Module 5 Flashcards

1
Q

Identity

A

The identity concept consists of user identities, service and app identities, API keys, and resources. Users are identified by their IBMid, SoftLayer, or AppID user ID. Service IDs are a second type of identity that is used in an account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Management

A

The concept of access management consists of a few interrelated components, including users, service IDs, access groups, resources, policies, roles, actions, and the IBM Cloud IAM control system, which allows users to take actions on resources within an account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How IBM Cloud IAM works

A

There are two common types of IAM systems in cloud providers and understanding each of these models can help users gain a better understanding of how IAM works in IBM Cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Security in the Virtual Private Clouds (VPCs)

A

Security groups and ACLs provide ways to control the traffic across the subnets and instances in acompany’sIBM Cloud Virtual Private Cloud, using rules that they specify.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

two types of network access controls comprise the layers of VPC security:

A

Access control lists (ACLs) and security group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Network Security

A

Computer network security protects the integrity of information contained by a network and controls who access that information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Secure Sockets Layer (SSL)

A

Secure Sockets Layer (SSL) is a technology that encrypts traffic between the client application and the server application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

btaining an SSL/TLS Certificate

A

SSL/TLS certificates are issued to a specific domain or sub-domains by certificate authorities, also known as CAs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IBM Certificate Manager

A

Is aservice helps users manage and deploy SSL/TLS certificates for their apps and services. Certificate Manager provides users with a security-rich repository for their certificates and their associated private keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how user data is stored and encrypted in Block Storage

A

IBM Cloud Block Storage that is provisioned with either Endurance or Performance option is secured with provider-managed encryption, at no extra cost and no impact to performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Provisioning Storage with Encryption

A

The provider-managed encryption-at-rest feature is available for Block Storage that is provisioned in most data centers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

IBM Object Storage Security

A

Uses an innovative approach for cost-effectively storing large volumes of unstructured data that ensures security, availability, and reliability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IBM Secrets Manager

A

Secrets managementservices enable the secure management of digitalcredentials that ultimately allow entitiesto securely interact with services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How user data is stored and encrypted in Secrets Manage

A

Their secrets are encrypted at rest by usingenvelope encryption. At no time are their credentials available in clear text while they are stored by the service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Continuous Delivery

A

Allowsdevelopment teams to automate the process that moves software through the software development lifecycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Managing security and compliance with Continuous Delivery

A

Continuous Delivery is integrated with the Security and Compliance Center to help users manage security and compliance for their organization.

17
Q

ontinuous Delivery − Delivery Pipeline

A

A delivery pipelineautomates the continuous deployment of a project. In a project’s pipeline, sequences of stages retrieve input and run jobs, such as builds, tests, and deployments.

18
Q

Code Engine and Security

A

The IBM code engine architecture is built with a security-first mindset. Code Engine components aremanaged and owned by IBM.

19
Q

When it comes to protecting user data from internal security threats, which of the following is considered the most popular and effective control?

A

Encryption

20
Q

Which of the following is considered a list of rules that limit who can access a particular subnet within theVPC.

A

Access Control

21
Q

Security groups and ACLs provide ways to control the traffic across the __________and instances in a company’sIBM Cloud Virtual Private Cloud, using rules that they specify. (Fill in the blank.)

A

Subnets

22
Q

Which ID is considered asecond type of identity that is used in an account?

A

Service

23
Q

Which IBM service enables users to run containerized applications in a secure enclave on an IBM Cloud Kubernetes host, providing data-in-use protection.

A

Data Shield

24
Q

In an IBM Cloud platform management role who would be permitted to modify the state of the resource such as create, delete, and edit, as well as create and delete sub-resources in a VPC?

A

Editor

25
Q

Users need to install and register which type of worker so that IBM Cloud continuous delivery development teams can use them in their toolchain configuration?

A

Private

26
Q

When using IBM Cloud Object Storage, what types of data are encrypted?

A

Data at Rest

27
Q

Which IBM Cloud storage services are provisioned with either an endurance or performance option, is secured with provider-managed encryption, and where the customer incurs no extra cost and no impact to performance?

A

B.Block

C.Database

28
Q

Which of the following IBM service is used to manage SSL/TSL certificates?

A

Certificate manager