Lesson 6: Cloud Security

Question 1

A practice of delivering hosted services, which can be software as a service, platform as a service, or infrastructure as a service, over the Internet.

Answer 1

cloud computing

Question 2

A cloud service model where the cloud service provider (CSP) provides software applications.

Answer 2

software as a service (SaaS)

Question 3

A cloud service model where vendors provide hardware capacities, such as compute, storage, or networking, to a client.

Answer 3

infrastructure as a service (IaaS)

Question 4

A cloud service model that includes operating systems and software development tools, such as runtime environments.

Answer 4

platform as a service (PaaS)

Question 5

A cloud deployment model where a client owns and operates all cloud equipment and services.

Answer 5

private cloud

Question 6

The most familiar cloud model where public companies own cloud resources and sell them to clients.

Answer 6

public cloud

Question 7

A cloud deployment model where multiple organizations with similar interests band together for cloud services.

Answer 7

community cloud

Question 8

A cloud deployment model where one part of the cloud is public and the other part is private.

Answer 8

hybrid cloud

Question 9

A piece of software that enables virtualization on a computer.

Answer 9

hypervisor

Question 10

The infrastructure that is represented in an imperative manner rather than a declarative manner.

Answer 10

infrastructure as code (IaC)

Question 11

The ability to develop and/or adopt new technologies at a much faster rate than organizations attempting to build their own infrastructures is known as

Answer 11

Disruptive Innovation

Question 12

The process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention.

Answer 12

Infrastructure as code (IaC)

Question 13

• Increasing the reusability of code
• Increasing the speed of infrastructure creation
• Reducing the likelihood of configuration errors by leveraging common templates

Answer 13

The major advantages to using an IaC

Question 14

______ is an AWS-specific exploitation framework. It is particularly well suited to identifying the permissions available to an account during a penetration test.

Answer 14

Pacu

Question 15

Which cloud assessment tool performs security scans of Microsoft Azure cloud environments.

Answer 15

ScoutSuite

Question 16

In the shared responsibility model, a customer always retains either full or partial responsibility for

Answer 16

data security.

Question 17

In all cloud service models how is responsibility for data center security split with the customer and cloud provider

Answer 17

Cloud service providers bear sole responsibility for datacenter security

Question 18

Which cloud computing deployment model requires the use of a unifying technology platform to tie components together from different providers?

Answer 18

Hybrid

Question 19

What does Inline cloud access security broker (CASB) solutions intercept requests from users to cloud providers and, by doing so, these can both

Answer 19

monitor activity and enforce policy requirements.