Domain 10 Knowledge Recap

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
10
Video Transcription
00:01
>> In this module, we covered a lot of
00:01
ground in the realm of application security.
00:01
We started out by examining the opportunities and
00:01
the challenges that Cloud
00:01
brings into application security.
00:01
We then continued to look at the meta-phase of
00:01
the secure software development life cycle.
00:01
Taking a deeper dive into secure
00:01
>> design and development,
00:01
>> looking at secure deployments,
00:01
and examining secure operations.
00:01
We talked about the application design and
00:01
architecture impacts, segregation by default,
00:01
immutable infrastructure, prevalence of micro-services,
00:01
and even PaaS and serverless.
00:01
Then we finished off taking a look
00:01
at DevOps, the culture,
00:01
the practices, and how it can be
00:01
aligned to improve your Cloud security standing.
00:01
Let's have some questions
00:01
about materials that we learned in this section.
00:01
You can improve segregation of
00:01
the management plane by doing which of the following?
00:01
Using PaaS services only,
00:01
creating separate Cloud accounts for each application,
00:01
employing DevOps or adopting immutable workloads.
00:01
Think about this for a second,
00:01
there's only one correct answer.
00:01
The focus and keywords here are
00:01
the management plane and segregation.
00:01
That is primarily accomplished by
00:01
having separated Cloud accounts for
00:01
each application or logical grouping of applications.
00:01
This way, if one gets compromised,
00:01
not all of them are compromised in a single swoop.
00:01
Using PaaS only services is
00:01
definitely going to shift your roles
00:01
and responsibilities,
00:01
but it's not necessarily going to
00:01
have much impact on the management plane.
00:01
Similarly, employing DevOps, those philosophies and
00:01
practices and immutable workloads,
00:01
they're not going to have a great impact
00:01
on the management plane.
00:01
What is event-driven security?
00:01
When your account is terminated by
00:01
a provider because of too much pen testing,
00:01
invoking an automated response based on
00:01
notifications setup a by a provider,
00:01
invoking an automated response based on
00:01
notifications setup by the customer,
00:01
sending an email to system
00:01
admins whenever certain actions are performed.
00:01
There's only one correct answer.
00:01
You probably quickly narrowed in on
00:01
B and C, how they're very similar.
00:01
That would be a great starting point to look at.
00:01
Another important thing to understand is that
00:01
event-driven security is
00:01
the responsibility of the customer,
00:01
and ultimately the customer is the one
00:01
that's responsible for creating
00:01
these notifications and
00:01
the automated responses that should take place.
00:01
The correct answer to this one is C,
00:01
and that wraps it up for Domain 10 Application Security.
00:01
I hope you learned a lot and I'm
00:01
eager to continue the process with you.
Up Next