Forensic Evidence Handling
In AWS forensics, this is the first step investigators take to preserve compromised EC2 disk evidence without moving data across regions.
What is creating a snapshot (then evidence volume) in the same region?
This CSA framework underpins the STAR Registry, mapping cloud controls to actors in the supply chain.
What is the Cloud Controls Matrix (CCM)?
This term describes being locked into a single provider’s proprietary tools and services.
What is vendor lock-in?
In GCP incident management, this role directs team actions during cloud security events.
What is the Security Incident Commander?
This process compares current migration posture against security standards to find gaps.
What is a Gap Analysis for Cloud Migration?
Governance in cloud ensures alignment between IT infrastructure and this.
What is business vision (stakeholder priorities)?
If you power off a compromised VM too early, this type of volatile data critical for investigation is lost.
What is memory data (RAM contents, active connections, running processes)?
NIST helps standardize operations across AWS, Azure, and GCP to fix inconsistent CPU speed measures.
What is cloud homogeneity through NIST frameworks?
This NIST reference actor manages cloud usage, performance, and delivery between CSPs and consumers.
What is the Cloud Service Manager (or Broker)?
These personnel are the first line of defense in incident response.
Who are Incident Handlers?
Assessing vendors’ security during procurement is an example of this.
What is performing Gap Analysis in Vendor Procurement?
This corporate process balances stakeholder demands while directing activities in cloud environments.
What is Corporate Governance?
In Azure, this secure token allows delegated access to a snapshot during forensic transfer.
Answer: What is a Shared Access Signature (SAS)?
Before analyzing an EC2 disk copy, investigators must confirm this about the forensic instance.
These ISO standards provide an international framework for information security management and auditing.
What are ISO 27001 and ISO 27002?
This NIST architecture role mediates between cloud providers and consumers, offering integration.
What is the Cloud Broker?
Taking a compromised system offline belongs to this phase of the IR lifecycle.
What is Containment?
Reviewing IAM policies, ACLs, subnets, and routing tables is an example of this reconnaissance.
What is Cloud Reconnaissance?
In cloud contexts, governance extends this boardroom concept to IT oversight.
What is Corporate Governance for Cloud Strategy?
What is ensuring the forensic instance is terminated until evidence volumes are attached?
This must be created before mounting a snapshot on a forensic workstation to maintain chain of custody.
ISO 27001/27002 emphasize this key governance practice for hidden workloads and compliance.
What is auditing and risk assessment of cloud resources?
This AWS framework provides a structured roadmap for cloud adoption and governance.
What is the AWS Cloud Adoption Framework (CAF)?
Taking a website offline after an SQL injection attack is an example of this lifecycle step.
What is Containment (shutting down exposure)?
Governance requires balancing the priorities of these stakeholders in cloud strategy.
Who are corporate stakeholders (management, employees, investors, suppliers)?
Governance ensures that these actors’ interests are aligned: management, employees, and ___?
What are investors and suppliers?
In Azure, this secure token allows delegated access to a snapshot during forensic transfer.
What is a Shared Access Signature (SAS)?
Cloud security audits against ISO 27001/27002 focus on protecting this category of sensitive data.
What is customer data?
A CCoE is this governance body inside enterprises for aligning cloud with business.
What is the Cloud Center of Excellence?
These actors analyze and respond in the earliest stage of DDoS or breach detection.
Who are First Responders (Incident Handlers)?
This risk management practice ensures migration projects comply with standards before launch.
What is pre-migration security assessment (Gap Analysis)?
True or False: Corporate Governance is the same as compliance.
What is False (compliance is narrower)?