CYBR 2600 - Sec Chapter 18
False (may not know physical location of server)
Clouds can be created by many entities, but must be internal to an organization. True/False
True
Zones can be used for replication and provide load balancing as well as high availability. True/False
False (should use a private cloud for better security)
If your organization is highly sensitive to sharing resources, you might want to consider the use of a public cloud to reduce exposure and increase your control over security, processing, and handling of data. True/False
True
Private cloud services will separate users with security restrictions, but the depth and level of these restrictions will be significantly greater than in a public cloud. True / False
public
The term "_________ cloud" refers to a cloud service rendered over a system that is open for public use.
False (that's type I hypervisors)
Type II hypervisors run directly on system hardware. True / False
transit gateway
Which term refers to a network connection used to interconnect virtual private clouds and on-premises networks? - certificate repository - digital sandbox - captive portal - transit gateway
edge
Which type of computing brings processing closer to the edge of the network, which optimizes web applications and IoT devices?
containers
___________ are a form of operating system virtualization; they are a packaged-up combination of code and dependencies that help applications run quickly in different computing environments. - Containers - Rootkits - Scripts - Zones
True
Platform as a Service (PaaS) offerings generally focus on security and scalability. True/False
True
One of the characteristics of cloud computing is transparency to the end user. True/False
hypervisor
A(n) __________ is a low-level program that allows multiple operating systems to run concurrently on a single host computer.
True
Cloud-based data storage was one of the first uses of cloud computing. True/False
True
Encryption is a failsafe--even if security configurations fail and the data falls into the hands of an unauthorized party, the data can't be read or used without the keys. True/False
True
When an infrastructure is established "on premises," the unit of computing power is a server. True/False
instance awareness
Which capability must be enabled on firewalls, secure web gateways, and cloud access security brokers to determine if the next system in a communication is legitimate or not? - discretionary access - escalation auditing - key archiving - instance awareness
Infrastructure as a Service (IaaS)
Which cloud computing service model describes cloud-based systems that are delivered as a virtual solution for computing that allows firms to contract for utility computing as needed rather than build data centers? - Platform as a Service (PaaS) - Software as a Service (SaaS) - Infrastructure as a Service (IaaS) - Security as a Service (SaaS)
Software as a Service (SaaS)
Which cloud computing service model involves the offering of software to end users from within the cloud? - Platform as a Service (PaaS) - Software as a Service (SaaS) - Infrastructure as a Service (IaaS) - Security as a Service (SaaS)
community
Which cloud system is defined as one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor?
Security as a Service
Which computing service model is used for the outsourcing of security functions to a vendor that has advantages in scale, costs, or speed? - Security as a Service - Platform as a Service - Infrastructure as a Service - Software as a Service
Platform as a Service (PaaS)
Which marketing term is used to describe the offering of a computing platform combining multiple sets of software in the cloud? - Platform as a Service (PaaS) - Software as a Service (SaaS) - Infrastructure as a Service (IaaS) - Security as a Service (SaaS)
container security
Which process involves implementing security tools and policies to ensure your container is running as intended?
secrets management
Which term denotes the policies and procedures employed to connect the IAM systems of the enterprise and the cloud to enable communication with the data? - buffer overflow - secrets management - cross-site scripting - discretionary access
virtual desktop infrastructure (VDI)
Which term describes the hosting of a desktop environment on a central server? - virtual desktop infrastructure - Infrastructure as a Service - virtualization - Open Container Initiative
cloud access security brokers (CASB)
Which term is used for an integrated suite of tools offered as Security as a Service, or a third-party managed security service provider (MSSP), focused on cloud security? - computer emergency response team (CERT) - Certificate Authority (CA) - application service provider (ASP) - cloud access security brokers (CASB)
