Infosec Key Terms Domain 1 Flashcards
- Capital Expenditure
- Operational Expenditure
- Elasticity
- Mobility
- Scalability
- Capital Expenditure - this is lowered when moving to cloud; i.e. Hardware, buildings, equipment
- Operational Expenditure - this is also lowered when moving to cloud; i.e. utility costs, maintenance
- Elasticity - ability to grow or shrink IT assets (i.e. # of users) without excess
- Mobility - being able to access cloud from anywhere
- Scalability - ability to increase of decreases services
NIST 5 Basic Characteristics of Cloud Computing (BRO-ME) +1 from ISO
- Broad network access - ability to access cloud via any platform (i.e. mobile, web browser) regardless of user’s location
- on-demand services - cloud is always on and accessible; able to +- storage with little to no intervention with CSP
- resources pooling - cloud provider able to scale resources to each customer as needed
- measured service - only pay for what you use
- rapid elasticity - cloud increase or decrease resources on its own
- Mult-tenancy - several customers on one device but are seperated by design
Concerns moving to cloud (5)
- Security
- Privacy
- Compliance
- Interoperability
- Lock-ins
IPS Elements
- IaaS - Block storage, compute, network
- PaaS - Database, Object Storage, Identity, Software Testing, Runtime, Queue
- Application - Monitoring, Content, Collaboration, Communication, Finance
- Cloud Customer vs Cloud User
- Cloud Service Broker
- Cloud Service Provider
- Managed Service Provider
- Cloud Service Broker - liasion between customer and provider; looks to extend or enhance value to customers who are looking to move to cloud
- CSP - the vendor offering the services; the provider DICTATES the technology and operational procedures
- Managed Service Provider - CONSUMER dictates the techonlogy and operating procedure (usually has a NOC)
IaaS
- Most basic cloud service offering; customer has ability to install all software including OS
- Customer has most control
Benefits
1. Pay for what you use
2. scalability
3. reduced cost of ownership
4. Reduced Energy and cooling costs with GREEN IT
PaaS
SaaS
Building blocks of cloud computing
- Containers
- Mutable infrastructure
- Immutable
Public Cloud and benefits
Private Cloud and benefits
Community Cloud and benefits
Hybrid Cloud and benefits
Hypervisor Type 1 and Type 2 Overview
Hypervisor Type 2 Risks
Define Virtualization and the primary drivers
Security Controls in Virtual Environment
1. Trusted Zones
2. Snapshot
3. Customer retain responsiblity to implement:
Management Plane
Scalability vs Elasticity
Scalability vertical and scale up - moving application to a bigger VM to handle load
Scale horizontal and scale out - placing application on multiple VMs and distribute the load
IAM
1. Identification
2. Authentication
3. Authorization
Provisioning
* Type 1 authentication
* Type 2
* Type 3
Authorization
IAM Lifecycle
- Most widely used directory service is
- Briefly go over OSI Model
- TCP / IP model
Deprovisioning
- Privileged Accounts
- CASB
Federated Identity Management
SSO vs RSO
Functional vs Nonfunctional Requirement
BIA has 3 primary goals
Risk Assessment
Define Threat
Define Vulnerability
How is Risk Determined
Quantitative vs Qualitative
Tangible Assets vs Intangible Assets
Asset Valuation
* absolute value
* relative value
* fair market value
Determining Criticality
SPOFs
Risk Appetite
Cloud Computing Service Models
Cloud Service Model Boundaries
IaaS boundaries
PaaS Boundaries
SaaS Boundaries
Protecting Sensitive Data
What are the types of blockchain
