Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cloud security > SC-900 > Flashcards

SC-900 Flashcards

1
Q

Zero trust

A

Assume everything behind the firewall is unsafe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Zero trust principles

A
  • Verify explicitly
  • Use least priviliged access
  • Assume breach
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can you validate identity and authorization

A
  • User ID and password
  • Multifactor authentication (code from another app)
  • Limit access to certain geographic locations
  • Check device they are using
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

JIT

A

Just In Time
- Temporary permissions that will expire after a certain amount of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

JEA

A

Just Enough Access
- Different people have different levels of access e.g some read only or only access to certain files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security inside network

A

Encryption - application to application communciation should be in an encrypted channel

Segmentation - break network into segments and authentication is properly set on different segments

Threat detection - active and intelligent threat detection for example machine learning and ai technologies to detect suspiscious behaviours

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

On Premises (On-Prem) responsibilty

A
  • If you have your own servers you have all the responsibility of securing it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

IasS

A

Infrastructure as a Service
- where you can rent servers for a period of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

IasS responsibilty

A
  • when using a third party provider to host servers then third party provider is responsible for the physical location
  • however you are still responsible for the OS e.g security updates, migrating to new OS. Also responsible for the network, applications, identity and directory infrastructure, accounts, devices and information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PasS

A

Platform as a service
- Microsoft has the servers and you upload the code, settings and date then Microsoft runs it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PasS responsibility

A

-Microsoft responsible for physical location and the OS
- You are responsible for adding additional firewalls, your own application, data, devices and accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SaaS

A

Software as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SaaS responsibility

A
  • Microsoft responsible for physical location, OS, Network controls and the application
  • You cannot change any underlyin code but can grant user access and specific roles
  • You are responsible for the data, devices and accounts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

common threats to security

A

Data breaches
Dictionary attack
Ransomware
Denial of service attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Entry point for data breaches
Phishing attack

A

millions of emails are sent and a few people click on the link and enter details on a fake webpage therefore getting their details stolen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Entry point for data breaches
Spear phishing

A

Target specific individuals for a specific purpose using phishing method

17
Q

Entry point for data breaches
Tech support scam

A

Someone will call, email or message you to try trick you into installing malware

18
Q

Entry point for data breaches
SQL Injection

A

programs that try to use your website or application to extract data in a way that is not authorized
- done by putting codes into text fields and hope the website is misconfigured so code will run

19
Q

Entry point for data breaches
malware, trojans, viruses

A

Any system that tries to make you download malware, trojans or viruses

20
Q

Dictionary attack

A

attempting to brute force entry into an account by guessing popular passwords

21
Q

Ransomware

A

Locking a company from its computers and data resources and demanding a payment in exchange for the key

22
Q

DoS Denial of service attack

A

a type of cyber attack in which a malicious actor aims to render a computer or other device unavailable to its intended users by interrupting the device’s normal functioning.

22
Q

Asymetric encryption

A

Anyone can use the public key to encrypt the message to you then you use your private key to decrypt the message

23
Q

Symetric encryption

A

you use the same key for encryption and decryption
so both people must have the same key

24
Q

AES

A

Advanced Encryption Standard
- most commonly used
- Symetric

24
Q

Hashing

A

A one way function that signifies the original message has not been altered

24
Q

DES

A

Data Encryption Standard
- considered to weak for use nowadays
- Symetric

25
Q

RSA

A
  • encryption used by HTTPS and SSL
  • asymetric
26
Q

Identity Provider

A

Username and password is sent to third party identity provider and if this is correct it will then a security token to the client which can be passed to the server and gives access to the client

27
Q

ECC

A
  • encryption used by bitcoin
  • asymetric
28
Q

Authorization

A

Princ

28
Q

SSO

A

Single Sign On

29
Q
A

Cloud security (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions