- 1.Explain the “Shared Responsibility Model.” What is the cloud provider responsible for, and what is the business (customer) responsible for?
- What is a cloud misconfiguration, and can you provide an example (e.g., a public S3 bucket)?
- Why are Identity and Access Management (IAM) policies so critical in a cloud environment?
answer
The Shared Responsibility Model is a cloud security concept that explains how security responsibilities are divided between the cloud provider and the business (customer).
- The cloud provider is responsible for the security of the cloud, including physical data centers, hardware, networking, servers, and the core cloud infrastructure to ensure the platform is secure and available. Meanwhile, the customer or business is responsible for security in the cloud, such as managing data, configuring services, controlling user access, securing applications, and properly setting system configurations.
- 2.A cloud misconfiguration is an incorrect or insecure cloud setting that creates a security risk. For example, a public S3 bucket that is accidentally configured to allow public access can expose sensitive data to anyone on the internet, leading to data breaches.
- 3.Identity and Access Management (IAM) policies are critical in a cloud environment because they control who can access specific resources and what actions they can perform. Proper IAM policies enforce the principle of least privilege, prevent unauthorized access, reduce security risks, and ensure that only authorized users can interact with cloud resources.
Status: 100%
Keterangan: Telah dikerjakan sebaik mungkin.

