Bash, the Crucial Exams Chat Bot
AI Bot
Cloud Security and Compliance Basics Flashcards
CompTIA Cloud+ CV0-004 (V4) Flashcards
| Front | Back |
| Name four major compliance standards relevant to cloud security. | HIPAA PCI DSS GDPR and SOX |
| What are the key pillars of IAM? | Identification Authentication Authorization and auditing |
| What are VPC Flow Logs used for? | They capture information about IP traffic going to and from network interfaces |
| What does GRC stand for in cloud security? | Governance Risk and Compliance |
| What is a Cloud Access Security Broker CASB? | A security policy enforcement point between cloud providers and users |
| What is a CSPM tool? | Continuous monitoring to detect and remediate cloud misconfigurations |
| What is a Key Management Service KMS? | A managed service for creating storing and rotating encryption keys |
| What is AWS CloudTrail or equivalent? | A service that records API calls and user activity for auditing |
| What is container image scanning? | Automated analysis of container images to detect vulnerabilities before deployment |
| What is encryption at rest vs encryption in transit? | Rest protects stored data and transit protects data in motion |
| What is infrastructure as code security scanning? | Checking code templates for misconfigurations before provisioning resources |
| What is multi factor authentication MFA? | Requires two or more proof of identity factors before granting access |
| What is the Cloud Shared Responsibility Model? | Defines which security tasks are managed by the cloud provider vs the customer |
| What is the difference between security groups and network ACLs? | Security groups act as virtual firewalls at the instance level while NACLs filter traffic at the subnet level |
| What is the principle of least privilege? | Users and services get only the minimal access rights needed |
| What is zero trust security? | A model where no user or device is trusted by default and verification is required continuously |
| Why is data classification important? | It helps apply appropriate security controls based on data sensitivity |
Examines security measures like encryption, access controls, and governance strategies, ensuring a compliant, secure cloud infrastructure.