HIPS/HIDS protection.
Protection from VM escape
Whose responsibility:
- physical protection of data centers and the storage infrastructure they contain.
- security patches and maintenance of underlying data storage technologies and other data services they provide
csp
Whose responsibility:
- properly configuring and using the storage tools.
- logical security and privacy of data they store in the CSP’s environment.
customer
- Assessing the adequacy of these controls and properly configuring and using the controls available.
- Ensuring adequate protection for the data at rest and in motion based on the capabilities offered by the CSP.
- Configuring secure access, whether private or public.
customer storage responsibilities
Inability to securely wipe physical storage and possibility of another tenant being allocated the same previously allocated storage space
customer storage challenge
- only storing data in an encrypted format
– retaining control of the keys needed to decrypt the data
compensating controls for lack of physical storage
Provides the tools (web interface and APIs) necessary to configure, monitor, and control your cloud environment. Provides virtual management options equivalent to the physical administration options a legacy data center would provide.
management plane
You interact with the _____ through tools including the CSP’s cloud portal, PowerShell or other command line, or client SDKs
management plane
_____ is what you are calling when you create top level cloud resources with ARM & Bicep (Azure), CloudFormation (AWS) or Terraform (IaC)
Control plane
Performs operations on resources created through the control plane
data plane
The main web interface for the CSP platform.
cloud portal
- create tenant partitioning or isolation
- limit and secure remote access
- monitor the cloud infrastructure
- allow for the patching and updating of systems
things logical data center design should provide
Who’s responsible for implementing and enforcing controls that address the unique multitenant risks of the public cloud?
CSP and tenant
Single login for on premises and cloud
hybrid identity
– federate a customer’s existing IAM system with their CSP tenant
– identity as a service ( IDaaS
methods to facilitate IAM between cloud and on premises
the native remote access protocol for Windows operating systems.
RDP
the native remote access protocol for Linux operating systems, and common for remote management of network devices.
SSH
a bastion host at the boundary of lower and higher security zones .
jumpbox
software tools that allow remote connection to a VM for use as if it is your local machine
virtual clients
Requires significant investment
Offers the most control over datacenter design
Requires knowledge and skill to match quality of other option
build
Generally, lower cost of entry (especially in shared)
Less flexibility in service design (limited to what provider)
Shared datacenters come with additional security challenges
buy
A strong fence line of sufficient height and construction
Lighting of facility perimeter and entrances
Video monitoring and alerting
Electronic monitoring for tampering
Visitor access procedures with controlled entry points
Interior access controls (badges, key codes, secured doors)
Fire detection and prevention systems
Protection of sensitive assets, systems, wiring closets, etc.
physical security mechanisms
simply measures the amount of time a system is running
uptime
encompasses availability of the infrastructure, applications, and services
availability
- Involves no redundancy and the most amount of downtime in the event of unplanned maintenance or an interruption.
- Must have an uninterruptible power supply that can handle brief power outages, as well as sags and spikes
- Must also have dedicated cooling equipment that can run on 24/7, and a generator to handle extended power outages expected to provide 99.671% availability
Tier 1 - basic site infrastructure
- Provides partial redundancy, meaning an unplanned interruption will not necessarily cause an outage
- Adds redundant components for important cooling and power systems
- Facilities must also have the ability to store additional fuel to support the generator
expected to provide 99.741% availability
Tier 2 - redundant site infrastructure
- Adds even more redundant components
- Has a major advantage in that it never needs to be shut down for maintenance
- Enough redundant components that any component can be taken offline for
maintenance and data center continues to run - Expected to provide 99.982% availability
Tier 3 - concurrently maintainable site infrastructure
- Can withstand either planned or unplanned activity without affecting availability
- This is achieved by eliminating all single points of failure
- Requires fully redundant infrastructure, including dual commercial power feeds,
dual backup generators - Expected to provide 99.995% availability
Tier 4 - fault-tolerant site infrastructure
_____ is an audit standard to enhance the quality and usefulness of System and Organization Control (SOC) reports.
SSAE 18
Connectivity to data center locations from more than one internet service provider (ISP) is _____.
multi vendor pathway connectivity
Best practice for CSPs or data centers is _____ for high availability.
dual entry, dual provider
HA firewalls, active passive or active active
Multi vendor pathway connectivity
Web server farm (behind redundant load balancers)
Database cluster (Windows / Linux cluster feature)
resilient design
Two risk management frameworks
- ISO/IEC 31000:2018 Risk Management Guidelines
- NIST SP 800 37, Guide for Applying the Risk Management Framework to Federal Information Systems
Assigns a dollar value to evaluate effectiveness of countermeasures. Objective, ensure controls are cost effective.
quantitative risk assessment
What will the impact be if that goes wrong?
Single loss expectancy (SLE) $
How likely is it to happen?
Annualized Rate of Occurrence (ARO) - decimal
ARO =
An incident that happens twice a year has an ARO of
An incident that happens once every two years has an ARO of
An incident that happens once every five years has an ARO of
Incidents/Year
2.0
0.5
0.2
The possible yearly cost of all instances of a specific realized threat against a specific asset.
annualized loss expectancy (ale)
SLE x ARO
ALE
- Business units
- Vendor management
- Privacy
- Information security
risk areas
Authentication Risk
Data Security
Supply Chain Risk Management (SCRM)
Geographic dispersion of the CSP data centers
Downtime
Compliance
General technology risk
common cloud risks
Different threat actors, ranging from competitors and script kiddies to criminal syndicates and state actors. Capabilities depend on tools, experience, and funding. Other external environmental threats, such as fire and floods, and manmade threats, such as the accidental deletion of data or users.
external threats
A malicious insider, a threat actor who may be a dissatisfied employee (someone overlooked for a promotion). Another internal threat is human error, which is when data is accidentally deleted.
internal threats
- Data Breaches
- Misconfiguration and inadequate change control
- Lack of cloud security architecture and strategy
- Insufficient identity, credential access and key management
- Account hijacking
- Insider threat
- Insecure interfaces and APIs
- Weak control plane
- “Metastructure ” and “applistructure ” failures
- Limited cloud usage visibility
- Abuse and nefarious use of cloud services
The CSA Egregious 11
What’s the most common account hijacking approach?
phishing
What mitigates insider threat?
Job rotation, privileged access management, auditing , security training
MFA, RBAC, and key based API access are controls for _____.
insecure interfaces and APIs
The protocols and mechanisms that provide the interface between the cloud layers, enabling management and configuration.
metastructure
Applications deployed in the cloud and the underlying application services used to build them.
applistructure
Selecting a qualified CSP
Designing and architecting with security in mind
Consider security at every step, starting with design
Encryption, and data should be encrypted at rest and in transit. Storage and database encryption at rest, TLS and VPN in transit
Ongoing monitoring and management to maintain posture.
risk mitigation strategies
– ability to restrict physical access at multiple points
– ensuring a clean and stable power supply
– adequate utilities like water and sewer
– the availability of an adequate workforce
physical and environmental protection
Visibility, composition of the surrounding area, area accessibility, and the effects of natural disasters.
site selection criteria
Automation of configuration
Responsibilities for protecting cloud systems and services
Monitoring and maintenance
security practices for people and processes
Policy and Procedures
Separation of System and User Functionality
Security Function Isolation
Denial of Service Protection
Boundary Protection
Cryptographic Key Establishment and Management
system, storage, and communication protection
Preventing malicious traffic from entering the network
Preventing malicious traffic from leaving your network
Protecting against data loss (exfiltration)
Configuring rules/policies in routers, gateways, or firewalls
boundary protection
What is typically enforced with adequate logging and monitoring of system activity?
accountability
– SaaS apps used as users travel make identifying anomalous / malicious behavior more difficult
– Bad password practices (reuse across services)
– Use of personal devices in BYOD scenarios
Cloud challenges in enforcing accountability
_____ are the weakest form of authentication
passwords
Oath tokens create _____
one time passwords (OTP)
This is a software based authenticator that implements two step verification services using the Time based One time Password Algorithm and HMAC based One time Password algorithm, for authenticating users of software applications.
authentication applications
This is where the server is pushing down the authentication information to your mobile device. Uses the mobile device app to be able to receive the pushed message and display the authentication information.
push notifications
This is a collection of domains that have established trust. The level of trust may vary, but typically includes authentication and almost always includes authorization.
Often includes a number of organizations that have established trust for shared access to a set of resources.
Federation
Refers to the ability to discover relationships between two or more events across logs.
correlation
Packet capture tools are also called _____
protocol analyzers
An open source protocol analyzer, with CLI and GUI versions, available for Windows and Linux.
Wireshark - packet capture
_____focuses on the whole business, while _____ focuses more on the technical aspects
of recovery
BCP / DRP
The plan to move from the disaster recovery site back to your business environment or back to normal operations.
BRP (Business Resumption Plan)
A time determination for how long a piece of IT infrastructure will continue to work before it fails.
MTBF (Mean Time Between Failures)
A time determination for how long it will take to get a piece of hardware/software repaired and back on line.
MTTR (Mean Time to Repair)
The amount of time we can be without the asset that is unavailable BEFORE we must declare a disaster and initiate our disaster recovery plan.
MTD (Max tolerable downtime)
The overall organizational plan for “how to” continue business after an event has occurred. A proactive risk mitigation strategy that contains likely scenarios that could affect the organization and guidance on how the organization should respond
Disaster Recovery Plan
The plan for recovering from an IT disaster and having the IT infrastructure back in operation.
DRP (Disaster Recovery Plan) - tech focused
This is used to determine which processes are critical and which are not.
BIA
A BIA typically contains a _____
cost benefit analysis (CBA) and a calculation of the return on investment (ROI)
The ____ is responsible for determining how to recover in the case of a disaster in the cloud.
customer
CSPs can further protect customers in disaster by not allowing _____ within a single physical datacenter within a cloud region.
two availability zones
The plan that details how relevant stakeholders will be informed in event of an incident. Would include plan to maintain confidentiality, such as encryption to ensure that the event does not become public knowledge. Contact list should be maintained that includes stakeholders from the government, police, customers, suppliers, and internal staff.
communication plan
This is the age of data that must be recovered from backup storage for normal operations to resume if a system or network goes down
rpo
This is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated
with a break in continuity.
rto
This measures the compute resources needed to keep production environments running during a disaster. It is a percentage measure (0-100%) of how much computing power you will need during a disaster based upon a percentage of computing used by production environments versus others, such as development, test, and QA
recovery service level - rsl
design - based on bia priorities
implement the plan
test the plan
report and revise
BCDR plan process
A BCP and DRP should be tested at least _____
annually
Members of the disaster recovery team gather in a large conference room and role play a disaster scenario. Usually, the exact scenario is known only to the test moderator, who presents the details to the team at the meeting. The team members refer to the document and discuss the appropriate responses to that particular type of disaster.
tabletop testing
In this test, some of the response measures are tested (on non critical functions).
dry run
Involves actually shutting down operations at the primary site and shifting them to the recovery site. When the entire organization takes part in an unscheduled, unannounced practice scenario, of full BC/DR activities.
full test
✓ multiple availability zones
✓ automatic failover to backup region(s)
✓ direct connection to a CSP.
high availability features for disaster recovery
