CompTIA Security+ Certification Bundle (Exam SY0-601) by Glen E. Clarke

CompTIA Security+ Certification Bundle (Exam SY0-601) by Glen E. Clarke

Author:Glen E. Clarke
Language: eng
Format: epub
Publisher: McGraw-Hill Education
Published: 2022-10-15T00:00:00+00:00


Compute Security Controls

In the cloud environment, a compute resource is a resource such as a virtual machine, container, or application service (such as a database service) in the cloud. You can use a number of security controls to secure these compute resources:

■ Security groups You can create different security groups that have different levels of permissions to the resource.

■ Dynamic resource allocation A big feature of cloud compute is that a virtual machine only uses the RAM and disk space that is needed. If there is a high volume of activity, those resources are increased on the fly to handle the workload and then lowered again when the load is lessened.

■ Instance awareness You want to implement security controls that can differentiate between instances of an application service running in the cloud. If you are using a security control that does not understand instances, it is possible that an attacker could create a rogue instance of an application service and possibly perform data exfiltration attacks.

■ Virtual private cloud (VPC) endpoint A virtual private cloud (VPC) is a private network of resources in the cloud. VPC endpoints allow you to communicate with application services over private addresses.

■ Container security Ensure that you are securing your container environment by following security best practices, such as locking down the operating systems running within the container, including securing the root or administrator account.



Download



Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.