Security Architecture 1 Flashcards
What is a Hybrid Cloud?
- Mixture of Public, private and community cloud
Advantages / Disadvantages of hybrid Cloud
Pro
Pros and Cons of Hybrid Cloud
Pro
* Dezentralised
Contra
* Complexity
* Configuration mismatches
* Different Security Monitoring
* Data Leakage
Things to consider with third party cloud vendors
- Ongoing vendor risk assessment
- Include third party impact in incident response
- Constantly monitor changes and unusual activities
What is IaC
Infrastructure as Code
*Process of automating the provisioning, management and deprovisioning of infrastructure services through scripted code rather then human intervention
*Define server, network and applications as code
*Can be used for other application instances
What is a serverless arcitecture?
- System arcitecture that does not expose the user / developer to the server.
- Instead it is highly event driven and changes can be implemented almost in real time within the system
Faas
* Function as a service
* Platforms that allows customers to upload own code functions to provider and provider will upload those functions as scheduled basis in response to events and/or demand
* Not dependend on OS
* OS security concerns are on thrid party
What is an API?
- Application Programm Interface
- “Glue” for Microservices
What are Microservices?
- They Work together as seperate instances in the cloud and handling different functions
Advantages
* Very Scalable
* Resilient: If you loose one microservice, rest still works
* Security and Compliance: Adjust security to microservice that is running