Security Architecture Flashcards
3.1 - Compare and contrast security implications of different architecture models 4.1 - Given a scenario, apply common security techniques to computing resources
A company is considering moving its email servers to a cloud-based provider.
Which of the following is a primary security implication of this transition?
(Choose Two)
A) Increased risk of data loss due to potential service outages.
B) Reduced control over data security measures.
C) Improved patch management and reduced vulnerability exposure.
D) Increased reliance on the cloud provider for security updates.
E) Elimination of the need for on-site security personnel.
A company is considering moving its email servers to a cloud-based provider.
Which of the following is a primary security implication of this transition?
(Choose Two)
A) Increased risk of data loss due to potential service outages.
B) Reduced control over data security measures.
C) Improved patch management and reduced vulnerability exposure.
D) Increased reliance on the cloud provider for security updates.
E) Elimination of the need for on-site security personnel.
A healthcare organization is evaluating a hybrid cloud approach.
What is the primary security concern associated with storing sensitive patient data in the public cloud component of this hybrid environment?
A) Lack of scalability.
B) High latency.
C) Data breaches and unauthorized access.
D) Difficulty in integrating with on-premise systems.
Explanation:
C) Data breaches and unauthorized access: Storing sensitive data in the public cloud increases the potential attack surface and the risk of data breaches due to the shared nature of the environment.
A) Lack of scalability: Hybrid clouds can offer high scalability.
B) High latency: While a potential concern, it’s not the primary security concern.
D) Difficulty in integrating with on-premise systems: Hybrid architectures are designed to facilitate integration between on-premise and cloud environments.
An e-commerce company is experiencing rapid growth and is considering moving its entire IT infrastructure to the cloud.
Which of the following is a potential security disadvantage of this transition?
A) Increased reliance on the cloud provider for security updates.
B) Reduced operational costs.
C) Improved disaster recovery capabilities.
D) Complete control over data location and access.
Explanation:
D) Complete control over data location and access: In the cloud, the company relinquishes some control over data location and access, which can be a security disadvantage depending on the specific needs and regulatory requirements.
A) Increased reliance on the cloud provider for security updates: This is generally true but not necessarily a disadvantage, as cloud providers often have strong security teams.
B) Reduced operational costs: Cloud computing often leads to reduced operational costs.
C) Improved disaster recovery capabilities: Cloud providers often offer robust disaster recovery capabilities.
A company is concerned about the security of its sensitive customer data stored in a public cloud environment.
Which of the following security techniques would be most effective in mitigating this risk?
A) Implementing strong access controls, such as multi-factor authentication.
B) Deploying a firewall on the on-premise network.
C) Purchasing the most expensive cloud computing services.
D) Disabling all non-essential services on the cloud platform.
Explanation:
A) Implementing strong access controls, such as multi-factor authentication: Strong access controls are crucial for protecting data in any environment, including the cloud.
B) Deploying a firewall on the on-premise network: While important for on-premise security, it has limited direct impact on data security within the public cloud.
C) Purchasing the most expensive cloud computing services: Expensive services do not guarantee absolute security.
D) Disabling all non-essential services on the cloud platform: This can be overly restrictive and may hinder business operations.
A company is experiencing frequent denial-of-service (DoS) attacks on its web servers hosted in a public cloud environment.
Which of the following security techniques would be most effective in mitigating these attacks?
A) Implementing intrusion detection and prevention systems (IDPS).
B) Disabling all incoming traffic to the web servers.
C) Moving the web servers to a private cloud.
D) Deleting all customer data from the cloud.
Explanation:
A) Implementing intrusion detection and prevention systems (IDPS): IDPS can detect and block malicious traffic, mitigating DoS attacks.
B) Disabling all incoming traffic to the web servers: This is not a viable solution as it would prevent legitimate traffic.
C) Moving the web servers to a private cloud: While this might offer some protection, it may not be the most cost-effective or practical solution.
D) Deleting all customer data from the cloud: This is not a solution to the DoS attack problem.
