Cloud Computing - Cloud Security

0.0(0)
studied byStudied by 0 people
full-widthCall with Kai
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/42

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

43 Terms

1
New cards

Cybersecurity

The practice of protecting systems, networks, and data from digital attacks, unauthorized access, and damage.

2
New cards

Confidentiality, Integrity, and Availability

The three core principles of cybersecurity; CIA Triad.

3
New cards

Confidentiality

Ensuring information is only accessible to authorized individuals.

4
New cards

Integrity

Guaranteeing that data cannot be modified or deleted without proper authorization.

5
New cards

Availability

Ensuring that systems and data are accessible and usable when needed, even after disruptions.

6
New cards

Principle of Least Privilege

Users and systems should only have the minimum access rights necessary to perform their tasks.

7
New cards

Default Deny Principle

Anything not explicitly allowed is automatically prohibited.

8
New cards

IP Address

A unique identifier for a machine or instance on a network, typically written in dotted quad notation (e.g., 192.168.1.1).

9
New cards

Private IP Ranges

Non-routable IP ranges used within private networks — 10.0.0.0/8 (large), 172.16.0.0/12 (medium), 192.168.0.0/16 (small).

10
New cards

TCP/IP

Transmission Control Protocol/Internet Protocol; the foundational communication protocol for the internet.

11
New cards

Port Number

A numerical identifier that directs traffic to the correct service or application on a device.

12
New cards

Well-Known Ports

Ports 0–1,023 reserved for core services (e.g., HTTP, FTP, SSH).

13
New cards

Registered Ports

Ports 1,024–49,151 assigned to user or application processes.

14
New cards

Dynamic Ports

Ports 49,152–65,535 used for private or temporary connections.

15
New cards

Risk

The combination of a vulnerability and a corresponding threat.

16
New cards

Risk Assessment

The process of identifying and prioritizing risks based on likelihood and impact.

17
New cards

Likelihood

The probability that a risk will materialize.

18
New cards

Impact

The potential effect if a risk materializes.

19
New cards

Risk Avoidance

Eliminating risk by changing practices (e.g., relocating a data center away from a flood zone).

20
New cards

Risk Transference

Shifting risk to another party (e.g., buying insurance).

21
New cards

Risk Mitigation

Reducing the likelihood or impact of a risk (e.g., flood barriers).

22
New cards

Risk Acceptance

Acknowledging and accepting the risk without further action.

23
New cards

Firewall

A security system that monitors and controls incoming/outgoing network traffic based on rules.

24
New cards

Firewall Rule

Defines action (allow/deny), source, destination, port, and protocol for network traffic.

25
New cards

Implicit Deny Principle

Any traffic not explicitly permitted by firewall rules is blocked.

26
New cards

Security Groups

Virtual firewalls in cloud environments (e.g., AWS EC2) used to control traffic.

27
New cards

DMZ (Demilitarized Zone)

A subnetwork that exposes external-facing services (e.g., web servers) to untrusted networks like the internet.

28
New cards

Port Scanning

Technique used to discover open ports and services on a system.

29
New cards

Vulnerability

A flaw in code, system, or process that can be exploited.

30
New cards

Patch

A fix released by vendors to remediate vulnerabilities.

31
New cards

Window of Exposure

The time between when a vulnerability is discovered and when it is patched.

32
New cards

Vulnerability Scanning

Automated probing of systems for known weaknesses.

33
New cards

Backups

Copies of data used to restore availability after disruptions.

34
New cards

Snapshots

User-controlled backup mechanism in services like AWS EC2.

35
New cards

Identity and Access Management (IAM)

Processes that manage identification, authentication, and authorization for system access.

36
New cards

Identification

The act of claiming an identity (e.g., entering a username).

37
New cards

Authentication

Verifying an identity using credentials (e.g., password, biometrics).

38
New cards

Authorization

Granting permissions to access specific services/resources after authentication.

39
New cards

Authentication Factors

Categories of proof used to verify identity — something you know, are, or have.

40
New cards

Something You Know

Knowledge-based authentication such as a password or PIN.

41
New cards

Something You Are

Biometric authentication such as fingerprints, eye scans, or facial recognition.

42
New cards

Something You Have

A physical item like a smartphone, smart card, or key fob used for authentication.

43
New cards

Multifactor Authentication

Combining two or more authentication factors from different categories (e.g., password + fingerprint).