Describe the concepts of security, compliance, and identity

Question 1

shared responsibility model

Answer 1

identifies which security tasks are handled by the cloud provider, and which security tasks are handled by you, the customer

Question 2

SaaS

Answer 2

software as a service; cloud service provider is responsible for the entire solution except for information and data, devices, and accounts and identities; shared responsibility for identity and directory infrastructure

Question 3

PaaS

Answer 3

platform as a service; cloud service provider manages hardware and OS, some responsibilities (like network controls, applications, and identity and directory infrastructure) are shared between the customer and the service provider

Question 4

IaaS

Answer 4

infrastructure as a service; cloud service provider manages the hardware, customer manages everything installed or implemented

Question 5

on-prem

Answer 5

on-premises datacenter; everything is managed by the customer

Question 6

defense in depth

Answer 6

uses a layered approach to security

Question 7

layers of defense in depth

Answer 7

1. physical security
2. identity and access security
3. perimeter security
4. network security
5. compute layer security
6. application layer security
7. data layer security controls

Question 8

zero trust model

Answer 8

• verify explicitly
• least privileged access
• assume breach

Question 9

zero trust foundational pillars

Answer 9

• identities
• devices
• applications
• data
• infrastructure
• networks

Question 10

encryption

Answer 10

the process of making data unreadable and unusable to unauthorized viewers

Question 11

hashing

Answer 11

uses an algorithm to convert the original text to a unique fixed-length value, called a hash value

Question 12

governance, risk, and compliance

Answer 12

helps organizations reduce risk and improve compliance effectiveness

Question 13

governance

Answer 13

the rules, practices, and processes an organization uses to direct and control its activities

Question 14

risk management

Answer 14

the process of identifying, assessing, and responding to threats or events that can impact company or customer objectives

Question 15

compliance

Answer 15

the country/region, state or federal laws or even multinational regulations that an organization must follow

Question 16

identity

Answer 16

how someone or something can be verified and authenticated

Question 17

pillars of identity infrastructure

Answer 17

• administration
• authentication
• authorization
• auditing

Question 18

authentication

Answer 18

the process of proving that a person is who they say they are; grants access

Question 19

authorization

Answer 19

determines the level of access or the permissions an authenticated person has to your data and resources

Question 20

identity provider

Answer 20

creates, maintains, and manages identity info; enables organizations to establish authentication and authorization policies, monitor user behavior, and more

Question 21

directory services

Answer 21

stores directory data and makes it available to network users, administrators, services, and applications

Question 22

Active Directory

Answer 22

one of the best known directory services; a central component in organizations with on-premises IT infrastructure

Question 23

federation

Answer 23

A collection of realms (domains) that have established trust among themselves. The level of trust may vary, but typically includes authentication and may include authorization.