Misconfig
What is open to the world?
0.0.0.0/0
What is having too many permissions?
Overprivileged
What is a cloud firewall?
Security Group
What is encryption at rest?
Stored encrypted
What causes most breaches?
Human error
What is the risk of public storage?
Data exposure
What is the best practice for access control?
Least privilege
What is the risk of port 22 being open?
SSH exposure
What is encryption in transit?
HTTPS
What is your responsibility in cloud security?
in a shared responsibility model your data is your responsibility
What is the default cloud storage setting?
Private
What is the issue with shared accounts?
No accountability
What does a private subnet mean?
No public access
What is a public bucket?
publicly accessible storage
What is the risk of fast deployment?
Misconfiguration
What is the #1 cloud risk?
Misconfiguration
What does MFA protect?
accounts + access attempts
What is the risk of a public IP?
Direct exposure
What is the purpose of backups?
Recovery
What tool is used for cloud auditing?
CSPM / config scanner
What enforces secure configurations?
Policies / Guardrails
What is the rule for root account usage?
Root is used for break-glass only
What is the best way to control SSH access?
Restrict IP / VPN
What is the rule for sensitive data?
Never public
What should be fixed first in a breach?
Exposure