Lesson 5 Security in the Cloud-c838

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following risks of the public cloud can be caused when the cloud provider goes out of business, is acquired by another interest, or ceases operation for any reason? vendor lock-in vendor lock-out multitenant environment persistent backdoor

vendor lock-out

Occurs on the hypervisor itself, the underlying OS, and the machine directly

Attacks on the hypervisor

Because PaaS implementations are so often used for software development, what is one of the vulnerabilities that should always be kept in mind? Backdoors DoS/DDoS Malware Loss/theft of portable devices

Backdoors

The provider is responsible for determining the location and configuration of the backup and for assessing and declaring disaster events. Private architecture, cloud service as backup Cloud operations, cloud provider as backup Cloud operations, third-party cloud backup provider

Cloud operations, cloud provider as backup

The cloud provider hosts regular operations and the customer opts for contingency operations to distribute risks. Private architecture, cloud service as backup Cloud operations, cloud provider as backup Cloud operations, third-party cloud backup provider

Cloud operations, third-party cloud backup provider

The various models generally available for cloud BC/DR activities include all of the following except: Cloud provider, backup from private provider Cloud provider, backup from another cloud provider Cloud provider, backup from same provider Private architecture, cloud backup

Cloud provider, backup from private provider

Countermeasures for protecting cloud operations against internal threats include all of the following except: Mandatory vacation Conflict of interest Least privilege Separation of duties

Conflict of interest

Considers full offsite backups, secured and kept by a customer, to protect against vendor lock-in/lock-out

Contractual failure

A legal activity might result in a host machine being confiscated or inspected by law enforcement or plaintiffs' attorneys

Data seizure

A legal activity that might result in a host machine being confiscated or inspected by law enforcement or plaintiffs' attorneys.

Data seizure

Countermeasures for protecting cloud operations against external attackers include all of the following except: Continual monitoring for anomalous activity Detailed and extensive background checks Hardened devices and systems, including servers, hosts, hypervisors, and virtual machines Regular and detailed configuration/change management activities

Detailed and extensive background checks

Because of multitenancy, specific risks in the public cloud that don't exist in the other cloud service models include all the following except: DoS/DDoS Escalation of privilege Risk of loss/disclosure due to legal seizures Information bleed

DoS/DDoS

These attacks can take many forms, such as unauthorized access, eavesdropping, DOS/DDoS, and so on.

External Attacks

Includes hardened devices, hypervisors, and virtual machines, with thorough configuration and change management protocols

External attacker

Includes malware, hacking, DoS/DDoS, man-in-the-middle attacks, and so on

External threat

The customer wants to refute control, deny insight, and refrain from disclosing any information used for malicious purpose. .

False

An improperly designed or poorly configured hypervisor might allow for a user to leave the confines of their own virtualized instance

Guest escape

An improperly designed or poorly configured hypervisor might allow for a user to leave the confines of their own virtualized instance.

Guest escape

Countermeasures for protecting cloud operations against internal threats include all of the following except: Extensive and comprehensive training programs, including initial, recurring, and refresher sessions Aggressive background checks Hardened perimeter devices Skills and knowledge testing

Hardened perimeter devices

A poorly negotiated cloud service contract could result in all the following detrimental effects except: Unfavorable terms Malware Vendor lock-in Lack of necessary services

Malware

This can be considered an external or internal threat, depending on the source of the infection.

Malware

Benefits for addressing BC/DR offered by cloud operations include all of the following except: Fast replication Regular backups offered by cloud providers Metered service Distributed, remote processing, and storage of data

Metered service

Ensures multiple redundancies for all systems and services for the datacenter

Natural disaster

In the private cloud, the organization knows exactly how prepared they are to cope with this situation and how often, what kind, and where backups are done.

Natural disasters

All of the following methods can be used to attenuate the harm caused by escalation of privilege except: Extensive access control and authentication tools and techniques Analysis and review of all log data by trained, skilled personnel on a frequent basis Periodic and effective use of cryptographic sanitization tools The use of automated analysis tools such as SIM, SIEM, and SEM solutions

Periodic and effective use of cryptographic sanitization tools

This includes both inadvertent and malicious threats. In the private cloud, personnel controls remain at the behest of the organization, which can be reassuring.

Personnel Threats

A malicious or negligent insider can cause significant negative impact, as they have physical access to the resources

Personnel threat

What is the term we use to describe the general ease and efficiency of moving data from one cloud provider either to another cloud provider or down from the cloud? Obfuscation Portability Mobility Elasticity

Portability

The customer decides when normal operations will cease and the backup will be utilized as the operational network. Private architecture, cloud service as backup Cloud operations, cloud provider as backup Cloud operations, third-party cloud backup provider

Private architecture, cloud service as backup

Countermeasures for protecting cloud operations against internal threats include all of the following except: Masking and obfuscation of data for all personnel without need to know for raw data Active physical surveillance and monitoring Active electronic surveillance and monitoring Redundant ISPs

Redundant ISPs

In private configurations, full control resides internally, and the organization can know its exact regulatory exposure and confidently ensure that it is complying with all relevant regulations.

Regulatory Noncompliance

Implements DRM solutions, hires knowledgeable, trained personnel with skillsets, and uses encryption, obfuscation, and masking

Regulatory violation

Which of the following is a technique used to attenuate risks to the cloud environment, resulting in loss or theft of a device used for remote access? Safe harbor Remote kill switch Dual control Muddling

Remote kill switch

The programs and instances run by the customer will operate on the same devices used by other customers

Resource sharing

Countermeasures for protecting cloud operations against internal threats include all of the following except: Scalability DLP solutions Financial penalties for the cloud provider in the event of negligence or malice on the part of its own personnel Broad contractual protections to ensure the provider is ensuring an extreme level of trust in its own personnel

Scalability

Uses training and incentive programs to identify personnel who resist the attempts and bring them to the attention of the security office

Social engineering

Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except: The cloud provider's suppliers The cloud provider's resellers The cloud provider's utilities The cloud provider's vendors

The cloud provider's resellers

After a cloud migration, the BIA should be updated to include a review of the new risks and impacts associated with cloud operations; this review should include an analysis of the possibility of vendor lock-in/lock-out. Analysis of this risk may not have to be performed as a new effort, because a lot of the material that would be included is already available from which of the following? Open source providers NIST The cloud provider The cost-benefit analysis the organization conducted when deciding on cloud migration

The cost-benefit analysis the organization conducted when deciding on cloud migration

The customer is concerned with data, whereas the provider is concerned with security and operation.

True

The customer's ultimate legal liability for data it owns remains true even if the provider's failure was the result of negligence

True

The risks and responsibilities will be shared between the cloud provider and customer.

True

Which hypervisor malicious attackers would prefer to attack? Type 4 Type 1 Type 2 Type 3

Type 2

All of the following are techniques to enhance the portability of cloud data, in order to minimize the potential of vendor lock-in except: Avoid proprietary data formats Use DRM and DLP solutions widely throughout the cloud operation Ensure there are no physical limitations to moving Ensure favorable contract terms to support portability

Use DRM and DLP solutions widely throughout the cloud operation

What is the term used to describe loss of access to data because the cloud provider has ceased operation? Masking Vendor lock-in Vendor lock-out Closing

Vendor lock-out

The threats are enhanced because even more resource sharing and simultaneous multitenancy is going to occur

Virtualization

resources are shared and dispersed among an affinity group. Infrastructure can be owned and/or operated jointly, individually, centrally, across the community, or in any combination and mixture of these options.

community cloud

The cloud customer will have the most control of their data and systems, and the cloud provider will have the least amount of responsibility, in which cloud computing arrangement? IaaS PaaS SaaS Community cloud

IaaS

Refers to the possibility that processing performed on one virtualized instance may be detected by other instances on the same host.

Information bleed

The possibility exists that processing performed on one virtualized instance may be detected by other instances on the same host

Information bleed

An issue in which the customer's software may not function properly with each new adjustment in the environment if the OS is updated by the provider.

Interoperability issue

The customer's software may not function properly with each new adjustment in the environment if the OS is updated by the provider

Interoperability issue

When reviewing the BIA after a cloud migration, the organization should take into account new factors related to data breach impacts. One of these new factors is: Legal liability can't be transferred to the cloud provider. Breaches can cause the loss of intellectual property. Breaches can cause the loss of proprietary data. Many states have data breach notification laws.

Legal liability can't be transferred to the cloud provider.

Which of the following risks that private cloud operator face includes both inadvertent and malicious threat? natural disaster personnel threat malware regulatory compliance

personnel threat

a cloud that is owned and operated by an organization for its own benefit

private cloud

a company offers cloud services to any entity that wants to become a cloud customer, be it an individual, company, government agency, or other organization.

public cloud

Which of the following is the benefit of the community cloud deployment model that come with attendant risks? reliability accuracy shared cost provider longevity

shared cost


Conjuntos de estudio relacionados

BUS 110-40 Chapter 3 - Exploring Global Business

View Set

Module 1 Calculation Review Problems

View Set

Chapters 1-8, Chapters 9-13 4 exam

View Set

Economics of Strategy: Chapter 11 Sustaining Competitive Advantage

View Set

NWM North Carolina Life Insurance Exam

View Set