Cloud Architecture and Design
A cloud design that links multiple cloud environments together to make a collaborative cloud environment
What is Community Cloud?
The model for a cloud infrastructure that has multiple customers to a server
What is multi-tenant? (Or shared infrastructure)
The type of IDS that compares system activities to a predetermined baseline
What is anomaly-based? (Or Anomaly detection)
Responsibility model based on the distribution of responsibilities between client and distributor/provider of a cloud based infrastructure
What is the Shared Responsibility Model?
The definition of the SOC acronym as it relates to legal auditing
What is Security Operation Center?
Used specifically to waste an attackers time/resources
What is a Tarpit?
The practice of using JSON, YAML, or XML files as configuration
What is Configuration as Code?
The CVSS metric for issues that evolve over the lifetime of a vulnerability
What is the temporal score?
A service that is used to monitor database activity for security purposes
What is Database Activity Monitoring (DAM)?
All current types of SOC that are used in the auditing process
What is SOC1, SOC2, and SOC3?
An alert generated by an IDS/IPS that inaccurately identifies traffic as malicious
What is a False Positive?
The protocol used to remotely access network systems on the management plane
What is Secure Shell?
The main purpose of the pentbox security suite
What are honeypots?
Audit used to ensure data integrity and lack of internal abuse especially in relation to transactions
What is PCI DSS?
The type of SOC audit used for ultimate certification after the completion of two other SOC audits
What is SOC3?
Accessing a higher security zone through SSH/RDP
What is a Bastion host?
Used for the end of implementing microservices and works by managing traffic between cloud architecture
What is an API Gateway?
The company that commercialized Snort IDS
What is Sourcefire?
Type of firewall that filters traffic based on inspected HTTP/HTTPS behavior
What is Application Based Firewall?
The type of test regarding controls and design of a system that is not performed on a routine time basis and is instead performed at a single point in time
What is SOC1?
Failure of ids/ips to detect malicious activity
What is a False negative?
Service used for cloud structuring and configuration that is replicable/repeatable
What is Code as Service (CaS)?
The meaning of the letter “R” in SOAR
What is “Response”?
Service used for multi-cloud environments (IaaS, PaaS, and SaaS) monitoring and policy enforcement
What is Cloud Access Security Broker (CASB)?
The name of the American based institution that sets standards for the certification of public accountants
What is American Institute of Certified Public Accountants (AICPA)?