Review Questions - SYS701 - 10 - Cloud and Virtualization Security

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

Kevin discovered that his web server was being overwhelmed by traffic, causing a CPU bottleneck. Using the interface offered by his cloud service provider, he added another CPU to the server. What term best describes Kevin's action?

  • Elasticity
  • Horizontal scaling
  • Vertical scaling (correct)
  • High availability

Fran's organization uses a Type I hypervisor to implement an IaaS offering that it sells to customers. Which one of the following security controls is least applicable to this environment?

  • Customers must maintain security patches on guest operating systems.
  • The provider must maintain security patches on the hypervisor.
  • The provider must maintain security patches on the host operating system. (correct)
  • Customers must manage security groups to mediate network access to guest operating systems.

In what cloud security model does the cloud service provider bear the most responsibility for implementing security controls?

  • IaaS
  • FaaS
  • PaaS
  • SaaS (correct)

Greg would like to find a reference document that describes how to map cloud security controls to different regulatory standards. What document would best assist with this task?

<p>CSA CCM (A)</p> Signup and view all the answers

Wanda is responsible for a series of seismic sensors placed at remote locations. These sensors have low-bandwidth connections, and she would like to place computing power on the sensors to allow them to preprocess data before it is sent back to the cloud. What term best describes this approach?

<p>Edge computing (A)</p> Signup and view all the answers

Which one of the following statements about cloud computing is incorrect?

<p>Cloud computing customers provision resources through the service provider's sales team. (C)</p> Signup and view all the answers

Helen designed a new payroll system that she offers to her customers. She hosts the payroll system in AWS and her customers access it through the web. What tier of cloud computing best describes Helen's service?

<p>SaaS (B)</p> Signup and view all the answers

Which cloud computing deployment model requires the use of a unifying technology platform to tie together components from different providers?

<p>Hybrid cloud (D)</p> Signup and view all the answers

Which one of the following would not commonly be available as an IaaS service offering?

<p>CRM (A)</p> Signup and view all the answers

Which one of the following is not an example of infrastructure as code?

<p>Using a cloud provider's web interface to provision resources (C)</p> Signup and view all the answers

Brian is selecting a CASB for his organization, and he would like to use an approach that interacts with the cloud provider directly. Which CASB approach is most appropriate for his needs?

<p>Comprehensive CASB (C)</p> Signup and view all the answers

In which of the following cloud categories are customers typically charged based on the number of virtual server instances dedicated to their use?

<p>IaaS and PaaS (C)</p> Signup and view all the answers

Brian would like to limit the ability of users inside his organization to provision expensive cloud server instances without permission. What type of control would best help him achieve this goal?

<p>Resource policy (A)</p> Signup and view all the answers

Ursula would like to link the networks in her on-premises datacenter with cloud VPCs in a secure manner. What technology would help her best achieve this goal?

<p>Transit gateway (A)</p> Signup and view all the answers

What component of a virtualization platform is primarily responsible for preventing VM escape attacks?

<p>Hypervisor (D)</p> Signup and view all the answers

Ryan is selecting a new security control to meet his organization's objectives. He would like to use it in their multicloud environment and would like to minimize the administrative work required from his fellow technologists. What approach would best meet his needs?

<p>Third-party control (A)</p> Signup and view all the answers

Kira would like to implement a security control that can implement access restrictions across all of the SaaS solutions used by her organization. What control would best meet her needs?

<p>CASB (C)</p> Signup and view all the answers

Howard is assessing the legal risks to his organization based on its handling of PII. The organization is based in the United States, handles the data of customers located in Europe, and stores information in Japanese datacenters. What law would be most important to Howard during his assessment?

<p>All should have equal weight. (D)</p> Signup and view all the answers

Brenda's company provides a managed incident response service to its customers. What term best describes this type of service offering?

<p>MSSP (D)</p> Signup and view all the answers

Tony purchases virtual machines from Microsoft Azure exclusively for use by his organization. What model of cloud computing is this?

<p>Public cloud (A)</p> Signup and view all the answers

Flashcards

Vertical Scaling

Adding more resources (like CPU) to an existing server.

Hypervisor (Type I)

Software that creates and runs virtual machines (VMs).

SaaS Security Responsibility

Provider handles the most security; you use the software.

CSA CCM

Document mapping cloud security controls to regulations.

Signup and view all the flashcards

Edge Computing

Processing data closer to its source, at the 'edge'.

Signup and view all the flashcards

Cloud Provisioning

Customers typically don't provision resources through the service provider's sales team.

Signup and view all the flashcards

SaaS

Software as a Service: delivers applications over the Internet.

Signup and view all the flashcards

Hybrid Cloud

Combines public and private clouds, requiring integration tech.

Signup and view all the flashcards

Not an IaaS service

Customer Relationship Management is not commonly an IaaS service offering.

Signup and view all the flashcards

Infrastructure as Code (IAC)

Using cloud provider's web interface is not infrastructure as code.

Signup and view all the flashcards

Comprehensive CASB

CASB interacting directly with the cloud provider.

Signup and view all the flashcards

Charged by Virtual Server Instances

IaaS and PaaS

Signup and view all the flashcards

Resource Policy

Limits cloud resource provisioning without permission.

Signup and view all the flashcards

Transit Gateway

Securely connects on-premises networks to cloud VPCs.

Signup and view all the flashcards

Hypervisor

Prevents virtual machine escape attacks.

Signup and view all the flashcards

Third-Party Control

A security control from an external vendor.

Signup and view all the flashcards

CASB

Implements access restrictions across multiple SaaS solutions.

Signup and view all the flashcards

Handling PII Internationally

All should have equal weight

Signup and view all the flashcards

MSSP

Provides managed incident response services.

Signup and view all the flashcards

Public Cloud

Microsoft Azure VMs only for your organization.

Signup and view all the flashcards

More Like This

Use Quizgecko on...
Browser
Browser