Cloud Security Alliance CCSK - Certificate of Cloud Security Knowledge v5 (CCSKv5.0)

Cloud governance establishes controls and policies that align with the organization’s goals for security, compliance, and efficient management in the cloud. Reference: [Security Guidance v5, Domain 2 - Cloud Governance]

Differential privacy is a strategy designed to protect data confidentiality by ensuring that the output of a machine learning model does not expose sensitive information about individual data points. In the context of model inversion attacks, where attackers try to infer confidential data from the model, differential privacy introduces noise into the model’s output in a way that prevents attackers from accurately reconstructing the input data. This helps safeguard against attacks that threaten the privacy of the data used to train the model.

Secure multi-party computation is useful for enabling collaborative computation on encrypted data but does not specifically address model inversion attacks. Encryption is important for securing data at rest or in transit but does not directly protect against model inversion attacks. Model hardening refers to general measures to make models more robust to adversarial attacks, but it does not directly mitigate the specific risk of model inversion attacks related to data confidentiality.

Taking snapshots of virtual machines (VMs) is one of the most effective techniques for preserving digital evidence in a cloud environment. Snapshots capture the entire state of a VM, including its memory, configuration, and disk contents at a particular point in time. This allows investigators to preserve evidence as it was at the moment of the incident, enabling detailed analysis without altering the original state of the system.

While isolating the compromised system is important to prevent further damage, snapshots are more directly useful for preserving evidence. Backing up data and analyzing management plane logs are also valuable for incident response, but they don't capture the complete state of a compromised system as effectively as snapshots do.

In the context of Function as a Service (FaaS), trigger events are primarily defined in addition to the functions themselves. FaaS allows you to run individual functions in response to events, such as HTTP requests, file uploads, database changes, or messages in a queue. These trigger events initiate the execution of the serverless function, making them a core part of FaaS architecture.

Data storage is not directly defined by FaaS, as storage is typically managed separately (e.g., cloud storage or databases). Network configurations are not the main focus of FaaS, since cloud providers manage the underlying network infrastructure. User permissions may be relevant but are typically handled through identity and access management (IAM), not directly tied to the definition of a FaaS function.

Elasticity of cloud resources is a key feature that directly contributes to enhanced performance and resource utilization while avoiding excess costs. Cloud elasticity allows resources (such as compute power, storage, and network bandwidth) to automatically scale up or down based on demand. This ensures that organizations are only using the resources they need at any given time, optimizing both performance and cost-efficiency.

Fixed resource allocations do not provide the flexibility needed to optimize resource utilization and can lead to either over-provisioning (wasting resources) or under-provisioning (affecting performance). Unlimited data storage capacity is not typical in all cloud environments and does not directly impact resource optimization or performance. Increased on-premise hardware is unrelated to cloud workload security, as it refers to traditional, non-cloud infrastructure.