In the Clouds
This cloud service model is the most basic of models that includes only hardware, facilities, abstraction, and APIs and put the least amount of responsibility on the cloud provider compared to the other models.
Infrastructure as a Service.
In DevOps terms, what does the acronym CI/CD stand for?
Continuous Integration and Continuous Delivery / Deployment
The firewall / security list rule type that determines what traffic can enter a system.
Ingress Rules
This acronym is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.
Identity and Access Management
Remote Desktop Service (RDS)
This is a web application utilized in AWS environments that comprises and refers to a broad collection of service consoles for managing AWS resources.
AWS Management Console
A __________ is where you store your code and make changes to it within the version control tool.
Repository
This type of security concept only allows traffic from destinations labeled as "good" senders
Whitelisting
In an IAM system, this principle is based around only providing users the bare minimum access that they require in order to perform their job responsibilities.
Principle of Least Privilege
This linux command lists all local users on a linux server.
/etc/passwd
While "firewalls" are utilized in a traditional environment, these are typically utilized in an AWS cloud environment to filter incoming and outgoing traffic from an EC2 instance.
Security Groups / Rules
This type of request allows a developer to check source code changes into a branch, allowing other DevOps personnel to review and approve the change prior to implementation.
Merge Request
This type of firewall has set rules that does not change based on the context of a packet
Static Packet Filtering
The process of a user gaining access to a resource or object based on the privileges associated with their credentials.
Authorization
This is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework that runs on Windows, Linux, and macOS.
PowerShell
A cloud service provider hosts cloud instances in separate geographic areas called regions. In each region, this is the term to describe the multiple, isolated locations a cloud service customer can host their services.
Availability Zones
This type of testing is utilized in CI/CD pipelines to check source code for known vulnerabilities prior to implementation.
Static Application Security Testing (SAST)
Organizations that want multiple devices to employ a single IP address prior to transferring information would utilize this firewall functionality.
Network Address Translation (NAT)
This is an authentication protocol that allows third-party websites to access and retrieve select pieces of information from larger websites in order to authenticate users. (Ex. Google, Facebook)
OAuth
/etc/sudoers
This is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user.
Cloud Computing
In a typical DevOps version control tool, personnel would implement these in order to prevent unauthorized changes from being implemented into production
Branch Protection Rules / Settings
This firewall is configured to examine all HTTP traffic between external users and externally facing applications.
Web Application Firewall (WAF)
This IAM method allows for linking of a user's identity across multiple separate identity management systems (Okta, etc.)
Federated Identity
This Windows Group Policy Object (GPO) is the default GPO utilized to determine the Password Policy and Account Lockout Policy on a server that is tied to the Domain.
Default Domain Policy