Other
WGU C838 MANAGING CLOUD SECURITY
- Course
- Institution
WGU C838 MANAGING CLOUD SECURITY
[Show more]
Content preview
WGU C838 MANAGING CLOUD SECURITYEucalyptus - answer- Open source cloud computing and IaaS platform for enabling
private clouds
Apache Cloud Stack - answer- Open source cloud computing and IaaS platform
developed to help make creating, deploying, and managing cloud services easier by
providing a complete "stack" of features and components for cloud environments
FIPS 140-2 - answer- NIST document that lists accredited and outmoded cryptosystems
NIST 800-53 - answer- Guidance document with the primary goal of ensuring that
appropriate security requirements and controls are applied to all U.S. federal
government information in information management systems
Four Steps of a Business Requirements Analysis - answer- 1. inventory of all assets (#)
2. valuation of each asset ($)
3. determination of critical paths, processes, and assets
4. clear understanding of risk appetite
Cloud Provider Defense Roles - answer- - strong personnel controls (background
checks, and continual monitoring)
- technological controls (encryption, event logging, and access control enforcement)
- physical controls
- governance mechanisms and enforcement (policies and audits)
Cloud Customer Defense Roles - answer- - training programs for staff and users
- contractual enforcement of policy requirements
- use of encryption and logical isolation mechanisms
- strong access control methods
Key Components of Strong Data Retention Policies - answer- 1. Retention periods
2. Applicable regulation
3. Retention formats
4. Data classification
5. Archiving and retrieval procedures
6. Monitoring, maintenance and enforcement
CSA STAR Program - answer- Designed to provide an independent level of program
assurance for cloud consumers
Consists of: 1. Cloud Controls Matrix (CCM): A list of security controls and principles
appropriate for the cloud environment, cross-referenced to other control frameworks
such as COBIT, ISO standards, and NIST pubs; arranged into separate security
domains
, 2. Consensus Assessments Initiative Questionnaire (CAIQ): A self-assessment
performed by cloud providers, detailing their evaluation of the practice areas and control
groups they use in providing their services
The 3 Levels of CSA STAR Program - answer- Level One: Self-Assessment: Requires
the release and publication of due diligence assessments against the CSA's Consensus
Assessment Initiative Questionnaire and/or Cloud Matrix (CCM)
Level Two: CSA STAR Attestation: Requires the release and publication of available
results of an assessment carried out by an independent third party based on CSA CCM
and ISO 27001:2013 or an AICPA SOC 2
Level Three: CSA STAR Continuous Monitoring: Requires the release and publication
of results related to the security properties of monitoring based on the CloudTrust
Protocol
API - answer- Application Programming Interface
A set of routines, standards, protocols, and tools for building software applications to
access a web-based software application or tool
ISO/IEC 27034-1 - answer- One of the most widely accepted set of standards and
guidelines for secure application development; provides an overview of network and
infrastructure security designed to secure cloud applications; key elements include the
organizational normative framework (ONF), the application normative framework (ANF),
and the application security management process (APSM)
Data Masking - answer- a program that protects privacy by replacing personal
information with fake values
ITAR - answer- International Traffic in Arms Regulations
United States regulation; prohibitions on defense-related exports; can include
cryptography systems.
EAR - answer- Export Administration Regulations
United States regulation; prohibitions on dual-use items (technologies that could be
used for both commercial and military purposes).
The 3 Types of Database Encryption - answer- 1. File-level - encrypting the volume or
folder of the database, with the encryption engine and keys residing on the instances
attached to the volume; protects from media theft, lost backups, and external attack but
does not protect against attacks with access to the application layer, the instance's OS,
or the database itself
2. Transparent - encrypting the entire database or specific portions, such as tables;
encryption engine resides within the database, and it is transparent to the application;
keys usually reside within the instance, although processing and management of them
may also be offloaded to an external KMS; provides effective protection from media
theft, backup system intrusions, and certain database and application-level attacks
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller GEEKA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78121 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now