Get ahead with a $300 test prep scholarship
| Enter to win by Tuesday 9/24
CCSP Domain 3: Cloud Platform & Infrastructure Security
Terms in this set (114)
What are seven Countermeasures to address Access controls
- Building access
- Computer floor access
- Cage or rack access
- Access to physical servers
- Hypervisor access
- Guest system access
- Database access rights
What is the purpose of automating technical controls?
- Helps to ensure immediate and comprehensive implementation
What are five key BC/DR Questions
- Required Recovery Point Objective (RPO)
- Is the data valuable enough for BC/DR
- Required Recovery Time Objective (RTO)
- Does the RTO include provider failure
- What kind of disasters are include in the analysis
What are eight BC/DR Options
- On-premise, cloud as BC/DR
- Cloud Consumer, primary BC/DR
- Cloud consumer alternate BC/DR/BC/DR Plan
- Clearly defined roles
- Risk assessment
- Policies and procedures
- Awareness and training
BC/DR Planning Factors (4)
- Important Assets: Data and processing
- Current asset locations
- Networks between assets and sites of processing
- Actual and potential location of workforce and business partners
BC/DR Risks Requiring Protection (5)
- Damage from natural causes
- Wear and tear on equipment
- Availability of qualified staff
- Utility service outages
- Failure of a provider to deliver services
BD/DR Strategy Risks (3)
- Involves redundant architecture, or failover tactics
- Common failure modes will still exist
- DR site likely to be geographically remote from primary
What are five new main Cloud attacks vectors?
- Guest Breakout
- Identity compromise, either technical or social
- API compromise
- Attacks on the provider's infrastructure and facilities
- Attacks on the connecting infrastructure
What are two key Compute parameters of a cloud server?
- Number of CPUs
- Amount of RAM
Compute characteristics (4)
- No attached disks
- Multiple network interfaces
- Multiple processors and cores
- Engineering trade-off can be made toward providing reliability in software
Content Delivery Networks
A service where data is replicated across the global internet
What are the two purposes for Continuous up-time?
- Resilient against individual component failure
- Update of individual components should not impact the cloud infrastructure uptime
Countermeasure strategies: Design Principles (3)
- Highly recommended to implement multiple layers of defense against any risk
- For a control that directly addresses a risk, there should be an additional control to catch failure of the first control
- Who watches the watchman
Data Center Design & Redundancy (6)
- Backup Power
- Multiple Independence cooling units
- Multiple power lines
- Multiple PDUs
- Multiple building entrances
- Multiple external entry points for power and network
Database as a services
A managed database service
DR/BC Strategy Points (6)
- Data replication
- Functional replication
- Event anticipation
- Failover event
- Return to normal
Functionality Replication (2)
- Re-creating the processing capacity on a different location
- Could be simple or complex
Identification Options (2)
- Public Cloud: OpenID, Oauth, SCIM
- Corporate Env - AD, LDAP, etc
Identity Management (2)
-Entire process of registering, provisioning, and deprovisioning identities
- Managing identities' access rights
Key regulations (3)
- North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)
What are four Cloud Computing Legal risks?
- Data protection
- Law enforcement
What are four key Management plane activites?
- Key function is to create, start and stop VM's
- Typically runs its own servers
- Integrates authentication, access control, logging and monitoring resources
- Primary interface is the API toward the resources and toward the users
What are six key items in Network Functionality ?
- Address allocation
- Access control
- Bandwidth allocation
- Rate limiting
Non-cloud specific risks (6)
- Natural disasters
- Unauthorized facility access
- Social engineering
- Network attacks on the consumer and on the provider side
- Default passwords
- Other risks
What is Object Storage ?
Typically the way to store OS images, which the Hypervisor boots in to running instances
Physical Environment (6)
- Expensive hardware
- High power densities
- Enormous and immediate downtime impact
- Multiple levels of service
- Electrical power and cooling
- Network connectivity/Floor space, rack space, cages
Policy and Organization Risk (4)
- Provider lock-in
- Loss of governance
- Compliance risks
- Provider exit
Risk Audit (5)
- Provides reasonable assurance that adequate risk controls exist and are operationally effective
- Part of quality system
- Demonstration of quality
Risks Assessment and Analysis (5)
- Policy and Organization Risk
- Technical Risk
- Specific Technical Risks
- Legal Risks
- Non-cloud specific risks
With Type 2 hypervisor architecture, what are five key risks
- Security flaws in the hypervisor can lead to malicious software
- A flawed hypervisor could facilitate inter-VM attacks
- Network traffic between VMs is not necessarily visible to physical network security control
- Resource availability to VMs
- VMs and their disk images are simply files somewhere
What is Scalability?
The ability to run multiple "Guest" OS's (VM's) and their associated applications on a single physical host
Security Alliance Cloud Controls Matrix
A framework to enable cooperation between cloud consumers and providers on demonstrating adequate risk amanagement
What is a Software-defined network (SDN's)?
Provide a clearly defined and separate network control plane to manage network traffic on a more abstract level than through direct management that is separated from the forwarding plane
What are six Cloud-Specific risks
- Management plane breach
- Resource exhaustion
- Isolation control failure
- Insecure or incomplete data deletion
- Control conflict risk
- Software-related risks
- Persistent mass storage incloud computing typically consists of spinning or SSD drives
- Drives are often grouped to provide redundancy
System and Communication Protection components (9)
- Storage controllers
- Volume management
- IP Address management
- Security group management
- VM image service
- ID management/service
- Management databases
- Guest OS protection
Technical risk overview (3)
- Cloud providers have larger technology scale than cloud consumers and traditional IT departments
- Single points of failure risk
- Control over technical risk will shift to provider
Virtual Machine Controls (4)
- Configuration logs
- Automated vuln scan
- Auto registration in CMDB
- Asset management system
What are two key drivers for Virtualization?
- Sharing underlying resources to enable more efficient use of HW.
- Easier mgmt through reduced personnel resources and maintance
Virtualization key drivers
Sharing underlying resources for better economics/Easier management through reduced resourcing and maintenance
What are three Virtualization risks?
- Guest Breakout
- Snapshop and image security
What is a Cloud Service Consumer?
A person or organization that maintains a business relationship with the uses services from the Cloud Service Provider (CSP)
What is a Cloud Service Provider (CSP)?
A person, organization or entity responsible for making a cloud service available to service cosumers
What is a Cloud Carrier?
The intermediary that provides the connectivity and transport of cloud services between theCSPs and the Cloud Service Consumsers
What is a "reservation" resource?
The creation of a guaranteed minimum resource allocation the host must meet
What is a "limit" resource?
It creates a maximum ceiling fo the resource allocation and may be fixed or expandable.
What are "share" resources?
The concept of "shares" is uses to arbitrate the issues associated with compute resource contention.
What is a Hypervisor?
A piece of Software, Firmware, or Hardware that gives teh impression to the guest OS's they are operating on physical HW.
What are the characteristics of a Type 1 Hypervisor?
- Commonly known as bare-metal, embedded or native
- Works directly on teh HW of the host and can monitor the OS's that run above the hypervisor
- small footprint as the main task is sharing and managing HW resources between the guests
What are the characteristics of a Type 2 Hypervisor?
- installed on TOP of the hosts OS adn supports other Guests OS's
- Is Completely DEPENDENT on the host OS for operations
What is the "management plane"?
Allows the administrator to remotely manage any or all of the hosts,
What are two key factors of Cloud Risk Mgmt?
Cloud Risk mgmt should be Linked to "Corporate Governance" and "Enterprise Risk Mgmt".
What is Enterprise Risk mgmt?
The set of processes and structure to systematically manage all risks to the enterprise
What is Corporate Governance?
A broad area describing the relationship between the shareholders and other stakeholders vs Sr. Mgmt of the corporation
What are four key third party cloud service provider risks?
- Provider Lock-in
- Loss of governance
- Compliance risks
- Provider Exit
What is "Provider Lock-in" Risk
the situation in which a consumer has made significant "vendor-specific" investments leading to a high cost to swich
What is "Loss of Governance" Risk
the consumer not being able to implement all required controls and not realizing their required level of security and potential compliance risks
What is a "Compliance" Risk
A specific cloud vendor and solution may not be able to fulfill all the obligations (PII, HIPAA, SOX).
What is a "Provider-Exit" Risk
what the provider is no longer willing or capable of providing the service (IE: bankruptcy or restructuring)
When does a "Risk Exist?
A risk exists if there is the potential failure to meet any requirement (technical, performance, operability, integration, and protection)
What is a compensating control?
For a control that directly addresses a risk, there should be an additional control to catch the "failure" of the first control
What is the definition of "RAID"
Redundant Array of Inexpensive Disks
What is the Failure rate of a Disk Drive
3-5% per year
what is Cloud Governance?
It describes the relationship between the shareholders and other stakeholders in the organization
What is Enterprise Risk Management?
It is a set of processes and structure to systematically manage all risks to the enterprise.
What are five new Cloud Attack Vectors?
- Guest Breakout
- Identity Compromise
- API Compromise
- Attacks on Provider Infrastructure
- Attacks on Connecting Infrastructure
What is the key countermeasure strategy as a compensating control
There should be an additional control to catch the failure of the first control
What is the purpose for cloud infrastructure designed for continuous uptime
- To be resilient against component failure
- To allow components to be updated without affecting the cloud uptime
What is a "user-centric" approach to cloud services access control
Every user request is bundles with the users identity
What does "HIPAA" stand for?
Healthcare Insurance Portability and Accountability Act
What does "PCI DSS" stand for
Payment Card Industry Data Security Standard
What does "NERC CIP" stand for
North American Electric Reliability Corporation Critical Infrastructure Protection.
What is the purpose of layered access controls at Data Center Faciliites
These controls are implemented to Deter, Detect, Delay and Deny unauthorized access
What does "DAR" stand for?
Data At Rest
What does "DIM" stand for?
Data In Motion
What does "DIU" stand for?
Data In Use
What is a "trust zone"?
Defined as a network segment within which the data flows freely.
What is the Purpose of a "trust zone"?
To segregate the physical infrasturcture
What are two standard protocols used by Identity Providers
What does "SAML" stand for
Security Assertion Markup Language
Define "Authentication" as it pertains to Managing Authentication
The process of establishing with adequate certainty the identity of an entity
Define "Authorization" as it pertains to Managing Authorization
Authorization is the process of granting access to resources.
Define "Accounting" as it pertains to Accounting Resources
Measures the resources a user consumes during access
Define "Identity Management"
The entire process of registering, provisioning, and deprovisioning identities and their attributes
Define "Access Management"
Managing the identities' access rights.
What is the "Entitlement Process"
The process starts with business and security requirements that translate into a set of rules that represent a risk decision
What is the purpose of a "Risk Audit"
provide a reasonable assurance that adequate risk controls exist and are operationally effective
What is a essential component of an "Audit"
The Evidence that controls are actually operational
Business Continuity Plan
Disaster Recovery Plan
What does a Business Continuity Plan (BCP) provide?
Allows a business to plan what it needs to do in the event of a disaster
What does a Disaster Recovery Plan (DRP) provide?
Allows a business to plan for what needs to happen to RECOVER from an event
Recovery Service Level
Recover Point Objective
Recovery Time Objective
What is a Recovery Point Objective (RPO)?
Helps determine how much information must be recovered and restored.
What is a Recovery Time Objective (RTO)?
The time measure of how fast you need each system up and running in the event of a disaster
What is Recovery Service Level (RSL)?
It is a percentage measurement of how much computing power is necessary from the production level needed to perform
What are five top risks a Business Continuity Disaster Recovery plan should protect against?
- Damage from Natural causes
- Wear and tear
- Personnel Availability
- Utility Service Outages
- Failure of the Cloud Service Provider
What is BCDR?
Business Continuity Disaster Recover
What are inputs for requirements of BCDR planning?
include identification of critical business processes and their dependence on specific data and services
Requirements for a BCDR may be derived from what?
Company internal policies and procedures, applicable legal, statutory or regulatory compliance
What is the Purpose of the Analysis phase of the BCDR?
To translate requirements into input to be used in the design phase
What are the four most important inputs of the BCDR to the design phase?
- Performance objectives
What are five residual risks involve the evaluation of the CSP
- Elasticity of the CSP
- Contractual issues
- Available network Bandwidth
- Available Bandwidth between the users and the BCDR locations
- Legal and licensing
What is the objective of the BCDR Design phase?
to establish and evaluate candidate architecture solutions.
What are five testing strategies for a BCDR?
- Expectations of business lines and support functions
- Description of depth and breadth of testing
- Involvement of staff, IT and facilities
- Expectations for testing and inter-dependencies
- Evaluation of reasonable assumptions
What is the objective of a testing program?
to ensure that the Business Continuity Planning (BCP) process is accurate, relevant, and viable
Test plans should identify what?
Quantifiable measurements of each test objective and reviewed to ensure they can be implemented as designed
Test scenarios should include what?
A variety of threats, event type and crisis mgmt situations and vary
Test plans should communicate what?
They should clearly communicate the predefined test scope and objectives and provide relevant information to participants.
What is the objective of a Tabletop Exercise/Walkthrough
The primary objective is to ensure that critical personnel from all areas are familiar with the BCP
What are six key tests in a walk-through/simulation test?
- Attendance by key operational/support personnel
- practice and validation
- Focus on demonstration of knowledge and skills
- Role playing with simulated response
- Mobilization of Crisis Mgmt and Response teams
- Varying degrees of actual associations and resources
What is the Goal of a Functional Drill/Parallel Test?
To determine whether critical systems can be recovered at the alternate processing site and if personnel can deploy the BCP