Bash, the Crucial Exams Chat Bot
AI Bot
Cloud Security and Compliance Basics Flashcards
| Front | Back |
| Name four major compliance standards relevant to cloud security. | HIPAA PCI DSS GDPR and SOX |
| What are the key pillars of IAM? | Identification Authentication Authorization and auditing |
| What are VPC Flow Logs used for? | They capture information about IP traffic going to and from network interfaces |
| What does GRC stand for in cloud security? | Governance Risk and Compliance |
| What is a Cloud Access Security Broker CASB? | A security policy enforcement point between cloud providers and users |
| What is a CSPM tool? | Continuous monitoring to detect and remediate cloud misconfigurations |
| What is a Key Management Service KMS? | A managed service for creating storing and rotating encryption keys |
| What is AWS CloudTrail or equivalent? | A service that records API calls and user activity for auditing |
| What is container image scanning? | Automated analysis of container images to detect vulnerabilities before deployment |
| What is encryption at rest vs encryption in transit? | Rest protects stored data and transit protects data in motion |
| What is infrastructure as code security scanning? | Checking code templates for misconfigurations before provisioning resources |
| What is multi factor authentication MFA? | Requires two or more proof of identity factors before granting access |
| What is the Cloud Shared Responsibility Model? | Defines which security tasks are managed by the cloud provider vs the customer |
| What is the difference between security groups and network ACLs? | Security groups act as virtual firewalls at the instance level while NACLs filter traffic at the subnet level |
| What is the principle of least privilege? | Users and services get only the minimal access rights needed |
| What is zero trust security? | A model where no user or device is trusted by default and verification is required continuously |
| Why is data classification important? | It helps apply appropriate security controls based on data sensitivity |
Front
What is encryption at rest vs encryption in transit?
Click the card to flip
Back
Rest protects stored data and transit protects data in motion
Front
What are the key pillars of IAM?
Back
Identification Authentication Authorization and auditing
Front
Why is data classification important?
Back
It helps apply appropriate security controls based on data sensitivity
Front
What is multi factor authentication MFA?
Back
Requires two or more proof of identity factors before granting access
Front
What is container image scanning?
Back
Automated analysis of container images to detect vulnerabilities before deployment
Front
What is a CSPM tool?
Back
Continuous monitoring to detect and remediate cloud misconfigurations
Front
What is a Key Management Service KMS?
Back
A managed service for creating storing and rotating encryption keys
Front
What is the Cloud Shared Responsibility Model?
Back
Defines which security tasks are managed by the cloud provider vs the customer
Front
What is a Cloud Access Security Broker CASB?
Back
A security policy enforcement point between cloud providers and users
Front
What is infrastructure as code security scanning?
Back
Checking code templates for misconfigurations before provisioning resources
Front
What are VPC Flow Logs used for?
Back
They capture information about IP traffic going to and from network interfaces
Front
What is AWS CloudTrail or equivalent?
Back
A service that records API calls and user activity for auditing
Front
What is the principle of least privilege?
Back
Users and services get only the minimal access rights needed
Front
What does GRC stand for in cloud security?
Back
Governance Risk and Compliance
Front
What is zero trust security?
Back
A model where no user or device is trusted by default and verification is required continuously
Front
Name four major compliance standards relevant to cloud security.
Back
HIPAA PCI DSS GDPR and SOX
Front
What is the difference between security groups and network ACLs?
Back
Security groups act as virtual firewalls at the instance level while NACLs filter traffic at the subnet level
1/17
Examines security measures like encryption, access controls, and governance strategies, ensuring a compliant, secure cloud infrastructure.