Week 6: Security Concerns and Legal Aspects Flashcards

1
Q

Drawbacks of cloud security

A

Significant investments are required

Regardless of the delivery and deployment model, some degree of control is transferred to the cloud provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Overview of Security Concerns - Network Availability

A

The value of cloud computing can only be realized when network connectivity and bandwidth meet certain minimum needs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Overview of Security Concerns - Cloud Provider Viability

A

–Since cloud providers are relatively new to the business, there are questions about their viability and commitment
–This concern deepens when a provider requires tenants to use proprietary interfaces, thus leading to tenant lock-in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Overview of Security Concerns - Disaster Recovery and Business Continuity

A

Tenants and users require confidence that their operations will continue if the cloud provider’s production environment is subject to a disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Overview of Security Concerns - Security Incidents

A

Tenants and users need to be informed by the provider when an incident occurs and may require provider support to respond to audit findings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Overview of Security Concerns - Transparency

A

If providers do not expose details of their internal policy or technology implementation, tenants or users must trust the provider’s security claims

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Overview of Security Concerns - New Risks, New Vulnerabilities

A

There is concern that cloud computing brings new risks and vulnerabilities
•The actual exploits will largely be a function of a provider’s implementation
•Although all software, hardware, and networking equipment are subject to vulnerabilities, by applying layered security and well-conceived operational processes, a cloud may be protected from common types of attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Overview of Security Concerns - Loss of Physical Control

A

Loss of physical control over data and applications results in a range of concerns
•With public or community clouds, data may not remain in the same system, raising multiple legal concerns
•Data may be comingled in various ways with data belonging to others
•A tenant administrator has limited control scope and accountability
•Tenants need confidence that the provider will offer appropriate controls, while recognizing that they need to lower their expectations for how much control is reasonable within these models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Overview of Security Concerns - Legal and Regulatory Compliance

A

–It may be difficult or unrealistic to utilize public clouds if the data is subject to legal restrictions or regulatory compliance
–Achieving certifications to address the needs of regulated markets may be challenging due to the current stage of general cloud knowledge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A virtual machine (VM) is

A

standard operating system (OS) instance captured in a fully configured and operationally ready system image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A hypervisorrepresents itself to the VM as

A

the underlying hardware, thus supporting the operation of the VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Vendor implementations of virtualization vary, but in general they can be classified as follows

A

Type 1 or native virtualization is implemented by a hypervisor running directly on bare hardware

Type 2or hosted virtualization has a hypervisor running as an application within a host OS

OS implemented virtualizationis implemented by the OS itself taking the place of the hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Type 1 Virtualization

A

native virtualization

implemented by a hypervisor running directly on bare hardware

Guest OSs run on top of the hypervisor

Microsoft Hyper-V, Oracle VM, LynxSecure, VMware ESX, and IBM z/VM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Type 2 Virtualization

A

hosted virtualization

has a hypervisor running as an application within a host OS - VMs also run above the hypervisor

Oracle VirtualBox, Parallels, Virtual PC, VMware Fusion, VMware Server, Xen, and XenServer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

OS implemented virtualization

A

implemented by the OS itself taking the place of the hypervisor

Solaris Containers, BSDjails, OpenVZ, Linux-VServer, and Parallels VirtuozzoContainers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Network-based IDSs do/do not work well with virtual servers

A

do not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

The management tools used in a physical server-based deployment will /will not suffice in a highly dynamic virtualized one

A

will not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In a physical server deployment model, provisioning automation is generally

A

not heavily used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

In a heavily virtualized environment, whether it be a cloud or not, OS provisioning will rapidly transition toward being

A

highly automated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

compromise of hypervisor

A

it will become primary target if vulnerable, and have broad impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

hypervisor protection

A

network isolation and security monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

use of local storage in public cloud - Solution?

A

If during the operation of a VM, data is written to physical media, or to memory, and it is not cleared before those resources are reallocated to the next VM, then there is a potential for information exposure

Solution. Assume control over your use of storage and memory when using a public cloud by clearing data yourself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

potential for undetected network attacks between VMs co-located on a server - Solution?

A

Unless the traffic from each VM can be monitored, you cannot detect attacks between VMs
•Solution.Invoke OS-based traffic filtering or firewalling
•Solution. Use segregationto isolate different classes of VMs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

A hypervisor is ___and ____focused than a general purpose operating system, and ___exposed

A

smaller more less

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
A hypervisor____undergo frequent change and____run third-party applications
does not does not
26
The guest operating systems, which may be vulnerable, ___ have direct access to the hypervisor
do not
27
The hypervisor is ___ to network traffic with the exception of traffic to/from ____
completely transparent | a dedicated hypervisor management interface
28
Are there any documents attacks against hypervisor?
No
29
The prime advantage of automated provisioning in clouds is
the predictability, and speed of constituting a resource for a customer
30
Other advantages to provisioning in cloud
Enhancing availability by •provisioning multiple instances of a service •provisioning a service across multiple data centers
31
The security of provisioning depends on the
ability to protect master images and deploying them intact and in a secure manner
32
Provisioning challenges
Reliance on hypervisors | Need for process isolation at every stage of provisioning
33
There is greater concern for potential compromise of ____than for the security of a hypervisor
a provisioning service
34
There are several concerns about cloud data storage
Since clouds tend to implement storage in a centralized facility, some view storage as a potential target for criminals or hackers Multitenancy relies on isolation mechanisms (which can fail) Storage systems are complex hardware and software implementations There are always questions as to the potential for catastrophic failure that might either destroy or expose the data There is a possibility that a cloud provider may store data in multiple jurisdictions • The potential exists for data to become accessed by foreign governments
35
When data falls under regulatory or compliance restrictions, our choice of cloud deployment (be it private, hybrid, or public) depends on an understanding that the provider is fully compliant - whose obligation?
The tenant or user
36
Although the legal ownership of data will remain with the originating data owner, one potential area for concern with a public cloud is that the cloud provider may
Become responsible for owner and custodian
37
concerns with legally admissible evidence in cloud
* Having a tenant obtain access to a provider’s records may compromise the privacy of other tenants * It may be difficult to prove that a tenant’s forensics data that is gathered and stored in a public cloud has not been tampered with
38
Some of the technologiesand many of the software components that define cloud computing are still quite new and have yet to gain a high degree of ___for experienced security professionals
trust
39
___and ___between components are two realms where vulnerabilities may arise
Complexity interaction
40
FedRAMP
The U.S. government has launched an effort called FedRAMP –It is oriented toward enabling the entire process of assuring that cloud instances are appropriate for individual agency applications
41
Two organizations are actively working to enhance cloud security
Cloud Security Alliance | Cloud Computing Interoperability Group
42
Understanding how much risk you can tolerate depends on
assessing your security requirements how you value your information assets (data, applications, and processes)
43
risk
The possibility that something could happen to damage, destroy, or disclose data or other resources is known as risk
44
Risk management is the process of
* identifying factors that could damage or disclose data * evaluating those factors in light of data value and countermeasure cost * implementing cost-effective solutions for mitigating or reducing risk to an acceptable level
45
Exposure Factor (EF) or loss potential
The percentage of loss that an organization would experience if a specific asset were compromised by arealized risk
46
Single Loss Expectancy (SLE)
– The cost associated with a single realized risk against a specific asset – SLE = Asset Value * EF – Example: if AV = $200,000 and EF = 45%, then SLE = $90,000
47
Annualized Rate of Occurrence (ARO)
The expected frequency with which a specific threat or risk will occur
48
Annualized Loss Expectancy (ALE)
– The possible yearly cost of all instances of a specific realized threat against a specific asset – ALE = SLE * ARO
49
Steps of Quantitative Risk Analysis
1.Inventory assets, and assign value (AV) 2.For each asset, list all possible threats –For each asset and threat pair, calculate EF and SLE 3.Perform a threat analysis to calculate the likelihood of each threat being realized within a single year (ARO) 4.Derive the overall loss potential per threat by calculating the annualized loss expectancy (ALE) 5.Inventory countermeasures for each threat –For each countermeasure, calculate the changes to ARO and ALE based on applying that countermeasure 6.Perform cost/benefit analysis, and select the most appropriate response to each threat for each asset
50
Annual Cost of Safeguard (ACS)
Numerous factors are involved in calculating the value of a safeguard •Cost of purchase, cost of maintenance, etc.
51
Cost/benefit equation
(ALE before safeguard –ALE after safeguard) –ACS –If the result is negative, the safeguard is not a financially viable choice –If the result is positive, then that value is the annual savings the organization can gain by deploying the safeguard
52
Qualitative risk analysis is ___
scenario based
53
Qualitative Risk Analysis
A scenariois a written description of a single major threat, focusing on how the threat would affect the organization, the IT infrastructure, or specific assets The process of performing qualitative risk analysis involves judgment, intuition, and experience
54
Qualitative techniquesfor risk analysis include
–Brainstorming –Delphi technique •An anonymous feedback-and response process –Focus groups
55
management must address each specific risk in one of the these four possible ways
–Reduce/mitigate •Implementing safeguards –Assign or transfer •Outsourcing, purchasing insurance –Accept •Written/signed decisionfrom senior management –Reject •Ignoring risk is unethicaland invalidates due care
56
Residual risk
The risk that remains once countermeasures are implemented
57
Controls gap
Controls gap = Total risk –Residual risk
58
If concerns are raised about unacceptable risk, we might approach the overall problem by
limiting risk-sensitive processing to a private cloud •this avoids the introduction of new risk –using a public cloud for non risk-sensitive data
59
Tenants and cloud customer operating in the U.S., Canada, or the E.U. are subject to numerous regulatory requirements, these include
These include Control Objectives for Information and related Technology (COBIT) and Safe Harbor These may relate to where the data is stored or transferred to, as well as how well this data confidentiality is protected
60
Some of these laws apply to specific markets, such as the ___for the health care industry
Health Insurance Portability and Accountability Act (HIPAA)
61
The failure to adequately protect data can have serious consequences, including ___
fines by one or more government or industry regulatory bodies
62
For example, the Payment Card Industry (PCI) can impose fines up to ___per month for compliance violations
$100,000
63
The ___ requires a specific individual to be accountable for a company’s information security
Federal Trade Commission
64
Several issues need to be considered at all stages of the contractual process
``` –Initial due diligence –Contract negotiation –Implementation –Termination (end of term or abnormal) –Supplier transfer ```
65
Prior to entering into a contract with a cloud supplier, a company should evaluate its specific___
needs and requirements For instance, if you are going to collect employee health records in the cloud, then you must ensure that any supplier will meet the guidelines defined by the HIPAA regulations
66
the bulk of cloud services are ___ to involve tailored contracts than traditional hosting or outsourcing contracts
less likely
67
The life cycle of the contractual process does not end when the contract is signed, but has to be continually evaluated throughout the term of the agreement –The cloud provider needs to be assessed to ensure that____ and ___
The contracted services are in fact being delivered All policies and procedures that have been contracted for are being followed
68
Contractual Issues: Contract Negotiation
Once you have narrowed your selection of cloud service providers, the actual contract needs to be agreed upon
69
Contractual Issues: Implementation
The life cycle of the contractual process does not end when the contract is signed, but has to be continually evaluated throughout the term of the agreement
70
Contractual Issues: Termination
The end of the contract, whether due to reaching full term or abnormal termination, is the time when data is at most risk
71
Abnormal termination can occur because of
–cloud provider ceasing activities | –breach of contract by one party
72
Contractual Issues: Supplier Transfer
If you transfer services from one supplier to another, either at the termination of the contract or during the contract, you will have to consider the same factors discussed for termination –Additionally, you will need to define a plan on how to transfer the data securely between vendors
73
Cloud providers may try to ___the control over your data
limit
74
___ need to ensure that services they deploy to the cloud are used according to laws and regulations that are in place for the employees, foreign subsidiaries, or third parties
Global companies
75
The importance of business continuity and disaster recovery needs to be stressed –Two primary possible scenarios should be considered
* A provider may go out of business | * A provider’s data center may become inoperable
76
A cloud provider may be contacted directly to provide data to a third party, via a ___
court order The cloud provider needs to know what actions to take in this event •You may well want to dispute the request •You will therefore need to be assured that the cloud service provider informs you in a timely manner before it complies with the request