Learn about the most important security measure organizations must implement when transitioning an on-premises software application to a cloud-based service environment
Table of Contents
Question
A security team is setting up a new environment for hosting the organization’s on-premises software application as a cloud-based service. Which of the following should the team ensure is in place in order for the organization to follow security best practices?
A. Virtualization and isolation of resources
B. Network segmentation
C. Data encryption
D. Strong authentication policies
Answer
When an organization is setting up a new cloud environment to host an existing on-premises software application, the most critical security best practice they should ensure is in place is:
A. Virtualization and isolation of resources
Explanation
In a multi-tenant cloud environment, proper virtualization and isolation is essential to segregate the organization’s resources, data and workloads from those of other cloud tenants. This involves virtualizing servers, storage, networks and applications so that each tenant’s environment is logically separated.
Hypervisors should be used to abstract and isolate virtual machines. Storage and database instances for different tenants must be logically separated, often using separate virtual private clouds (VPCs). Virtual networks, subnets, firewalls, gateways and access controls are configured to isolate each tenant’s traffic and prevent unauthorized access between environments.
Without robust virtualization and isolation, the organization’s cloud-based app and data could be vulnerable to breaches and attacks from other tenants in the shared environment. The other options, while important security measures, do not specifically address the unique risks of multi-tenancy in public cloud environments:
B. Network segmentation – Segments networks to limit access and contain threats, but doesn’t isolate tenant environments
C. Data encryption – Encrypts data at-rest and in-transit, but doesn’t prevent inter-tenant breaches
D. Strong authentication – Controls access to resources, but doesn’t separate tenant environments
Therefore, virtualization and isolation of resources is the security best practice that must be prioritized when migrating an on-premises app to a multi-tenant public cloud service. This foundational measure is critical to protect the confidentiality, integrity and availability of the organization’s cloud-based assets.
CompTIA SY0-701 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA SY0-701 exam and earn CompTIA SY0-701 certification.