Pular para o conteúdo principal

Compartilhe

Airbnb

O Airbnb possui seu próprio sistema de cadastro interno. Porém, no momento do check-in, muitos anfitriões solicitam documentos e chegam a tirar fotos do hóspede segurando o documento.  O problema é que esses dados ficam armazenados diretamente no aparelho do anfitrião, sem qualquer garantia de proteção adequada. Essa prática levanta sérias dúvidas sobre a segurança da informação e a conformidade com a LGPD (Lei Geral de Proteção de Dados) . Além disso, há relatos de que dados pessoais são enviados para portarias de condomínios, ampliando ainda mais os riscos de exposição. O Airbnb precisa aprimorar urgentemente esse tipo de conduta, estabelecendo protocolos claros de proteção e armazenamento de dados. A ausência de respostas transparentes da empresa sobre o nível de segurança dessas práticas demonstra uma falha significativa na forma como a plataforma lida com informações sensíveis de seus usuários.
Postar um comentário
Leia mais

Fundamentals of Cloud Security

Fundamentals of Cloud Security

4.7 (3 avaliações)
economies of scale and agility
Clique no cartão para virá-lo 👆
1 / 77
Termos nesta lista (77)
Which value can be achieved by the ability to pool resources in cloud computing?

resource aggregation
economies of scale and agility
application consolidation
elasticity
economies of scale and agility
Which cloud solution is hosted in-house and usually is supported by a third party?

distributed workforce
cloud infrastructure
on-premises
infrastructure as a service
on-premises
Which software development concept that also has been applied more generally to IT says that additional future costs for rework are anticipated due to an earlier decision or course of action that was necessary for agility but was not necessarily the most optimal or appropriate decision or course of action?

role-based access control
technical debt
software lifecycle
runtime environment
technical debt
In which cloud service model are customers responsible for securing their virtual machines and the virtual machine operating systems, and for operating system runtime environments, application software, and application data?

platform as a service (PaaS)
identity as a service (IaaS)
software as a service (SaaS)
infrastructure as a service (IaaS)
infrastructure as a service (IaaS)
Which type of hypervisor is hosted and runs within an operating system environment?

Type 1
Type 2
Type 3
Type 4
Type 2
Which cloud security best practice is deployed to ensure that every person who views or works with your data has access only to what is absolutely necessary?

set appropriate privileges
keep cloud software updated
build security policies and best practices into cloud images
review default settings
set appropriate privileges
Which security consideration is associated with inadvertently missed anti-malware and security patch updates to virtual machines?

hypervisor vulnerabilities
VM sprawl
dormant VMs
intra-VM communications
dormant VMs
Which cloud security compliance requirement uses granular policy definitions to govern access to SaaS applications and resources in the public cloud and to apply network segmentation?

access governance
compliance auditing
configuration governance
real-time discovery
access governance
Which DevOps CI/CD pipeline feature requires developers to integrate code into a repository several times per day for automated testing?

continuous delivery
continuous deployment
continuous identity
continuous integration
continuous integration
Which phased approach of hybrid cloud security requires networking and security solutions that not only can be virtualized but also are virtualization-aware and can dynamically adjust as necessary to address communication and protection requirements, respectively?

consolidation servers within trust levels
dynamic computing fabric
consolidation servers across trust levels
selective network security virtualization
dynamic computing fabric
Which SASE security-as-a-service layer capability provides visibility into SaaS application use, understands where sensitive data resides, enforces company policies for user access, and protects data from hackers?

secure web gateway (SWG)
data loss prevention (DLP)
firewall as a service (FWaaS)
cloud access security broker (CASB)
cloud access security broker (CASB)
Which security technology is designed to help organizations embrace the concepts of cloud and mobility by providing network and network security services from a common cloud-delivered architecture?

cloud native
secure access service edge (SASE)
platform as a service
distributed cloud
secure access service edge (SASE)
Which cloud native security platform function remediates vulnerabilities and misconfigurations consistently across the entire build-deploy-run lifecycle?

automation
integration
visibility
continuity
automation
Which Prisma SaaS feature connects directly to the applications themselves and provides continuous silent monitoring of the risks within sanctioned SaaS applications, with detailed luminosity that is not possible with traditional security solutions?

granular data visibility
large scale data control
data exposure visibility
contextual data exposure
data exposure visibility
Which sanctioned SaaS use control prevents known and unknown malware from residing in sanctioned SaaS applications, regardless of source?

threat prevention
data visibility control
risk prevention
data exposure control
threat prevention
Which type of algorithm does Prisma SaaS use to sort sensitive documents into top-level categories for document classification and categorization?

dynamic programming
supervised machine learning
artificial intelligence
recursive
supervised machine learning
In which cloud computing service model does a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure?
A. platform as a service (PaaS)
B. infrastructure as a service (IaaS)
C. software as a service (SaaS)
D. public cloud
A. platform as a service (PaaS)
Which NIST cloud service model does not require the customer organization to do any programming?
A. IaaS
B. PaaS
C. FaaS
D. SaaS
D. SaaS
Which NIST cloud service model requires the customer to keep the operating system up to date?
A. IaaS
B. PaaS
C. FaaS
D. SaaS
A. IaaS
Which NIST cloud service model limits your choice of runtime environments in which an application can be written?
A. IaaS
B. PaaS
C. FaaS
D. SaaS
B. PaaS
Which NIST cloud deployment model would you recommend for a startup that does not have much money to pay for hosting or a data center and needs a 24x7 server?
A. public
B. private
C. community
D. hybrid
A. public
A news company can serve all requests from their data center 95% of the time. However, some days there is a huge demand for news updates. Which NIST deployment model is recommended for the company?
A. public
B. private
C. community
D. hybrid
D. hybrid
You are responsible for the security of the application, the runtime, and the VM operating system. Which cloud deployment model are you using?
A. SaaS
B. FaaS
C. PaaS
D. IaaS
D. IaaS
Which component may be shared with other cloud tenants even when using IaaS?
A. application
B. runtime
C. virtual machine (guest)
D. physical machine (host)
D. physical machine (host)
Two companies use Gmail for their email (SaaS). Which two components may be transparently shared between them? (Choose two.)
A. address book
B. application code
C. messages
D. message database
E. user identities
B. application code

D. message database
Which cloud service model lets you install a firewall to protect your information?
A. SaaS
B. PaaS
C. FaaS
D. IaaS
D. IaaS
Which option is a type 2 hypervisor?
A. hosted
B. native
C. bare-metal
D. imported
A. hosted
Which cloud provider calls its IaaS service Elastic Computing Service (ECS)?
A. Alibaba
B. AWS
C. Azure
D. GCP
B. AWS
Which of the following security issues can cause a long patched vulnerability to resurface?
A. VM sprawl
B. intra-vm communications
C. hypervisor vulnerabilities
D. dormant virtual machines
D. dormant virtual machines
Which cloud use model runs just one container per virtual machine?
A. serverless
B. containers as a service (CaaS)
C. standard docker containers
D. VM-integrated containers
D. VM-integrated containers
Which cloud use model allows you to use containers without having to manage the underlying hardware and virtualization layers, but still lets you access the underlying virtualization if needed?
A. serverless
B. containers as a service (CaaS)
C. standard docker containers
D. VM-integrated containers
B. containers as a service (CaaS)
Ten containers running on five virtual machines are spread between two type 1 hypervisors. How many OS instances are you running?
A. 2
B. 5
C. 7
D. 17
B. 5
Ten containers running on five virtual machines are spread between two type 2 hypervisors. How many OS instances are you running?
A. 2
B. 5
C. 7
D. 17
C. 7
Which cloud use model restricts your choice of a runtime environment to the environments supported by the cloud provider?
A. serverless
B. on-demand containers
C. containers as a service (CaaS)
D. standard docker containers
A. serverless
Which three attributes are advantages of serverless computing, when compared with CaaS? (Choose three.)
A. reduced costs
B. increased control over the workload
C. increased ability to monitor and identify problems
D. increased agility
E. reduced operational overhead
A. reduced costs
D. increased agility
E. reduced operational overhead
Which continuous processes replaces manual checks with automated code testing and deployment?
A. integration
B. development
C. delivery
D. deployment
D. deployment
What are the two meanings of the CI/CD pipeline? (Choose two.)
A. continuous integration/continuous delivery
B. continuous implementation/continuous delivery
C. continuous integration/continuous deployment
D. continuous implementation/continuous deployment
A. continuous integration/continuous delivery
C. continuous integration/continuous deployment
Which step of the CI/CD pipeline cannot be automated?
A. Coding
B. Integration
C. Testing
D. Monitoring
A. Coding
Which step of the CI/CD pipeline is the ideal place for automated penetration testing?
A. Coding
B. Integration
C. Testing
D. Deployment
C. Testing
What is the meaning of a SaaS application that is advertised as being HIPPA compliant?
A. Regardless of how you configure the application for your enterprise, you will be HIPPA compliant.
B. If your administrator configures the security settings on the application correctly, you will be HIPPA compliant.
C. If your administrator and your users use the application correctly, you will be HIPPA compliant.
D. If your administrator and your users use the application correctly, the application will not cause you to not be HIPPA compliant.
D. If your administrator and your users use the application correctly, the application will not cause you to not be HIPPA compliant.
Which systems must you secure to ensure compliance with security standards?
A. the servers in the data center
B. the devices owned by the enterprise, whether they are servers in the data center, cloud vms you manage, or user endpoint devices
C. any system where the data for which you are responsible goes
D. every device that is either owned by the enterprise, or used by enterprise employees
C. any system where the data for which you are responsible goes
GDPR compliance is required to do business in which area?
A. United States of America
B. Canada
C. China
D. European Union
D. European Union
How would a port filter firewall classify access to the URL https://example.com:22/this/page?
A. HTTP
B. HTTPS
C. Telnet
D. SSH
D. SSH
Intra-VM traffic is also known as which type of traffic?
A. north-south
B. unknown
C. east-west
D. untrusted
C. east-west
What is the term for traffic between a web site and a local database that stores information for it?
A. north-south
B. east-west
C. unknown
D. cloud
B. east-west
What is the term for traffic between a web site and a remote user's browser?
A. north-south
B. east-west
C. unknown
D. cloud
A. north-south
Which type of traffic can stay contained in a single physical server?
A. north-south
B. east-west
C. unknown
D. trusted
B. east-west
Which type of traffic can be secured by a physical appliance?
A. north-south
B. east-west
C. unknown
D. cloud
A. north-south
What stage of an attack is typically east-west traffic?
A. reconnaissance
B. weaponization
C. lateral spread
D. actions on the objective
C. lateral spread
1. What does the first phase of implementing security in virtualized data centers consist of?
A. consolidating servers across trust levels
B. consolidating servers within trust levels
C. selectively virtualizing network security functions
D. implementing a dynamic computing fabric
B. consolidating servers within trust levels
Which action is part of the compute security pillar?
A. user and entity behavior analytics (UEBA)
B. Microservice-aware micro-segmentation
C. integration with the CI/CD workflow
D. automated asset inventory
C. integration with the CI/CD workflow
Which action is part of the compute cloud governance and compliance pillar?
A. user and entity behavior analytics (UEBA)
B. Microservice-aware micro-segmentation
C. integration with the CI/CD workflow
D. automated asset inventory
D. automated asset inventory
Which action is part of the identity security pillar?
A. user and entity behavior analytics (UEBA)
B. Microservice-aware micro-segmentation
C. integration with the CI/CD workflow
D. automated asset inventory
A. user and entity behavior analytics (UEBA)
Which action is part of the network security pillar?
A. user and entity behavior analytics (UEBA)
B. Microservice-aware micro-segmentation
C. integration with the CI/CD workflow
D. automated asset inventory
B. Microservice-aware micro-segmentation
What does SASE stand for?
A. Service Access SEcurity
B. Semi-Accessible Sensitive Environment
C. Secrets Accessible in a Secure Environment
D. Secure Access Service Edge
D. Secure Access Service Edge
Which two types of services does SASE provide? (Choose two.)
A. Storage
B. security
C. networking
D. compute
C. networking
What are the two advantages of SASE? (Choose two.)
A. a single physical point of ingress into the organization
B. a single logical point of ingress into the organization
C. a single physical point of egress out of the organization
D. a single logical point of egress from the organization
B. a single logical point of ingress into the organization
D. a single logical point of egress from the organization
True or False? Prisma SaaS is used to protect sanctioned SaaS use, as part of an integrated security solution that includes next-generation firewalls to prevent unsanctioned SaaS use. Prisma SaaS communicates directly with the SaaS applications themselves and therefore does not need to be deployed inline and does not require any software agents, proxies, additional hardware, or network configuration changes.
False
True or False? Prisma SaaS protects data in hosted files and application entries.
True
Who is responsible for the software of a sanctioned SaaS application?
A. provider
B. IT department
C. line of business that uses it
D. users
A. provider
Who is responsible for the security settings of a sanctioned SaaS application?
A. provider
B. IT department
C. line of business that uses it
D. users
B. IT department
Which SecOp function is proactive?
A. Identify
B. Investigate
C. Mitigate
D. Improve
D. Improve
Which SecOp function requires processing large amounts of information, and typically is automated?
A. Identify
B. Investigate
C. Mitigate
D. Improve
A. Identify
Which three options partially comprise the six elements of SecOps? (Choose three.)
A. People
B. Networking
C. Data storage
D. Technology
E. Processes
A. People
D. Technology
E. Processes
Which three options partially comprise the six elements of SecOps? (Choose three.)
A. Visibility
B. Disaster recovery
C. Business
D. Interfaces
E. Regular audits
A. Visibility
C. Business
D. Interfaces
What does SOAR stand for?
A. Security Operations Automation for Reaction
B. Secure Operations And Research
C. Security Operations, Analysis, and Research
D. Security Orchestration, Automation, and Response
D. Security Orchestration, Automation, and Response
What is the relationship between SIEM and SOAR?
A. SIEM products implement the SOAR business process.
B. SIEM and SOAR are different names for the same product category.
C. SIEM systems collect information to identify issues that SOAR products help mitigate.
D. SOAR systems collect information to identify issues that SIEM products help mitigate.
C. SIEM systems collect information to identify issues that SOAR products help mitigate.
What is the advantage of automated responses over manual responses?
A. speed
B. accuracy
C. flexibility
D. user friendliness
A. speed
Which environment allows you to install an appliance that sees all traffic?
A. LAN when people work from home
B. Non-virtualized data center
C. virtualized data center
D. VPC network
B. Non-virtualized data center
An analysis tool raised an alert, but the security analyst who researched it discovered it wasn't a problem. Which type of finding is this?
A. false positive
B. true positive
C. false negative
D. true negative
A. false positive
An analysis tool's machine learning identified, correctly, that the network is infected by a worm. What type of finding is this?
A. false positive
B. true positive
C. false negative
D. true negative
B. true positive
True or False? The key to Cortex XDR is blocking core exploit and malware techniques, not individual attacks.
True.
Which two advantages does endpoint protection technology have over network traffic analysis? (Choose two.)
A. ability to identify most common attacks by their symptoms
B. deployed and managed centrally
C. easier to deploy endpoint protection when people work from home
D. detects command and control channels
E. can easily identify worms
A. ability to identify most common attacks by their symptoms

C. easier to deploy endpoint protection when people work from home
What is the order in which the endpoint checks if a new program is safe?
A. behavioral threat protection, then local analysis, then WildFire query
B. local analysis, then behavioral threat protection, then WildFire query
C. WildFire query, then local analysis, then behavioral threat protection
D. local analysis, then WildFire query, then behavioral threat protection
C. WildFire query, then local analysis, then behavioral threat protection
Of the endpoint checks, what is bypassed for known programs?
A. WildFire query
B. behavioral threat protection
C. local analysis
D. Firewall analysis
C. local analysis
Which three operating systems are supported by Cortex XDR? (select three)
A. z/OS
B. Linux
C. macOS
D. Minix
E. Android
B. Linux
C. macOS
E. Android
What does Cortex XSOAR use to automate security processes?
A. bash scripts
B. Windows PowerShell
C. playbooks
D. Python scripts
C. playbooks

Enviar esta postagem

Comentários

Postar um comentário

Como usar um Agente OSINT IA

Pericia Digital

Ebook

Postagens mais visitadas