Apache CloudStack: Understanding Cloud Computing Concepts and Technologies, Exams of Computer Science

Download Apache CloudStack: Understanding Cloud Computing Concepts and Technologies and more Exams Computer Science in PDF only on Docsity! CCSP - Certified Cloud Security Professional Study Set 2024 Anything-as-a-Service Correct Answer is Anything-as-a-service, or "XaaS," refers to the growing diversity of services available over the Internet via cloud computing as opposed to being provided locally, or on premises. Apache CloudStack Correct Answer is An open source cloud computing and Infrastructure as a Service (IaaS) platform developed to help Infrastructure as a Service make creating, deploying, and managing cloud services easier by providing a complete "stack" of features and components for cloud environments. Cloud Administrator Correct Answer is This individual is typically responsible for the implementation, monitoring, and maintenance of the cloud within the organization or on behalf of an organization (acting as a third party). Cloud App (Cloud Application) Correct Answer is Short for cloud application, cloud app is the phrase used to describe a software application that is never installed on a local computer. Instead, it is accessed via the Internet. Cloud Application Architect Correct Answer is Typically responsible for adapting, porting, or deploying an application to a target cloud environment. Cloud Application Management for Platforms (CAMP) Correct Answer is A specification designed to ease management of applications — including packaging and deployment — across public and private cloud computing platforms. Cloud Architect Correct Answer is He or she will determine when and how a private cloud meets the policies and needs of an organization's strategic goals and contractual requirements (from a technical perspective). Cloud Backup Service Provider Correct Answer is A third-party entity that manages and distributes remote, cloud- based data backup services and solutions to customers from a central data center. Cloud Backup Solutions Correct Answer is Enable enterprises or individuals to store their data and computer files on the Internet using a storage service provider rather than storing the data locally on a physical disk, such as a hard drive or tape backup. Cloud Computing Correct Answer is A type of computing, comparable to grid computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications. Cloud Computing Accounting Software Correct Answer is Accounting software that is hosted on remote servers. Cloud Computing Reseller Correct Answer is A company that purchases hosting services from a cloud server hosting or cloud computing provider and then re-sells them to its own customers. Cloud Database Correct Answer is A database accessible to clients from the cloud and delivered to users on demand via the Internet. Cloud Data Architect Correct Answer is Ensures the various storage types and mechanisms utilized within the cloud environment meet and conform to the relevant SLAs and that the storage components are functioning according to their specified requirements. Cloud Developer Correct Answer is Focuses on development for the cloud infrastructure itself. This role can vary from client tools or solutions engagements, through to systems components. Cloud Enablement Correct Answer is The process of making available one or more of the following services and infrastructures to create a public cloud-computing environment: cloud provider, client, and application. Cloud Management Correct Answer is Software and technologies designed for operating and monitoring the applications, data, and services residing in the cloud. Cloud management tools help to ensure a company's cloud computing-based resources are working optimally and properly interacting with users and other services. Cloud Migration Correct Answer is The process of transitioning all or part of a company's data, applications, and services from on-site premises behind the firewall to the cloud, where the information can be provided over the Internet on an on-demand basis. Cloud OS Correct Answer is A form of cloud storage where the enterprise and storage service provider are separate and the data is stored outside of the enterprise's data center. Software as a Service (SaaS) Correct Answer is A distributed model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources. Storage Cloud Correct Answer is The collection of multiple distributed and connected resources responsible for storing and managing data online in the cloud. TCI Reference Architecture Correct Answer is A methodology and a set of tools that enables security professionals to leverage a common set of solutions that fulfill their common needs to be able to assess where their internal IT and their cloud providers are in terms of security capabilities and to plan a roadmap to meet the security needs of their business. Vendor Lock-in Correct Answer is Highlights where a customer may be unable to leave, migrate, or transfer to an alternate provider due to technical or non-technical constraints. Vertical Cloud Computing Correct Answer is The optimization of cloud computing and cloud services for a particular vertical (e.g., a specific industry) or specific-use application. Virtualization Technologies Correct Answer is Enable cloud computing to become a real and scalable service offering due to the savings, sharing, and allocations of resources across multiple tenants and environments. All-or-Nothing-Transform with Reed-Solomon (AONT-RS) Correct Answer is Integrates the AONT and erasure coding. This method first encrypts and transforms the information and the encryption key into blocks in a way that the information cannot be recovered without using all the blocks, and then it uses the IDA to split the blocks into m shares that are distributed to different cloud storage services (the same as in SSMS). Anonymization Correct Answer is The act of permanently and completely removing personal identifiers from data, such as converting personally identifiable information (PII) into aggregated data. Bit Splitting Correct Answer is Usually involves splitting up and storing encrypted information across different cloud storage services. Business Impact Analysis (BIA) Correct Answer is An exercise that determines the impact of losing the support of any resource to an organization, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and supporting systems. Control Correct Answer is Acts as a mechanism to restrict a list of possible actions down to allowed or permitted actions. Crypto-shredding Correct Answer is The process of deliberately destroying the encryption keys that were used to encrypt the data originally. Data Loss Prevention (DLP) Correct Answer is Audit and prevent unauthorized data exfiltration. Degaussing Correct Answer is Using strong magnets for scrambling data on magnetic media such as hard drives and tapes. Digital Rights Management (DRM) Correct Answer is Focuses on security and encryption to prevent unauthorized copying limit distribution to only those who pay. Encryption Correct Answer is An overt secret writing technique that uses a bidirectional algorithm in which humanly readable information (referred to as plaintext) is converted into humanly unintelligible information (referred to as ciphertext). Encryption Key Correct Answer is A special mathematical code that allows encryption hardware/software to encode and then decipher an encrypted message. Enterprise DRM Correct Answer is Integration plan designed by Digital Equipment Corp. to provide an operation platform for multi-vendor environment. Homomorphic Encryption Correct Answer is Enables processing of encrypted data without the need to decrypt the data. It allows the cloud customer to upload data to a cloud service provider for processing without the requirement to decipher the data first. Infrastructure as a Service (IaaS) Correct Answer is A model that provides a complete infrastructure (e.g. servers, internetworking devices) and allows companies to install software on provisioned servers and control the configurations of all devices. Key Management Correct Answer is The generation, storage, distribution, deletion, archiving, and application of keys in accordance with a security policy. Masking Correct Answer is A weak form of confidentiality assurance that replaces the original information with asterisks or X's. Non-Repudiation Correct Answer is The assurance that a specific author actually did create and send a specific item to a specific recipient, and that it was successfully received. With assurance of non-repudiation, the sender of the message cannot later credibly deny having sent the message, nor can the recipient credibly claim not to have received it. Obfuscation Correct Answer is The convoluting of code to such a degree that even if the source code is obtained, it is not easily decipherable. Personal Data Correct Answer is Any information relating to an identified or identifiable natural person data subject; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural, or social identity. Personally Identifiable Information (PII) Correct Answer is Information that can be traced back to an individual user, e.g. your name, postal address, or e-mail address. Personal user preferences tracked by a Web site via a cookie is also considered personally identifiable when linked to other personally identifiable information provided by you online. Record Correct Answer is A data structure or collection of information that must be retained by an organization for legal, regulatory or business reasons. Service Level Agreement (SLA) Correct Answer is A formal agreement between two or more organizations: one that provides a service and the other the recipient of the service. It may be a legal contract with incentives and penalties. Tokenization Federated Single Sign-on (SSO) Correct Answer is Single sign-on (SSO) systems allow a single user authentication process across multiple IT systems or even organizations. SSO is a subset of federated identity management, as it relates only to authentication and technical interoperability Identity and Access Management (IAM) Correct Answer is The security discipline that enables the right individuals to access the right resources at the right times for the right reasons ISO/IEC 27034-1 Correct Answer is Represents an overview of application security. It introduces definitions, concepts, principles and processes involved in application security Multi-factor Authentication Correct Answer is A method of computer access control which a user can pass by successfully presenting authentication factors from at least two of the three categories: knowledge factors, such as passwords. Combines two or more independent credentials: what the user knows, what the user has and what the user is. Organizational Normative Framework (ONF) Correct Answer is A framework of so-called containers for all components of application security best practices catalogued and leveraged by the organization Quality of Service (QoS) Correct Answer is Refers to the capability of a network to provide better service to selected network traffic over various technologies, including Frame Relay, Asynchronous Transfer Mode (ATM), Ethernet and 802.1 networks, SONET, and IP- routed networks that may use any or all of these underlying technologies Sandbox Correct Answer is A testing environment that isolates untested code changes and outright experimentation from the production environment or repository, in the context of software development including Web development and revision control Security Assertion Markup Language (SAML) Correct Answer is A version of the SAML standard for exchanging authentication and authorization data between security domains Static Application Security Testing (SAST) Correct Answer is A set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities STRIDE Threat Model Correct Answer is Derived from an acronym for the following six threat categories; Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, Elevation of privilege Web Application Firewall (WAF) Correct Answer is An appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. Community cloud Correct Answer is This cloud infrastructure is provisioned for exclusive use by a specific community of organizations with shared concerns (e.g., mission, security requirements, policy, and compliance considerations). Converged networking model Correct Answer is Optimized for cloud deployments and utilizes standard perimeter protection measures. The underlying storage and IP networks are converged to maximize the benefits for a cloud workload. Domain Name System (DNS) Correct Answer is A hierarchical, distributed database that contains mappings of DNS domain names to various types of data, such as Internet Protocol (IP) addresses. DNS allows you to use friendly names, such as www.isc2.org, to easily locate computers and other resources on a TCP/IP-based network. Domain Name System Security Extensions (DNSSEC) Correct Answer is A suite of extensions that adds security to the Domain Name System (DNS) protocol by enabling DNS responses to be validated. Specifically, DNSSEC provides origin authority, data integrity, and authenticated denial of existence. Honeypot Correct Answer is Consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers. Host Intrusion Detection Systems (HIDS) Correct Answer is Monitors the inbound and outbound packets from the device only and will alert the user or administrator if suspicious activity is detected. Hybrid cloud Correct Answer is This cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds). ISO IEC 27001:2013 Correct Answer is Help organizations to establish and maintain an ISMS. An ISMS is a set of interrelated elements that organizations use to manage and control information security risks and to protect and preserve the confidentiality, integrity, and availability of information. Logical design Correct Answer is Part of the design phase of the SDLC in which all functional features of the system chosen for development in analysis are described independently of any computer platform Multi-tenancy Correct Answer is Data center networks that are logically divided into smaller, isolated networks. They share the physical networking gear but operate on their own network without visibility into the other logical networks. Oversubscription Correct Answer is Occurs when more users are connected to a system than can be fully supported at the same time. Private cloud Correct Answer is This cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on- or off-premises. Public cloud Correct Answer is This cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. Qualitative assessments Correct Answer is Typically employ a set of methods, principles, or rules for assessing risk based on non-numerical categories or levels (e.g., very low, low, moderate, high, very high). Quantitative assessments Correct Answer is Typically employ a set of methods, principles, or rules for assessing risk based on the use of numbers. This type of assessment most effectively supports cost-benefit analyses of alternative risk responses or courses of action. Remote Desktop Protocol (RDP) Correct Answer is A protocol that allows for separate channels for carrying presentation data, serial device communication, licensing information, and highly encrypted data (keyboard, mouse activity).