MOD 19 - Cloud Computing Flashcards
Cloud computing service models
Search your Bookshelf book for “types of cloud computing services”, then know what the 7 listed service models are
IaaS, PaaS, SaaS, IDaaS, SECaaS, CaaS, FaaS
Cloud deployment models
Public, Private, Community, Hybrid, Multi-cloud (multiple providers)
NIST Cloud Deployment Ref. Arch.
Cloud Consumer, Provider, Carrier, Auditor, Broker
- Zero Trust networks
Network architecture where every incoming connection and transaction must be verified first. Never trust a connection based on location or IP address.
- Vendor Lock-in
Vendor lock in is when the cost of breaking your contract or switching to another provider is cost-prohibitive and you’re stuck with the original vendor.
Containers & Architecture
Review the 5 tiers of Container Technology Architecture
Docker
Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files. The Docker daemon (dockerd), listens for Docker API requests and manages Docker objects like images, containers, networks, and volumes
*Kubernetes
Kubernetes is Google’s orchestration platform for managing containers and microservices.
The Kube-scheduler is the component scans new pods (groups of containers) and assigns computers/nodes to them to run the pods/containers.
Cloud Hopper attack
Triggered at the MSP (Managed Service Provider) and their customers. Attacker uses spear-phishing e-mails with custom-made malware to compromise the accounts of staff or cloud service firms to obtain confidential info.
*Cloudborne attack
Targets a bare-metal cloud server to implant a malicious backdoor in its firmware.
Tier Technology of Containers
Know Tier 1, 2, 3
Tier 2
Sign, Approve, send to registry
DockerD
Processes the API requests handles various docker objects, such as containers, volumes, images, and networks.
OWASP Top 10 Cloud Security Risks
Learn this.
