• Home
  • CSA
  • CCSK Certificate of Cloud Security Knowledge Dumps

Pass Your CSA CCSK Exam Easy!

100% Real CSA CCSK Exam Questions & Answers, Accurate & Verified By IT Experts

Instant Download, Free Fast Updates, 99.6% Pass Rate

CCSK Premium Bundle

$79.99

CSA CCSK Premium Bundle

CCSK Premium File: 232 Questions & Answers

Last Update: Feb 28, 2024

CCSK Training Course: 45 Video Lectures

CCSK PDF Study Guide: 495 Pages

CCSK Bundle gives you unlimited access to "CCSK" files. However, this does not replace the need for a .vce exam simulator. To download VCE exam simulator click here
CSA CCSK Premium Bundle
CSA CCSK Premium Bundle

CCSK Premium File: 232 Questions & Answers

Last Update: Feb 28, 2024

CCSK Training Course: 45 Video Lectures

CCSK PDF Study Guide: 495 Pages

$79.99

CCSK Bundle gives you unlimited access to "CCSK" files. However, this does not replace the need for a .vce exam simulator. To download your .vce exam simulator click here

CSA CCSK Exam Screenshots

CSA CCSK Practice Test Questions in VCE Format

File Votes Size Date
File
CSA.testking.CCSK.v2024-01-15.by.brahim.28q.vce
Votes
1
Size
37.06 KB
Date
Jan 17, 2024
File
CSA.pass4sure.CCSK.v2020-06-07.by.lincoln.24q.vce
Votes
2
Size
28.91 KB
Date
Jun 07, 2020

CSA CCSK Practice Test Questions, Exam Dumps

CSA CCSK Certificate of Cloud Security Knowledge exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. CSA CCSK Certificate of Cloud Security Knowledge exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the CSA CCSK certification exam dumps & CSA CCSK practice test questions in vce format.

Core Cloud Computing Concepts

5. Resource Pooling - 3rd Characteristics

Hello friends. Welcome to this lecture on resource pooling. So resource pulling is the third characteristic out of the five essential characteristics of cloud computing; the first was on-demand self service.The second one, which we had, was broad network access. And this is the third one, which is resource pulling. So let's get into the details. Okay, what does it actually mean and how will it be beneficial for cloud service providers as well as for cloud customers? So again, we have taken this definition and explanation from the NIS. So, what does it say about the provider—is a cloud service provider also a cloud vendor? We are talking about providers computing Resources are pooled to serve multiple consumers using a multi-tenant model. I'll come to this point later on, with the different physical and virtual sources dynamically assigned and reassigned according to the consumer demand. So let's pay attention over here, which says that because in the case of cloud vendors, there would be a number of customers, and they would have different kinds of demands. So in order to serve those kinds of demands, the cloud providers should have a pool of resources, right? number of resources in terms of supporting multiple consumers or multiple customers. So in a way, the line that I have underlined, "multi-tenant model," means that on the same hardware, or maybe, let's say, on the same server, they are having multiple VMs running, and those VMs might be running for different customers. Let's say if a server is having ten VMs,there could be a possibility that those ten VMsare being used by the five different organizations. So they should be able to serve multiple customers using the multi-tenant environment with the different physical and virtual resources, and the consumer can assign and reassign the resources as per their need. And there's one other thing that we need to understand in the case of resource pulling: there is a sense of location independence in that the customer generally has no control over or knowledge over the exact location of the provider's resources, but may be able to specify location at a higher level of obstruction. Example country, state, or data center Let me give you an example. If you are from a security background and trying to understand this cloud, in that case there might be a regulatory requirement or a compliance requirement that says an organisation should be aware of where their data is located, whether that means in a state, a country, or at a higher level, and they should be aware of that. So just to help in the case of resource pooling, since a number of data centres in a particular region might be connected with each other, customers should be able to get the idea that, okay, this is where I'm placing my data. So, in the event of a cloudy winter, they're treating various regions such as Singapore, North Virginia, Ireland, and so on. So let's say my compliance requirements say that my data should not go out of India or out of, let's say, the US. As a result, I should be able to keep my data in that specific area or state only. So customers should be able to get that particularinformation that okay from a country or from astate perspective where their data is lying. So again, this is a different type of compliance requirement. Maybe, depending on the organisation or business you are running. Again, different compliance requirements may apply to those businesses, such as HIPAA, GXP, PCI, DSS for payment card industries, and HIPAA for medical. So depending on the different compliance requirements, this is applicable. So, as an example of resources, what we are talking about is storage, processing, memory, or a network. What does "resource pulling" actually mean? So in a simple sense, if you are looking for a cloud vendor, let's say this is AWS, SEO, or Google. So they should be having resource pooling or the integration of all these things in such a way that they can have an unlimited number of resources within this pool. So that any customer with a different need or with a huge demand can be served, So in that case, as in cloud vendor, you shouldhave a pool of resources, means, let's say at anypoint of time, I need two terabytes of Ram andI need it immediately or within next one. Or the cloud provider should be able to provide for the customers; they should not say that they don't have that particular capacity, right? So in that case, the kind of resource pulling, the integration of things, and the available sources should be available at all times within the cloud service providers to serve the customers. So, from the standpoint of a cloud customer, whatever sources you require, depending on your needs, they should have such a large pool that you can pull out the chunk as per your requirement, and then once your requirement is completed, you can pull those things and put them back into that specific pool. So from a cloud perspective, again, we'llthink from both perspective, cloud customer, cloudservice provider perspective and cloud customer perspective. So let's say you are a cloud customer and you are using this cloud service provider. In that case, there are a number of resources that are available to you, and those are provided by the cloud service provider, and you can choose to use those services to run your business. In that case, you're a happy customer, and again, your internal customers would be happy, and you're running your business pretty smoothly. Whenever there is a spike, you can get the resources and all those things. Similarly, as a cloud service provider, if you're able to satisfy and have a pool of such a huge number of resources, you're able to satisfy the needs of different organisations with the different business models and different types of businesses they are having.In that case, they have more trust in you, and you'll be able to earn a good amount of money. So this is a win-win situation again for both resources. So when we say, "Okay," there are different resources pulling resources. So what resource do we actually need? If you'll think from that perspective, in case I want to move to the cloud, what resources will I need? I need computer sources, right? I may be require networks, number of cardsor a particular level of bandwidth is required. Maybe a storage pool is required. I need a certain amount of hard disc space to save my data or to apply logic to the data. So depending on my needs, the pool of resources and tight integration should be there within the cloud provider to serve the customers in a better way. So this is about resource pooling, which is the third essential characteristic that an expert says you should look for when choosing a cloud customer. So now just think from that perspective about how good baselines are being provided by the NYSD to customers when they are looking to provision cloud services. So thank you, friends. Thank you for watching this lecture. I hope you have really enjoyed this lecture. We'll see you at the next lecture. Thank you. Bye.

6. Rapid Elasticity - 4th Characteristics

Friends, welcome to this lecture on rapid elasticity, which is our fourth essential characteristic of NIS. So we'll study and dig deep into what it is and how it helps both service providers and consumers. So rapid elasticity if I'll go by the definitionof NIST which says that capabilities or the featurescapabilities in terms of services can be elastically provisionedand released or in some cases it should beautomatically means whatever the services or we are lookingfor can be elastically provisioned and in some casesit should be automatic without the intervention means wecan apply some kind of logic wherein the servicesshould be provisioned automatically with the help of alogical give you an example over here to scalerapidly outward and inward depends on the demand ofthe customer to the consumers the capability available forprovisioning often appear to be unlimited and can beappropriated in any quantity at any point of time. See, rapid elasticity is, let's say, if there is a huge spike coming in and I want to serve my customers depending on the spike, then I should be able to get those resources from the cloud vendor. Just think, for example, that okay, the big billion-dollar sale is coming, and then Black Friday is coming, right? So in all those cases, a decade ago, what the Amazon organisation used to do was provision huge infrastructure at the back end to really serve the kind of traffic they imagined on that particular day. So, let's say I know that tomorrow is a big billion day, or a Devali sale, or a Valley of the Holy, or a New Year's or a Christmas sale, right? So I can prospect for that kind of traffic that would be coming to my website. In that case, what I'll do is generally what the vendors used to do: they used to provision a huge amount of infrastructure at the back end. Let's say if there is a spike, they should be able to serve those customers and get those particular amounts from whatever sales they would do, right? But, as we've seen in the past, and I'll give you an example, the amount of traffic directed at those specific giants was massive. that the kind of infrastructure they prepared for themselves was not even sufficient. So in that case, what happened was they actually lost those particular customers and that particular sale on that day. So it was kind of a loss to the consumers. However, using cloud computing and looking for this rapid elasticity feature within the cloud provider, if there is a need to serve those customers or that particular spike, the cloud provider will be able to handle it or will be able to provide the back end for you. So let's say, like I said, there is a normal business operation or business activities running, and you know that, okay, this will be the only kind of servers or infrastructure required at the back end to serve the business. Then you can continue using that particular infrastructure. You'll be charged for that. Let's say you know that a devaluation sale or a New Year's sale is coming up in ten days. So in that case, you can either provision the infrastructure or automatically set that particular workflow or logic. So let's say if my CPU goes morethan 80% or 70%, then the automatically aservice should be provisioned at the back ends. In that case, cloud services will be automatically able to provision a particular VM or a particular service for you with the help of the configuration that you have decided on. So that whenever there is a spike or a load, you should be able to get those specific customers or sales in case, say, after two days or after New Year's Sale, you don't really need that particular infra. So accordingly, you can deprovision that kind of infrastructure. This is really a very solid characteristic of rapid elasticity. So you can imagine from an organisation that the kind of infrastructure used to provision such a massive amount of Capex was required to prepare to buy that infrastructure, then the kind of expenditure was there to have those engineers in place and to do that integration. Providing information such as IP addresses Firewalls and all those things creating VLANs and putting those servers into them so that traffic could be handled. But suppose the worst-case scenario is that the high traffic outnumbers your entire arrangement, the customers, or you can say that organisations that run this type of business used to suffer, but with the help of rapid elasticity. This is really helpful. So you can say that there are other things—which I say is critical to cost reduction in the case of cloud vendors, right? So let's say if the infrastructure is not required, you can just deprovision this particular service or that particular infrastructure, and you'll not be charged for that. But let's say if it is the case in your typical traditional IT environment, then you have already paid in advance to procure that information, right? But in case of cloud, so it is likeit will automatically if you have used for 10hours, you'll be charged for 10 hours only. So similarly, as you have applied the logic to increase the infrared, you can apply the logic to decrease the infrared. Let's say if my CPU percentage goes below 20%, then decrease one server or decrease three servers. So I can apply all this logic within my cloud environment. So just think from the cloud, and consumers will again check for both perspectives. if these kinds of features are provided to you and the capacity is really unlimited. You'll be able to serve your customers without having to incur the capital expenditures associated with procuring that particular offer. And again, you'll have happy customers, and all your needs will be met. Similarly, if you are a cloud service provider with a strong back end infrastructure, a variety of giants can come to you and have their needs met in order to truly serve their traffic. Consider customers who enjoy Netflix, the type of streaming application, and the streaming company that offers live data streaming. So all these organisations are using the cloud in front.They are able to support their million customers by using different devices, right? So just think of the power of a cloud these days. So the two factors are, like I said, critical to construction and time to market, which means quickly. You'll be able to provision the infrared, you'll be ableto serve the needs as per the market demand. Okay? So, like I said, I'll show you one story that will really help you understand the feature of elasticity. So, I still remember that about two or three years ago, there was this Flipcart ecommerce giant. Their owners basically sent an apology email to the customers because they claim that some big billion-day sale will be coming where they'll be offering huge discounts to the customers. What happened was that day was that they provisionthe infrastructure to meet the demands like they expected. But the kind of traffic that came to their website was really unexpected, and the kind of infrared they were using was not able to support that kind of traffic. And there was a huge loss in sales and in customers. So as a result, they sent this particular email. You can see from this that we saw an unprecedented interest in our products and traffic like never before. We also realise that we were not adequately prepared for the sheer scale of the event. So you can imagine that I still remember the details of this email where they said that they provisioned some 50 or 5000 servers at the backend just to handle the spike. But the spike which came was unbelievable and theywere not able to handle that particular traffic. So you can imagine the kind of loss that would have been to the organisation on that particular day. So, after another two, three years, I againheard the story that really to reap thesekind of benefits because they offer these kindof chains, traffic keep on increasing and thecustomer bases still increasing, increasing. So they flipped and actually moved to the Microsoft cloud to really provide the services. Microsoft has just signed a large cloud deal with India's largest e-commerce marketplace, Flipkart. So they took the decision that, OK, they'll be using the cloud services to have the information and provide services to the customer. So just to share an example, now they can use the rapid elasticity feature of the cloud, where there is such a huge demand that if it comes from Microsoft, you would be able to provide that. So this is it for this lecture. My dear friends, I hope you have really enjoyed this lecture. Thank you for watching. We'll see you at the next lecture.

7. Measured Service - 5th Characteristics

Hello friends. In this lecture, we'll study the fifth and last characteristics of cloud computing, namely measured service. So we have studied four characteristics till now. So this is the last one. So what is measured in services? This is the most important characteristic, but not the least one.So-called measured services pay as you go. As you can see in the diagram, So it's similar to the number of cloud services you'll use. You will be paying for those services only. So let's see what this definition says, and we'll dig deep, dive into this particular service, and try to understand how it helps organisations and the cloud service provider. So it says that the cloud systems, like servers and storage, automatically control and adjust the source usage by leveraging a metering capability at some level of abstraction, whatever the kind of mechanism that cloud vendors are providing to the customers. So that's appropriate to the type of service being used, like storage, processing, bandwidth, or the number of users who are currently active, right? As a result, they should be doing some kind of abstraction at the layers of the various mechanisms they have. So that whatever type of services for number ofhours being used by the customers like storage, processingor bandwidth, they should be charged as per thehourly rate being defined by the cloud providers. So in another sense, it says that resource usage can be monitored, controlled, reported, and made transparent for both the provider and the consumer of the utilised resources. So let's say, for example, there is one server, and you can say that on that particular server, on a physical host, there are ten VMs running. So they should be doing some kind of abstraction at the host layer of that particular physical host. So, if there are ten VMs and three organisations use them, they should be able to pull out the report and say, "Okay, each organisation has used this many VMs for these many hours, or these many computers for these many hours, and they should be charged accordingly." And cloud providers should be providing transparency in their reports, saying, "Okay, this is the report, these are the resources they have used from this time to this time, and they are billed according to that." So companies can purchase computing sources to match their fluctuating needs and will be charged for that particular usage only, right? So let's study with an example of withhelp of example, let's say there is acompany A, company B and company C. So each and every organisation has different needs. "OK, ATGBam they've been using for the last 5 hours," Company A might say. Similarly, company B said that they have used 50 TB of storage in three days in the case of AWS or in the case of any cloud vendor or cloud platform they have chosen, right? Similarly, he stated that they had used 200 GPS or bandwidth. So you can see that the different organisations have different needs. So they should be charged according to the services they have chosen. It should not be like when company A uses 80 GB of RAM and is charged for the vCPU. So they are using 50 terabytes of storage. They should not be charged for the 100 terabytes of storage. So cloud providers should be providingtransparency to the cloud customers. That's okay, boss; you have used these services, or organisation B; you have used 50 terabytes of storage in three days. So this is our per-hourly rate. You'll be charged according to that only. And one more thing in transparency, which is a good feature if you think about it from the standpoint of a cloud consumer, wherein the type of services and the amount of services you have used are what you are paying for. So it would be really beneficial for you to pay only for what you have used. That means when there was a spike, you used the resources for that particular time, and you'll be billed for that particular time only. And when there was no spike, you went about your business as usual, and again you were charged for your normal infrastructure usage. So it is a very good feature, which again comes from this NASD perspective, which says that this is the fifth characteristic you look for when you want to choose a cloud service provider. So this is the fifth essential characteristic, which will again help the organisation reduce costs if they have a detailed metering capability provided by the cloud service provider. So, how does it benefit the cloud service provider? As we discussed with these customers, So, if you provide such transparency to users again, they will return to you, or word of mouth will spread in the market, and you will be able to increase the number of customers or revenue for cloud service providers. So again, in terms of measured service, what I can say is all these resources, which are pooled within the cloud environment, are monitored and reported to the consumers about their usage, their consumption rates, and their costs. So just think from the perspective that if you have worked in IT for, let's say, five or six years, you can see that a measured service or billing is required at each and every department level to reflect the amount of IT or the IT equipment that has been used. So this was always a pain point forthe organisations to charge different business units thatokay, how much info they have used, howmuch It services they have been used. So getting the dollar value was verydifficult, is very difficult really today alsoin case of traditional environment. But as soon as cloud adoption comes into the picture in that case, It is very easy. You can charge the different business units and create the different accounts within AWS, and they'll be charged according to their services in that case. The life for the business management group has also become easier, so this is about major service In the following videos, we'll see a live demonstration to see how we can correlate it to different, say, cloud vendors, so I'll try to log into the Amazon console and show you that, okay, how these characteristics are present in the online present within the console or within the cloud vendors. I hope you have really enjoyed this lecture. Thank you. Thank you for watching.

8. Cloud Security - Shared Responsibility Model

Hello friends. So welcome to this course on the Cloud Security Shared Responsibility Model. See, we have already gone through different service models, deployment models, and the core concepts of cloud, and after that, we will dig into the core concepts of cloud security. And before digging further, this is a very important model or concept we need to understand because, in this case of the cloud, we know that there are different responsibilities between the cloud service provider and the customer. So cloud security or the "shared responsibility model" is what we need to understand. So we should be clear about which things we should leave to the CSP and which things we as customers, as organizations, are responsible for implementing security. So let's study that, okay? What is there in the cloud security shared responsibility model? A very important concept to understand is shown in the diagram on the right side. So it is about the responsibility for the cloud service model, which is about GRC, governance, risk, and compliance, data security, and application security. So all these things are on the left. Then we are comparing it with the different service models like IS, PASS, and SAS. So remember, these models we have already studied; now we are studying how security is being managed. So who is responsible for what in the case of different service models? So before digging into this diagram, let's study that, okay? Security and compliance are a shared responsibility between the CSP and the customer. All of the red areas are for its providers, as you can see. And then a shared model can help relieve the customer's operational burden as CSPs operate. So in this case, when we know that okay, this is shared, then we know which responsibilities we can go ahead and ask the cloud service provider: okay, this is what is required, or if they need some kind of help, then this is the customer's responsibility. So that tomorrow customer should not be ableto blame the cloud service provider that okay,this is not the responsibility and for theportion mentioned in red light. So it is like CSP, who will mention the controls to have the appropriate security. So you can see that in the case of infrastructure security, whatever is there at the physical level, meaning their data centers, networking, and physical access protection, all of that is the responsibility of the Is in all models, including highs. So you need not worry about that if you come in for infrastructure security, that is, about your hypervisors and all those things. So that is a shared responsibility because while it is shared on the hypervisor, you'll be building VMs and all those things. So that is a kind of shared responsibility. And in the case of platforms, similarly, the infrastructure becomes the responsibility of the cloud provider, or a CSP. And in the case of platform as a service, having a platform is a shared responsibility. If you get an RDS instance or a database in that case, the CSP is responsible for giving you a base in France where you can have your database set up is the responsibility of the CSP.But then having the proper access controlonto the database, having integrating your databasewith the active directory that is yourresponsibility or shared responsibility. Similarly, in the case of the sales platform, because the platform and everything are provided by the cloud service provider, and the application is shared responsibility, Because application access control and all of the things that all users who will have access to your, say, Office 365, that is the responsibility of the organization, and that is why if you see all of this in yellow, that is the share responsibility. So just to give you a quick tip, infrastructure is like infrastructure, and service infrastructure is a shared responsibility. Platforms as services are a shared responsibility. And in the case of sales, we get the application. Application is your share of responsibility, and all the above layers, which are mentioned in green, are the customer's responsibility. Like an infrastructure and security-maintaining application, everything is built up as you build up the VMs and the applications. In that case, it isultimately customer responsible for that. Remember that for data security, all models are customer-responsible because it is the customer who enters data; the customer understands that OK, what is the classification of data? how sensitive your data is. It is the ultimate responsibility of the customer. You may come up with different terms, like "data stored with the CSP" data stored within different locations." That is what we will study in the contract: is that okay? You can negotiate with the cloud service provider that way. Which laws and which penalties will be applicable if there is a data breach? But ultimately, securing the data is your responsibility, and maintaining the governance risk and compliance is also the customer's responsibility in all the models. Remember, guys, when we say that okay, governance, risk, and compliance, all the controls that would require you to implement in order to meet your regulatory laws, the type of data the application is using, or the business you are in, that is ultimately the responsibility of the customer. So that is a very important concept to understand. So, as previously discussed, another way to understand is that when we say that okay, the mark which is marked in red, that is CSP specific controls that a customer fully inherits from the CSP, it is similar to what CSP has to do; CSP has already implemented the controls and is providing them to customers, such as physical and environmental controls. These are basically the responsibility will be responsibility ofthe CSP who like CCTV are installed or not. monitoring of the entrance and the datacenter is being done or not. and taking care of all environmental issues that pose risks to the data centres from the environment. So all of those issues are the CSP's responsibility because, in the case of the cloud, that is the layer of the CSP providers, and then the shared responsibility or shared controls are controls that apply to both the infrastructure and the customer layers, such as configuration management, and the reason it is shared is because, for example, the hypervisor's configuration and everything that is below that layer. So all that will be done by the CSPonly, and above that, the machines on which you'll be building up the VMs so for those VMs.the configuration vulnerabilities of customers, then user awareness and training, and providing awareness training to employees like CSP will provide the user awareness training. Appropriate certifications will be provided to its users, and the customer who is using this will provide awareness training, patching, and vulnerability management. Similarly in case of example of this in case ofis the CSP will make sure that all the hypervisorsand all those are updated with the latest patches thefirmwares are updated or upgraded and similarly it is theresponsibility of the customer that okay all the instances whichare there onto the platform they are patched so thatis the kind of you can say shared controls thenwe have the customer specific controls like GRC maintaining thedata security if you see these two layers deadly datasecurity GRC in all the models that is the responsibilityof the customer only. So friends, this is it for this video. So thank you for watching this lecture. Meet you in the next lecture.

9. Cloud Service Models – IAAS

Hello friends. Welcome to this lecture on infrastructure as a service. It is one of the service models, which is IS, and we call it infrastructure as a service. So we will study all the three service models one by one. So let's start first with the infrastructure as a service. So what exactly is first we need tounderstand that and then we'll proceed further. So guys, till this point of study time, wehave studied that, okay, what is cloud computing andwhat are the five essential characteristics of crowd computing? So in the definition itself, NIST said that, okay, there are three service models. One is infrastructure as a service, then platform as a service, and then software as a service to understand the infrastructure as a service. Because we are getting some kind of service from the cloud service provider, So first, in all three models, we'll be comparing them with the on-premise data center. Let's say, if you will be managing allthese things in your data center, then whatkind of services you'll be managing in caseof if you're using infrastructure as a service. So it is very important, guys, to understand whether you want to run your infrared case on AWS, SEO, or Google Cloud, and really to dig into the technical discussions or to save money while deploying any kind of service. If you have a better idea, okay. What exactly is service is?You'll be able to save money andrun in fran, a very good condition. So let's say if it is on premise youare maintaining a data center, then what you aredoing, then you are managing all the things you'rehaving a space, networking, storage, you are purchasing thoseservers, then installing your VMs, OS middleware databases, andthen deploying the applications really to run your business. Now, just having this picture in mind, what services are we getting if we are getting infrastructure as a service? In case of infrastructure as a service,all these layers still virtualization, from networkingto virtualization are managed by the vendor. When we say vendor means cloud service wider, it couldbe AWS, it could be Google or any cloud vendor. If you are taking infrastructure as a service for virtualization, they'll be managing it; you don't need to take care of any networking or how they're managing the storage, their cooling, or whatever, or the physical security—all those things are things you are not taking care of that.So what you will be taking care of is in thiscase, you'll be taking care of all the layers above theyou can say this OS middleware runtime data application. So from OS, two applications you will be managing andall the below layers will be managed by the vendors. So guys, it is very crucial to understand that if you are performing any kind of assessment, like PCI, DSS, or some GXP assessment, you really need to understand that. Okay, tell what layer you are having control over so that you can make the assessment accordingly and the same type of report can be shared with your customers. So this is the comparison. If you say that the part that was previously managed by you is now only responsible for managing the layer above the US. So guys, if I'll ask the question, let's say that if you are using infrastructure as a service and one more thing guys, so infrastructure service, youcan take it from Amazon, you can take itfrom Google Cloud or from Sierra. Some argue that Amazon is an is or that Sierra is an incorrect statement. If you get all of the services, say all of them are managed by a cloud vendor, and you manage all of them above the OS, then you have infrastructure as a service. So it's not as if a single cloud vendor is a pair or Ice. It might be good to provide services like platforms as a service, right? But it is not like they are totally passing. So currently, both types of services are being provided by AWS as well as SEO. So let's say there is the question of okay, who will be managing the security patching for the OS?" So if it is an infrastructure service, you, as a customer or an organization, will be managing the security or installing the patches on the instance. So it is totally your ball of game.So customers access the IS infrastructure service through the internet, and they can access the cloud portal like you saw in the previous demo. Just log into the console, and we have provisioned the VM, chosen the iOS, and then all those settings. We have provided the storage space and virtual hard drives, and our server was ready. So, for example, that user can log in to the AWS console or console, select the virtual machine, install that specific OS, deploy the database, and create storage buckets that can be used for backup or whatever type of workload you want to have in your cloud infrastructure. So for IS customers, they can provide the services with the help of which you can actually monitor the type of load you're having and the cost associated with it. Even if you monitor performance and balance traffic, you can set up your own disaster recovery site. So all these things are possible if you're using the infrastructure as a service. So again, try to have this diagram in your mind. In that case you'll have a solid understanding ofall the three service models because in each andevery model it is the difference of responsibilities only. So as you move forward from infrastructure to pass to SAS, your responsibility is decreasing and the responsibility of the cloud vendor is getting increased.So what are the benefits of IS? No capex or very little capex involved means you're not making any kind of investment beforehand while provisioning your service or running your business. You're just going on to the AWS console or cloud provider website and provisioning the services whenever they are required. So another example is just quickly deploying infrastructure, and you'll be paying only for what you will be using. If you have used the service, let's say for 5 hours of storage, you'll be paying for that only. You're not paying any kind of upfront cost. So in other cases, like I said, the cloud provider is responsible for maintaining all the hardware and virtualized services. That means all the layers that are below the OSCL provider will be maintaining that. So as an organization, they're saving a lot of money because in most organizations, if you have a data center, you're paying for space depending on where your office is, then you're paying for power and generators, then cooling, then data centre maintenance, then engineers, and then another layer is data centre security. You need guards; you need 24-hour monitoring of CCTV. Just imagine how much money organisations are saving. As a result, your IP addresses, network connections, firewall bandwidth, and all load balances are all included in IS. So this was the first service model, which is infrastructure as a service. So this is it for this lecture. Friends, we'll meet you in the next lecture. Thank you. Thank you for watching.

Go to testing centre with ease on our mind when you use CSA CCSK vce exam dumps, practice test questions and answers. CSA CCSK Certificate of Cloud Security Knowledge certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using CSA CCSK exam dumps & practice test questions and answers vce from ExamCollection.

Read More


Add Comment

Feel Free to Post Your Comments About EamCollection VCE Files which Include CSA CCSK Exam Dumps, Practice Test Questions & Answers.

Purchase Individually

CCSK Premium File

Premium File
CCSK Premium File
232 Q&A
$76.99$69.99

CCSK Training Video Course

Training Course
CCSK Training Video Course
45 Lectures
$27.49$24.99

CCSK Study Guide

Study Guide
CCSK Study Guide
495 PDF Pages
$27.49$24.99

Top CSA Certification Exams

Site Search:

 

VISA, MasterCard, AmericanExpress, UnionPay

SPECIAL OFFER: GET 10% OFF

ExamCollection Premium

ExamCollection Premium Files

Pass your Exam with ExamCollection's PREMIUM files!

  • ExamCollection Certified Safe Files
  • Guaranteed to have ACTUAL Exam Questions
  • Up-to-Date Exam Study Material - Verified by Experts
  • Instant Downloads
Enter Your Email Address to Receive Your 10% Off Discount Code
A Confirmation Link will be sent to this email address to verify your login
We value your privacy. We will not rent or sell your email address

SPECIAL OFFER: GET 10% OFF

Use Discount Code:

MIN10OFF

A confirmation link was sent to your e-mail.
Please check your mailbox for a message from support@examcollection.com and follow the directions.

Next

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.