FT_1

Security of user credentials during authentication

Protection of virtual machines, networks, and physical servers from threats

Monitoring user activity in SaaS platforms

Data encryption at rest and in transit

Data Loss Prevention (DLP)

Identity and Access Management (IAM)

Network Access Control (NAC)

Security Information and Event Management (SIEM)

Improving data redundancy

Isolating workloads to limit lateral movement during an attack

Increasing latency for better monitoring

Enabling faster cloud provisioning

High availability

Data deduplication

Unauthorized data access

Network latency

Cloud provider handles all layers of security

Customer handles application security, provider handles physical and network security

Both share all responsibilities equally

Provider is responsible only for encryption

Firewalls and Intrusion Detection Systems

User authentication methods

Virtualization and APIs

Backup and disaster recovery tools

Tokenization

SSL/TLS encryption

Hypervisor isolation

Key escrow systems

Protecting APIs and SDKs

Securing the operating system and applications on virtual machines

Managing user identities

Encrypting data at rest

DDoS attacks

SQL Injection and Cross-Site Scripting (XSS)

Physical tampering

Virtual machine migration failures

Hashing

Redundancy

Encryption

Tokenization