module 2 key terms

Question 1

Allow policy

Answer 1

A type of access a principal has, and sets conditions on this access

Question 2

Application programming interface (API)

Answer 2

A library function or system access point with well-dened syntax and code that communicates with other applications and third-parties

Question 3

Defense in depth

Answer 3

A layered approach to vulnerability management that reduces risk

Question 4

Deny policy

Answer 4

A constraint that sets rules to prevent principals from carrying out certain actions

Question 5

Detective control

Answer 5

A measure used to identify suspicious activity if it occurs

Question 6

Identity control

Answer 6

A measure that helps authenticate a user before they access resources, like networks or storage

Question 7

Lift and shift

Answer 7

A migration model where workloads are moved to the cloud with little to no modifications

Question 8

Landing zone

Answer 8

A modular and scalable configuration that enables organizations to adopt Google Cloud for their business needs

Question 9

Network control

Answer 9

A measure that helps protect access through network path

Question 10

Principals

Answer 10

Represent either end users, or applications

Question 11

Protective control

Answer 11

A measure that protects access to resources and shields against malicious attacks

Question 12

Recovery control

Answer 12

A measure that restores access and functionality in the event of failures

Question 13

Responsive control

Answer 13

An application or tool that uses automation to respond to security events

Question 14

Roles

Answer 14

A collection of permissions that can be applied to principals

Question 15

Router

Answer 15

A network device that connects multiple networks together

Question 16

Service level agreement (SLA)

Answer 16

Quantifies the availability of services