in this module, we covered a lot of ground in the realm of application security. We started out by examining the opportunities and the challenges that cloud brings into application security.
We then continued to look at the meta phases of the secure software development lifecycle, taking a deeper dive into secure design and development.
Looking at secure deployments and examining secure operations,
we talked about the application, design and architecture, impacts segregation by default, immutable infrastructure, prevalence of micro services and even pass and serve Earless that we finished off taking a look at Dev ops, the culture, the practices and how it could be aligned to improve your cloud security standing.
So let's have some questions about materials that we learn in this section. You can improve segregation of the management plane by doing which of the following
using past services only
creating separate cloud accounts for each application,
employing Dev ops or adopting immutable workloads.
Think about this 1st 2nd there's only one correct answer. The focus and key words Here are the management plain and segregation that is primarily accomplished by having separate it cloud accounts for each application or logical grouping of applications. This way if one gets compromised, not all of them are compromised in a single swoop.
Using past only services
is definitely going to shift your roles and responsibilities, but it's not necessarily going to have much impact on the management plane. Similarly, employing Dev ops, those philosophies and practices and immutable workloads they're not gonna have a great impact on the management plane.
What is event driven security
when your account is terminated by a provider because of too much pen testing,
invoking an automated response based on notifications set up by your provider
invoking an automated response based on notifications set up by the customer
sending an email to System Madman's whenever certain actions are performed again, there's only one correct answer. You probably quickly narrow it in on B and see how they're very similar, So that would be a great starting point to look at. Another important thing to understand is that event driven security is the responsibility of the customer, and ultimately, the customer is the one that's responsible for
creating these notifications and
the automated responses that should take place. So the correct answer to this one is C,
and that wraps it up for domain 10 applications security. I hope you learned a lot, and I'm eager to continue the process with you