Learn fundamental concepts regarding securing a cloud environment.
THM Room : https://tryhackme.com/room/introductiontocloudsecurityc6
TASK 1 Introduction
I am ready to get started.
No Answer.
TASK 2 Architectural Concepts of Cloud
In Infrastructure as a Service, what will be deployed by the vendor (Hardware or Software)?
Answer : Hardware
What is the type of cloud dedicated to a single customer called?
“In the private cloud, customers will not share the underlying resources (hardware and software) as in the public cloud, and resources are dedicated to a single customer. Organisation A will get a Virtual machine hosted on a system specifically dedicated to a particular customer.”
Answer : Private
TASK 3 Cloud Security Concepts
What is the first phase in the cloud data lifecycle?
Answer : Create
Click the View Site button at the top of the task to launch the static site in split view. What is the flag after completing the exercise?
Followed the steps in the task.
Answer : THM{CLOUD_11101}
TASK 4 Cloud Security Risks Concerning Deployment Models
In which cloud model does the customer become the hostage of cloud providers (vendor locked in)?
Answer : Public
Is it challenging to enforce specific business decisions and procedures in the community cloud (yea/nay)?
Answer : YEA
TASK 5 Security Through Access Management
Are FaceID and biometric types of Authentication factors (yea/nay)?
Answer : YEA
I have completed the practical exercise.
No Answer.
TASK 6 Security Through Policies
In a cloud environment, can we create a policy to enable Database access for a user at a specific time of the day (yea/nay)?
Answer : YEA
I have completed the practical exercise.
No Answer.
TASK 7 Security Through Network Management
Is it a good practice to operate security groups on the principle of “deny all unless allowed explicitly” (yea/nay)?
Answer : YEA
I have completed the practical exercise.
No Answer.
TASK 8 Security Through Storage Management
Encryption of data at rest is unnecessary if we carry out encryption at transit (yea/nay)?
Answer : NAY
I have completed the practical exercise.
No Answer.
TASK 9 Cloud Security - Some Additional Concepts
Is it a good practice to keep Disaster Recovery Backups of a server in the same vicinity or data centre (yea/nay)?
Answer : NAY
I have completed the practical exercise.
No Answer.
TASK 10 Conclusion
I have completed the room.
No Answer.