CAE (Chapter 1 Part 3)

It is a global cloud service provider with data centers worldwide.

It is a Malaysian-owned sovereign cloud service provider.

It primarily serves individual consumers for personal cloud storage.

It focuses exclusively on providing bare metal servers.

DDoS protection

Web Application Firewall

Data Encryption

Physical server maintenance

Personal blogging and social media management

Computing and Storage

Online gaming and virtual reality

Financial auditing and legal consulting

To own all resources and make payments for them.

To create new accounts for other organizations.

To securely control access to cloud services and resources without sharing account credentials.

To manage the physical infrastructure of the cloud data centers.

Yes

No

The user only inherits permissions from the first group they were added to.

The user inherits permissions assigned to all these groups.

The user's permissions are limited to the least restrictive group.

The user's permissions are limited to the most restrictive group.

Roles are for individual users, policies are for user groups.

Roles provide fine-grained authorization, while policies are coarse-grained.

Roles are coarse-grained authorization based on job responsibilities, while policies provide fine-grained authorization for specific operations.

Roles are system-defined, while policies are always custom-defined.

Limited access control for resources.

Inability to delegate resources across accounts.

Federated access to cloud resources using existing enterprise accounts.

Requires separate login credentials for each cloud service.

Data security

Host security

Tenant lifecycle management

Virtual network security