cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Masahiro
Newcomer III

What nature of cloud computing might have made DRM solutions difficult to interact with VMs?

According to the question c02.006 of CCSP Official Practice Tests,  DRM solutions might have difficulty interacting with virtualized instances due to the nature of cloud computing.

 

What nature of cloud computing do you think might have made DRM solutions difficult to interact with virtualized instances?

Haneda, Masahiro
Certification: CISSP, CCSP, CCSK, PMP, ITIL Foundation V3
Location: Japan
My LinkedIn Profile
2 Replies
divervenal
Viewer

Hello. As I know, it's insufficient identity, credential, access and key management. account hijacking. insider threats. insecure interfaces and APIs.      waffle game

denbesten
Community Champion

IAAS (the form of Cloud computing that has "virtualized instances") often comes with a loss of control over the network layer and therefore reduced ability to enforce egress controls using network devices.

 

IAAS providers generally give everything direct egress to the Internet. This is baked into "marketplace" templates and GUI defaults.  As such, it is a constant struggle to ensure that routing keeps the egress flowing through our firewall without totally hosing up the automated deployments.

 

On premises we eliminate this risk by ensuring that the physical cabling only permits "Internet egress" via our firewalls.  And we use color coded ethernet cables (red == dirty network; orange == DMZ; blue == inside company) to make it really easy to audit that the config remains as expected because each device only gets one cable "color" unless it is a firewall.

 

As one moves "up the scale" to SAAS, you end up losing the ability to install specialized security tools, instead relying on those provided by the supplier.