Cloud Threats
What situation exists when a user is able to use a virtual machine to access resources assigned to another virtual machine running on the same hypervisor?
What is VM escape
Examples of this model include Gmail, Netflix, and Microsoft Office 365.
What is Saas
This type of deployment model is tailored for a single organization.
What is Private cloud
This cloud security model means the cloud provider secures the infrastructure, while the customer secures their data and access.
What is shared responsibility model
What entity in every cloud service model is responsible for the security of the data itself?
What is the customer
What security threat exists when a user is able to gain privileges not assigned to them in an authorized manner?
What is escalation of privilege
This billing model is frequently used for code-as-a-service, where you only pay for code that is actually executed.
What is Pay-as-you-go
Which deployment model provides a balance between the flexibility of public clouds and the security of private clouds?
What is hybrid cloud
This strategy reduces downtime by automatically switching operations to a standby system when the primary system fails.
What is failover
Which service model requires the customer to manage the most, including the OS and middleware?
What is Iaas
What situation occurs when a vendor prevents a cloud customer from accessing the resources assigned to them
What is Vendor lock-out
Code as a Service (CaaS) is often used to eliminate this type of task.
What is Repetitive/manual tasks
IBM Cloud falls under which cloud deployment model?
What is Public cloud
This process identifies potential threats, evaluates their impact, and prioritizes them before implementing security controls.
What is risk assessment
Which service model takes care of OS patching, but leaves the customer responsible for the application code?
What is Paas
What situation occurs when circumstances make it difficult for a customer to switch to an alternative cloud vendor
what is Vendor lock-in
This capability in the PaaS model eliminates the need for developers to build backend integration from scratch.
What is APIs
Along with public and private, this is one of the three main, original NIST cloud deployment models.
What is community cloud
This security practice limits user permissions to only what is necessary to perform their job functions.
What is principle of least privilege
Which service model has the provider take care of nearly everything except the data and user access?
What is SaaS
What type of attack is able to insert themselves between the sender and the receiver of encrypted data
What is man in the middle or on path attack
Because the SaaS vendor manages the servers and software, this is the main responsibility remaining for the client.
What is providing data and configuring user access?
In a hybrid cloud model, this specific technique involves shifting workloads to a public cloud when on-premises demand exceeds capacity.
What is cloud bursting
This disaster recovery metric measures how much data loss is acceptable in terms of time.
What is recovery point objective
Which entity in every cloud service model is responsible for the physical security of the host servers as well as the data center?
What is the provider