Security I

Question 1

Why do hackers target clouds?

Answer 1

Clouds are a treasure trove of information

Question 2

What are DDOSs?

Answer 2

Attacks which come from multiple resources that consume all resources

Question 3

How to defend a cloud?

Answer 3

Don’t rely on security measures as a be-all end-all solution
Implement encryption
Don’t store passwords using reversible encryption
Don’t store sensitive information in the cloud
Check for vulnerabilities

Question 4

Security measures are cheaper when implemented on a mass scale (T/F)

Answer 4

True

Question 5

Cloud providers often hire security experts and subject matter experts (T/F)

Answer 5

True

Question 6

Deployment of security updates tends to be much quicker (T/F)

Answer 6

True

Question 7

There are both internal and external threats (T/F)

Answer 7

True

Question 8

Cloud providers ultimately focus on individuals (T/F)

Answer 8

False. They focus on securing for the greater good.

Question 9

What are some important security safeguards?

Answer 9

Auditing
Vulnerability testing
Independent pen-testing
Defined policies
Allow users to set own policies (user-level data security)
VPNs

Question 10

PCI DSS

Answer 10

Payment Card Industry Data Security Standard
Certification that ensures that the provider can handle payments
Provider has to undergo audits and protect data

Question 11

SOC 2 Type 2

Answer 11

Service Organization Controls
Ensures data security at the highest level
Involves long-term testing

Question 12

SOC 1 is for less comprehensive systems (T/F)

Answer 12

True

Question 13

SOC2 is for more comprehensive systems (T/F)

Answer 13

True