Are you familiar with how cloud computing works and the risks associated with it? If you’re planning to take the Security+ exam, it’s something you might like to review. For example, can you answer this sample practice test question?
Q. Of the following choices, which one is a cloud computing option that allows customers to apply patches to the operating system?
A. Hybrid cloud
B. Software as a Service
C. Infrastructure as a Service
D. Private
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Understanding Cloud Computing
Cloud computing is one of those catchy terms that has captured our imagination. It just sounds cool. “To the cloud….” You can use cloud-computing technologies to host hardware, such as servers, and to host data.
Even though the phrase cloud computing is relatively new, the concept isn’t. In short, cloud computing simply refers to accessing computing resources via a different location than your local computer. In most situations today, you’re accessing these resources through the Internet.
As an example, if you use web-based email such as Gmail, you’re using cloud computing. More specifically, the web-based mail is a Software as a Service cloud computing service. You know that you’re accessing your email via the Internet, but you really don’t know where the physical server hosting your account is located. It could be in a data center in the middle of Virginia, tucked away in Utah, or just about anywhere else in the world.
Cloud computing is very useful for heavily utilized systems and networks. As an example, consider the biggest shopping day in the United States—Black Friday, the day after Thanksgiving, when retailers go into the black. Several years ago, Amazon.com had so much traffic during the Thanksgiving weekend that its servers could barely handle it. The company learned its lesson, though. The next year, it used cloud computing to rent access to servers specifically for the Thanksgiving weekend, and, despite increased sales, it didn’t have any problems.
As many great innovators do, Amazon didn’t look on this situation as a problem, but rather an opportunity. If it needed cloud computing for its heavily utilized system, other companies probably had the same need. Amazon now hosts cloud services to other organizations via its Amazon Elastic Compute Cloud (Amazon EC2) service. Amazon EC2 combines virtualization with cloud computing and they currently provide a wide variety of services via Amazon EC2.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Cloud Computing Risks
Many cloud-computing solutions are blended. They combine data and operating systems, located in the cloud. Although this can provide benefits because you reduce your own data center’s footprint, it also presents risks.
One of the primary drawbacks to cloud computing is that you lose physical control of your data. You often won’t even know where the data is stored. Employees at the cloud data center can easily steal your data, and you may not know it until the thief has exploited the data. It’s also possible for employees to make mistakes that suddenly grant access to your data to anyone.
As an example, consider a glitch that occurred at Dropbox in June 2011. Dropbox is a cloud storage site used by about 25 million customers to store files such as documents, videos, and photos. After an update to their site, visitors could use any password to access accounts. Obviously, that wasn’t the intent of the update. The company’s official statement was that the glitch impacted only 1 percent of its customers, but 1 percent of 25 million people is still a lot of people.
Many security professionals say that the only data you should put in the cloud is data you’re willing to give away. After all, that’s exactly what you may be doing.
Q. Of the following choices, which one is a cloud computing option that allows customers to apply patches to the operating system?
A. Hybrid cloud
B. Software as a Service
C. Infrastructure as a Service
D. Private
Answer is C. Infrastructure as a Service (IaaS) is a cloud computing option where the vendor provides access to a computer, but customers must manage the system, including keeping it up to date with current patches.
A hybrid cloud is a combination of a public cloud and a private cloud.
Software as a Service (SaaS) provides access to applications, such as email.
An IaaS solution can be public, private, or a hybrid solution.
Do you know the different cloud service models? You might like to view the Understanding Cloud Service Models blog post here.
