Banner

No More Worries!

image Our orders are delivered strictly on time without delay

Paper Formatting

  • Double or single-spaced
  • 1-inch margin
  • 12 Font Arial or Times New Roman
  • 300 words per page

No Lateness!

image 

Our orders are delivered strictly on time without delay

Our Guarantees

image
  • Free Unlimited revisions
  • Guaranteed Privacy
  • Money Return guarantee
  • Plagiarism Free Writing

Cyber Security

Introduction: While an enterprise, as a data owner, has responsibility for ensuring that their data is properly protected, when data is stored with a Cloud Service Provider (CSP), the CSP assumes at least partial responsibility, if not full responsibility, in the role of data custodian. Even with divided responsibilities for data ownership and data custodianship, the data owner does not give up the need for diligence in ensuring that data is properly protected by the custodian.
Question [8 points]: Briefly describe the relationship between the enterprise or cloud consumer, as data owner, and the CSP, as data custodian, regarding data control and responsibility, within each of the three cloud service offerings: IaaS, PaaS, and SaaS. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: Risks to data security in clouds are presented to two basic states of data. The security triad (confidentiality, integrity, and availability) along with risk tolerance determines the nature of data protection mechanisms, procedures, and processes used within the cloud for data security. The key issue is risk exposure to that data within those two states.
Question [4 points]: What are the two basic states of data within the cloud architecture? [Select the best answer.]

Data in motion and data encrypted
Data at rest and data in motion
Data in storage and data at risk
Data in motion and data in transit
Introduction: Several questions about adopting public clouds have to do with what might happen when an external cloud becomes business-critical for the organization. One of these questions involves concern over cloud lock-in.
Question [8 points]: Define cloud lock-in and briefly describe cloud lock-in impacts to business operations and cybersecurity. Describe trends in the cloud industry that address cloud lock-in. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: Security controls are countermeasures or safeguards to prevent, avoid, counteract, detect, or otherwise respond to security risks. They can be technical mechanisms, manual practices, or procedures.
Question [8 points]: Briefly describe NIST-defined security controls in general, the NIST security control structure of classes and families, and the use of NIST security controls within the risk management process. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: Key strategies and best practices for security in cloud computing can form a foundation for security practice within the broader cloud community. Traditional security best practices apply to cloud computing, but CSPs and cloud consumers may be challenged in adopting such practices when they are more general rather than specific to the cloud space.
Question [8 points]: Briefly describe a cloud security best practice in two (2) of the following areas: policy, risk management, configuration management / change control, auditing, vulnerability scanning, or segregation of duties. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: When security controls manage software, system, or network vulnerabilities, this should be done without introducing new vulnerabilities. Implementing security controls with poorly designed applications or systems only guarantees greater complexity. Good security exhibits several qualities and one of them is a tendency to simplicity versus complexity.
Question [4 points]: Is the following statement True or False?

A goal for cloud security is ease of use and easy adoption of security controls. Security controls must be appropriate, effective, and easy to comprehend and navigate by users and administrators.

True
False
Introduction: In multi-tenant cloud computing, security monitoring has importance beyond serving as a means for infrastructure control. By the very nature of a multi-tenant infrastructure, monitoring is necessary on an ongoing basis for near-real-time verification of security. Security monitoring is a key cloud security strategy with important purposes for CSPs and cloud tenants.
Question [4 points]: What are five primary purposes of security monitoring in clouds? [Select the best answer.]

Threat detection; security control configuration; bug exposure; legal activity record; enabling forensics
Threat detection; security control verification; bug exposure; legal activity record; data encryption
Threat detection; security control verification; bug exposure; legal activity record; enabling forensics
Threat detection; security control verification; event data collection; legal activity record; enabling forensics
Event correlation and analysis; security control verification; bug exposure; legal activity record; enabling forensics
Introduction: Organizations implement private clouds for several reasons. One important reason is to gain greater control over cloud implementation. A second important reason is to provide a degree of flexibility and customization to the IT infrastructure of the organization. A private cloud can be more flexible than a public cloud in delivering customized cloud services to groups in the enterprise. Cloud infrastructure deviations can support needs of internal customers and fall into several broad categories.
Question [8 points]: Briefly describe cloud infrastructure deviations in two (2) of the following broad categories. Include a discussion of benefits, challenges, cost impact, etc. Cloud infrastructure deviation categories include [choose two categories about which to write]: hardware platform deviation; network deviation; software platform deviation; or allocation boundaries. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: Private cloud users may access the cloud through the Internet or the internal enterprise. When presenting network connectivity toward enterprise and public Internet users, it is critical that you do not present an opportunity for a non-enterprise user to gain access to enterprise data or to the enterprise.
Question [4 points]: Is the following statement True or False?

When private cloud Internet and enterprise users are segregated in a defense-in-depth manner, user data should not be encrypted.

True
False

Introduction: The physical location of the private cloud and its supporting infrastructure in a data center is important to consider for security. Failures of physical security or of parts of the infrastructure can lead to security breaches or denial-of-service. Some important considerations are 1) acts of nature; 2) business continuity and disaster recovery; 3) physical security and access; 4) security cameras and environmental sensors; 5) fire suppression; and 6) reliable power and data center cooling.
Question [8 points]: Briefly describe the significance and impact of two (2) data center considerations when planning an enterprise data center. Write about two (2) of the five considerations listed in the introduction to this question. [Your answer must contain at least 150 words. Cite any references that you use.]

Introduction: When enterprises adopt public clouds, they usually are unable to directly evaluate the security of CSP vendors. And CSPs do not want to repeatedly incur the cost of answering potential customer's detailed security questions. Often a CSP may state that they are SAS70 or ISO 27002 compliant, but simply stating that a CSP is compliant amounts to self-certification.

Full Answer Section

         
  • SaaS (Software as a Service): In SaaS, the CSP provides a complete software application accessible over the internet. The enterprise has the least control over the underlying infrastructure and software. The CSP assumes the primary responsibility for security, including data protection, application security, and infrastructure security. However, the enterprise is still responsible for securing its own data within the SaaS environment and ensuring compliance with relevant regulations.

Reference: NIST Special Publication 800-145, "The NIST Definition of Cloud Computing"

Question 2:

  • Data at rest and data in motion

Question 3:

  • Cloud Lock-in: Cloud lock-in refers to the situation where an organization becomes overly dependent on a specific cloud provider, making it difficult or costly to migrate to another provider.
    • Impacts:
      • Reduced Flexibility: Limits the ability to leverage competitive pricing or explore alternative solutions.
      • Vendor Lock-in: Can increase reliance on a single vendor, potentially reducing bargaining power and increasing costs.
      • Security Risks: Vendor lock-in can increase security risks if the chosen provider experiences security breaches or service disruptions.
    • Trends Addressing Cloud Lock-in:
      • Open Source Technologies: Utilizing open source technologies and open standards can reduce vendor lock-in by increasing portability and interoperability.
      • Multi-cloud and Hybrid Cloud Strategies: Adopting a multi-cloud or hybrid cloud approach can mitigate vendor lock-in by diversifying across multiple providers.
      • Cloud-Agnostic Architectures: Designing and implementing cloud-agnostic architectures can make it easier to migrate applications and data between different cloud providers.

Reference: Gartner, "Cloud Lock-in: Understanding and Mitigating the Risks"

Question 4:

  • NIST Security Controls: NIST (National Institute of Standards and Technology) provides a comprehensive framework for cybersecurity. NIST security controls are a set of safeguards designed to protect information systems and organizations from various cyber threats.
  • NIST Security Control Structure: NIST organizes security controls into families and classes.
    • Families: Group related controls together (e.g., Access Control, Identification and Authentication, System and Information Integrity).
    • Classes: Further categorize controls within each family (e.g., Access Control: Identification and Authentication, Access Control: Authorization).
  • Use in Risk Management: NIST security controls provide a standardized framework for organizations to assess their security posture, identify and prioritize risks, and implement appropriate security measures. They can be used to guide the selection, implementation, and evaluation of security controls throughout the organization.

Reference: NIST Special Publication 800-53, "Security and Privacy Controls for Federal Information Systems and Organizations"

Question 5:

  • Policy:
    • Least Privilege: The principle of least privilege dictates that users should only be granted the minimum level of access necessary to perform their job duties. This helps to minimize the impact of potential security breaches.
  • Risk Management:
    • Threat Modeling: Conducting regular threat modeling exercises to identify and assess potential threats to cloud environments. This helps organizations prioritize security controls and allocate resources effectively.

Reference: NIST Special Publication 800-30, "Risk Management Framework for Information Systems and Organizations"

Question 6:

True

Question 7:

  • Acts of Nature: Data centers must be designed to withstand natural disasters such as earthquakes, floods, and hurricanes. This includes measures such as raised floors, backup power generators, and robust cooling systems.
  • Business Continuity and Disaster Recovery: Data centers must have robust business continuity and disaster recovery plans in place to ensure that critical operations can continue in the event of a disruption. This may include redundant systems, off-site backups, and disaster recovery sites.

Reference: Uptime Institute, "Data Center Tier Standards"

Question 8:

False

When private cloud Internet and enterprise users are segregated in a defense-in-depth manner, user data should be encrypted both at rest and in transit to enhance security and protect sensitive information.

Sample Answer

         

Question 1:

  • IaaS (Infrastructure as a Service): In IaaS, the CSP provides the fundamental building blocks for cloud IT: compute, storage, and networking. The enterprise retains the highest degree of control over the operating systems, applications, and data. However, the CSP is responsible for the security of the underlying infrastructure, including physical security, network security, and virtualization.
  • PaaS (Platform as a Service): In PaaS, the CSP provides a platform for developers to build, run, and manage applications. The CSP manages the underlying infrastructure, operating systems, and runtime environments. The enterprise has more control over the applications and data, but the responsibility for security is shared between the enterprise and the CSP.

Our Services

image
  • Research Paper Writing
  • Essay Writing
  • Dissertation Writing
  • Thesis Writing

Why Choose Us

image
  • Money Return guarantee
  • Guaranteed Privacy
  • Written by Professionals
  • Paper Written from Scratch
  • Timely Deliveries
  • Free Amendments