Chapter 10 - 03 - Discuss the Insights of Cloud Security and Best Practices - 08_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

Cloud Security Controls
Ll

Cloud Application Security High Availability Across Zones
It is a set of rules, processes, policies, A cloud environment for an application has
controls, and techniques used to administer high availability if the application’s services
all the data exchange between continue during intentional or unintentional
collaborative cloud platforms network downtimes

Cloud Application Security
Cloud
I}J Environment
{
{ 1aas
laasS Paas
Paas
)
Saas \

Applications ; ‘ Applications Applications

Cloud Security Controls (Cont’d)
@ Cloud Integration and Auditing
= |t is a basic security measure implemented
Q Cloud integration is the process of grouping multiple cloud Security in cloud infrastructure to provide security
environments together in the form of a public or hybrid cloud Groups to virtual instances
O Cloud auditing is the process of analyzing the services
* The security group resides between the
offered by cloud providers and verifying the conformity to
Internet and virtual instances to control
requirements for privacy, security, etc.
the inbound and outbound traffic
o

Cloud Environment 3
Cloud Environment 1
Instance =* The cloud-based kill chain model
Awareness describes
N the possibilities of using fake
E

cloud instances for command and control
to exfiltrate data from a cloud
B

environment

b |4

Cloud Security Controls
Cloud security controls protect a cloud environment from any type of vulnerability and
minimize the impacts of cyberattacks. These controls may include practices, procedures,
guidelines, and policies that are enforced to secure the cloud infrastructure.

Module 10 Page 1372 Certified Cybersecurity Technician Copyright © by EG-Council
EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Virtualization and Cloud Computing

A few examples of cloud security controls are discussed below.
Cloud Application Security
Cloud application security is a set of rules, processes, policies, controls, and techniques
that administer all the data exchange between collaborative cloud platforms such as
Box, Google G Suite, Slack, and Microsoft Office 365. If employees or users store and
send data in cloud platforms over the long term, it is mandatory to include a cloud-
based solution known as “safety net” in the zero-trust security implementation. Cloud
application security is applied to only the application layers of Saa$, 1aaS, and Paas.

Cloud Application Security

laas PaaS Saas
Applications Applications Applications

Figure 10.63: Cloud application security

Implementing cloud application security prevents exploits such as cross-site scripting
(XSS), cross-site request forgery (CSRF), session hijacking, SQL injection, and weak
authentication.
High Availability Across Zones

A cloud environment for an application has high availability if the application’s services
continue during intentional or unintentional network downtimes. High availability can
be achieved by dividing servers into zones and maintaining network consistency across
them. It enables the environment to handle failures in individual availability zones or the
network without losing data. It also provides centralized management to monitor
network operations and resource utilization. Figure below shows a simplified view of a
cloud environment with high availability across zones.

Cloud N
Environment

posscssasanss.
y - —Do -
/ =.
y eescsseem -.
/" : ‘—l—.. \
) : : Node 1 =: \\. Information : Sessssssaanane A copy of the
/.