Security Architecture

Question 1

Responsibility Matrix

Answer 1

The division of responsibilities between the cloud service provider and the customer

Question 2

Third Party Vendors

Answer 2

Provides specialized services that enhance the cloud solution

Question 3

On-Premise Solutions

Answer 3

A computing infrastructure that is physically located on-site

Question 4

Cloud Resilience

Answer 4

The cloud provider’s ability to recover from failure

Question 5

Virtualization

Answer 5

Technology that allows for emulation of servers

Question 6

Containerization

Answer 6

Lightweight alternative to full machine virtualization

Question 7

Hypervisor Type 1

Answer 7

Bare metal runs directly on the host’s hardware and functions like an OS; Microsoft’s Hyper-V

Question 8

Hypervisor Type 2

Answer 8

Operates within a standard OS

Question 9

Live Migration of Virtual Machines

Answer 9

When a VM needs to move from one host to another

Question 10

Serverless Computing

Answer 10

Where the responsibility of managing servers, databases, applications, and logic is shifted away from the developers

Question 11

Microservices

Answer 11

Where large applications are broken down into smaller, independent services

Question 12

Physical Separation/Air Gapping

Answer 12

Isolation of a network by removing direct or indirect connections from other networks

Question 13

Logical Separation

Answer 13

Creating boundaries within a network; Firewall

Question 14

Software-Defined Networks

Answer 14

Enable efficient network configuration to improve performance and monitoring

Question 15

Software Defined Network Plane Types

Answer 15

Data Plane, Control Plane, and Application Plane

Question 16

Data Plane

Answer 16

The forwarding plane that is responsible for handling packets and making decisions based on protocols

Question 17

Control Plane

Answer 17

The brain of the network that designs where the traffic is sent; Centralized Plane

Question 18

Application Plane

Answer 18

App goes here

Question 19

Infrastructure as Code (IAC)

Answer 19

Method in which IT infrastructure is defined and code files; YAML is an example

Question 20

Snowflake system

Answer 20

A conflict that lacks consistency that might introduce risk

Question 21

Idempotence

Answer 21

The ability of an operation to produce the same result as many times executed

Question 22

Centralized Architecture

Answer 22

All the computing functions are coordinated and managed from a single authority

Question 23

Decentralized Architecture

Answer 23

Computer functions are distributed across multiple systems or locations

Question 24

Centralized Architecture Risks

Answer 24

Single-point failure, scalability, and security

Question 25

Decentralized Architecture Risks

Answer 25

Security, management, and data Inconsistency

Question 26

Internet of Things (IoT)

Answer 26

The network of physical items with embedded systems that enable connection and data exchange

Question 27

Internet of Thing Types

Answer 27

Hub, smart devices, wearable, and sensors

Question 28

Hub

Answer 28

The central point of connecting all IoT devices and sensor commands

Question 29

Industrial Control Systems (ICS)

Answer 29

Controlled systems used to monitor and control industrial processes

Question 30

Distributed control systems

Answer 30

Used to control production systems within a single location

Question 31

Programmable Logic Controllers

Answer 31

Control specific processes such as an assembly line

Question 32

Supervisory Control and Data Acquisition

Answer 32

A type of ICS used to monitor and control geographically dispersed industrial processes

Question 33

Embedded Systems

Answer 33

Computing component is dedicated to performing a specific function

Question 34

Real-Time Operating Systems (RTOS)

Answer 34

Ensures data processing real-time and is crucial for time sensitive applications

Question 35

Strategies for Securing Embedded Systems

Answer 35

Wrappers, network segmentation, firmware code control, and challenges of patching

Question 36

Wrappers

Answer 36

Show only entry and exit points of the data when traveling between networks

Question 37

Challenges of Patching

Answer 37

Refers to the issues that arise when trying to patch systems that are physically hard to reach and are not built to be updated