Secure Design Architecture - The Cloud Flashcards
What common strategy have many organizations adopted regarding cloud services?
A cloud-first strategy.
How does NIST generally define cloud computing?
A model for ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources provisioned with minimal effort.
Name the three primary cloud service models mentioned.
Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
What term describes the trend of offering many types of services via the cloud?
Everything as a Service (XaaS).
What is a public cloud deployment model?
Resources are shared among multiple organizations/public users.
What is a private cloud deployment model?
Resources are dedicated to a single organization’s use (essentially a private datacenter).
What is a community cloud deployment model?
Resources are shared by several organizations with common concerns (e.g., universities).
What is a hybrid cloud deployment model?
A combination of two or more different cloud deployment models (e.g., private and public).
What advantage does SaaS offer regarding software updates and patches?
The provider manages updates centrally, ensuring all users have the same version without individual machine updates.
How can cloud adoption impact environmental footprint?
It can reduce the footprint by consolidating multiple organizations into fewer, more efficient datacenters.
What benefit does cloud offer regarding administration?
Centralized administration.
What advantage might cloud providers have regarding staffing?
They often employ skilled staff with broad experience supporting many clients, expertise individual organizations may lack.
How might cloud providers achieve cost advantages in hardware?
Through bulk purchasing power.
What is a risk if a cloud provider ceases operations?
Loss of service and potential loss of data access.
What risk is associated with relying on network access to the cloud?
Loss of connectivity means loss of access to services and data.
What potential issue arises from where a cloud provider stores data?
Data might be stored in a jurisdiction that violates cross-border data privacy laws applicable to the customer.
What type of control do organizations often lose when moving data to the cloud?
Direct control over the data’s location, security, and lifecycle management.
What concern exists regarding data deletion by cloud providers?
Uncertainty about whether data is properly and securely erased when requested or after contract termination.
Who typically controls encryption keys in a SaaS environment, and what is the implication?
The cloud service provider often controls the keys, meaning they technically have access to the customer’s data.
What issue can make migrating away from a cloud provider challenging?
Vendor lock-in, where moving data and rebuilding infrastructure is difficult, potentially due to proprietary data formats.
What critical step must be taken when adopting any cloud solution?
Evaluate it critically for security concerns and ensure requirements are addressed.
Where should security requirements for cloud services be formally documented?
In contracts and Service Level Agreements (SLAs) with the provider.
