1.6 Explain the threats and vulnerabilities associated with operating in the cloud

Cloud service models:

  • SaaS: customer only chooses application; hardware managed by provider; access control

  • PaaS: configurable hardware + software/development tools; data protection

  • IaaS: configurable hardware; VM management (VM escape; virtual host patching; virtual guest issues [patching]; virtual network issues)

  • Cloud deployment models:

    • Public: public cloud provider sells services to consumers

    • Private: internal enterprise service to internal customers

    • Community: several companies work on same platform

    • Hybrid: mix of on-premises, private cloud & public cloud

  • FaaS/serverless architecture: apps are hosted by 3rd party; all server software/hardware management is done by the provider

  • IaC: managing/provisioning DCs using machine-readable files

  • Insecure API: Internet-exposed management APIs can have software vulnerabilities (e.g. anonymous access; plaintext authentication; improper authorisations)

  • Improper key management: unencrypted; Internet-exposed key server; weak/reused key

  • Unprotected storage: insider threats; malicious file entry; impersonation; worm that is auto-synced to the cloud, and spread from the cloud to other users

  • Logging and monitoring:

    • Insufficient logging and monitoring: late detection; undetected password spraying; ignored alerts; unidentified suspicious activity

    • Inability to access: access logs provide info about failed requests made to cloud

Previous1.5 Explain the threats and vulnerabilities associated with specialised technologyNext1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities

Last updated