Lesson 6: Cloud Security Flashcards
A practice of delivering hosted services, which can be software as a service, platform as a service, or infrastructure as a service, over the Internet.
cloud computing
A cloud service model where the cloud service provider (CSP) provides software applications.
software as a service (SaaS)
A cloud service model where vendors provide hardware capacities, such as compute, storage, or networking, to a client.
infrastructure as a service (IaaS)
A cloud service model that includes operating systems and software development tools, such as runtime environments.
platform as a service (PaaS)
A cloud deployment model where a client owns and operates all cloud equipment and services.
private cloud
The most familiar cloud model where public companies own cloud resources and sell them to clients.
public cloud
A cloud deployment model where multiple organizations with similar interests band together for cloud services.
community cloud
A cloud deployment model where one part of the cloud is public and the other part is private.
hybrid cloud
A piece of software that enables virtualization on a computer.
hypervisor
The infrastructure that is represented in an imperative manner rather than a declarative manner.
infrastructure as code (IaC)
The ability to develop and/or adopt new technologies at a much faster rate than organizations attempting to build their own infrastructures is known as
Disruptive Innovation
The process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention.
Infrastructure as code (IaC)
- Increasing the reusability of code
- Increasing the speed of infrastructure creation
- Reducing the likelihood of configuration errors by leveraging common templates
The major advantages to using an IaC
______ is an AWS-specific exploitation framework. It is particularly well suited to identifying the permissions available to an account during a penetration test.
Pacu
Which cloud assessment tool performs security scans of Microsoft Azure cloud environments.
ScoutSuite
In the shared responsibility model, a customer always retains either full or partial responsibility for
data security.
In all cloud service models how is responsibility for data center security split with the customer and cloud provider
Cloud service providers bear sole responsibility for datacenter security
Which cloud computing deployment model requires the use of a unifying technology platform to tie components together from different providers?
Hybrid
What does Inline cloud access security broker (CASB) solutions intercept requests from users to cloud providers and, by doing so, these can both
monitor activity and enforce policy requirements.
