Flashcards in Chapter 6: Securing the Cloud Deck (8)
Four Different Cloud Delivery Options
-Usually means it's owned and operated by the same person.
-Someone owns the cloud infrastructure and leases it out
-Exclusive use by a specific community, generally one with common goals
-A combination of the types listed above
Type I vs. Type II Hypervisor
Type I Hypervisor, AKA bare metal
-Independent of the Operating System and boots before it
Type II Hypervisor, AKA hosted
-The VMware is dependent on the OS and cannot be booted up until the OS is ready. This is common in consumer-grade VMware.
Saving the state of the VM so you can revert it in case of system failure.
-This can also be used for VM cloning.
You need to make sure before you roll a patch out to all your virtual machines that it's not gonna break them. Make sure to have a test machine readily available any time you want to make a significant change.
Not only is it important for Cloud hosts to have their infrastructure up and running 99.999% of the time, but they also need to be very flexible. A consumer needs to be able to scale up their environment as much as they need to. You should make it feel limitless for them.
Security Control Testing
Essentially penetration testing on the Virtual Machine. Throw everything you have at it so you can find its weaknesses and append/report them.
Running the applications in restricted memory store, limiting the possibility of app crash, which could let the client server hop and fuck someone else up.