Secure Data Transfer
This AWS service uses physical devices to securely transfer petabytes of workload data into the cloud.
What is AWS Snowball?
This GCP service detects brute-force SSH, malware, and cryptomining in workload logs.
What is Event Threat Detection?
This SCC scanner flags open storage buckets, VMs without SSL, and exposed Web UIs.
What is Security Health Analytics?
These provide limited-time access to Google Cloud Storage objects without requiring an account.
What are Signed URLs?
AWS Snowball secures data in transit, while GCP Event Threat Detection secures this.
What is data in use (log activity/operations)?
AWS Snowball improves security by encrypting data at rest using this.
What are AWS Key Management Service (KMS) keys?
Event Threat Detection is part of this broader GCP platform.
What is Google Security Command Center?
Security Health Analytics detects vulnerabilities across these four resource types.
What are VMs, containers, networks, and storage?
Signed URLs are often used to grant time-limited access for this common use case.
What is file download or upload?
Event Threat Detection and Security Health Analytics are both part of this GCP suite.
What is Google Security Command Center?
After workloads are migrated, AWS securely wipes Snowball devices using this erasure method.
What is NIST-compliant software erasure?
Event Threat Detection relies on this type of analytics to detect anomalies.
What is behavioral/log analytics?
Security Health Analytics provides findings that can be used for these two functions.
What are compliance checks and remediation planning?
Signed URLs are an example of this type of IAM delegation mechanism.
What is delegated or temporary access control?
Signed URLs help secure app workloads by limiting access, while Security Health Analytics focuses on these.
What are misconfigurations and vulnerabilities?
Using Snowball avoids these two major bottlenecks for workload migration.
What are high network costs and long transfer times?
True or False: Event Threat Detection requires third-party integration to analyze logs.
What is False?
Security Health Analytics checks IAM policies to ensure alignment with this principle.
What is the principle of least privilege?
Which parameter in a Signed URL specifies how long the access remains valid?
What is the expiration time (or TTL)?
Event Threat Detection identifies brute-force attacks, while Signed URLs prevent this kind of risk.
What is unauthorized access/sharing of workload resources?
Snowball is often a stepping stone to this larger-scale AWS data transfer service.
What is AWS Snowmobile? RETIRED
Event Threat Detection is especially useful for detecting suspicious activity across these multiple environments.
What are multi-project Google Cloud environments?
Which GCP role most benefits from Security Health Analytics findings?
What is the cloud security engineer?
Signed URLs are often compared to this AWS equivalent feature.
What are AWS S3 pre-signed URLs?
Together, Snowball, Event Threat Detection, Security Health Analytics, and Signed URLs secure workloads across these three lifecycle phases.
What are migration, monitoring, and access control?