Cloud Security Flashcards

1
Q

AWS Shared Responsibility Model

A

Customer: Responsibility for security ‘in’ the cloud
AWS: Responsibility for security ‘of’ the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Shared controls

A

controls which apply to both AWS and customer but in completely separate context or perspectives

patch management:

  • AWS: patching infrastructure
  • Customer: patching guest OS and applications

configuration management:

  • AWS: maintains the configuration of its infrastructure devices
  • Customer: configure their own guest OS, databases and applications

awareness and training:

  • AWS: trains AWS employees
  • Customer: trains their own employees
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Identity and Access Management (IAM)

A

helps you securely control access to AWS services and resources for your users and applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM User

A

person or application that can authenticate with an AWS account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM Group

A

A collection of IAM users that are granted identical authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IAM Policy

A

the document that defines which resources can be accessed and the level or access to each resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IAM Role

A

A set of permissions that define what actions a user, service, or entity can perform within AWS services

  • temporary credentials
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key Management Services (KMS)

A

Enables you to create and manage encryption keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CloudHSM (Hardware Security Module)

A

Web service that helps you meet corporate, contractual and regulatory compliance requirements for data security by using hardware security module (HSM) appliances within the AWS Cloud

  • HSM: physical device that safeguards and manages cryptographic keys and performs cryptographic operations in a highly secure manner
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

IAM Access Analyzer

A

Helps to streamline permissions management throughout the continuous cycle of access management to achieve least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly