Select 4 topics from the below list and write atleast 100 words per topic.

• List the security advantages of cloud-based solutions.
• List the security disadvantages of cloud-based solutions.
• Define and discuss the data wiping process.
• Discuss how a cloud-based solution provider may reduce the risk of a DDoS attack.
• Define and discuss hyperjacking attacks.
• Define and discuss guest-hopping attacks

 

Cloud-Based Solutions

A cloud-based solution is an on-demand service for computer systems for data storage accessed through the internet via the provider shared infrastructure for cloud computing.

1. List the security advantages of cloud-based solutions.

• Data security. Cloud security prevents data breaches because security protocols are in place that protect important sensitive transactions and information; hence third parties cannot tamper or eavesdrop on the data transmission (Rittinghouse & Ransome, 2017). 
• Companies operating in highly regulated sectors have regulated compliance as it manages and maintains enhanced infrastructure to protect their financial and personal data.
• The cloud solution provides flexibility by avoiding server crashes in high traffic times by turning up usage and down when traffic is low, thereby reducing costs.
• Cloud-based solution Provide support for the company's assets through live monitoring.
• It eliminates errors as technological advancement does not require manual effort since technology translates to few errors.

2. List the security disadvantages of cloud-based solutions

• The cost of cloud computing is high compared to having an in-house solution (Lavrador, & Gouveia, 2020). A reliable and secure cloud-based solution is expensive.
• A service provider accesses sensitive information when a business switches to a cloud solution than within the organization.
• Lack of enough support because the service providers have come up with automated answers that may not give a satisfactory answer, is frustrating and manual support takes time.
• There could be service interruption due to downtimes as a result of poor internet and power loss.
• The company is vulnerable to attacks, leading to loss of vital information to frequent attacks from hackers.

3. Define and Discuss Hyperjacking Attacks.

Hyperjacking is a malicious attack whereby a hacker controls the hypervisor, which creates the virtual environment within the host's virtual machine (Win & Thwin,2019).  The hacker intends to take over the operating system below the virtual machine that enables their program to run and the virtual machine above without detecting its presence.

The hyper jacking happens when there is a fake hypervisor installed that can manage the server. The security protocols will not detect that an attack occurred. For hyperjack to succeed, the hacker needs to have primary server physical access or when a user is encouraged to install the application. Additionally, the hacker also will need a hardware-assisted processor to assist with virtualization capability.

Microsoft Corporation, a hypervisor developer, focuses on ways to lock down and secure hypervisors to reduce risks.

4. Define and Discuss The Data Wiping Process.

Data wiping refers to the process of removing or erasing data logically from read /write format such that it is no longer readable (Foozy, et al., 2021, January).  The overwritten data on the disk removes original information hence making it irrecoverable.

The process is done externally by connecting the storage medium physically to a hardware wiping device. Wiping is performed internally by booting the PC from the network or CD. The process is not destructive as it enables the safe reuse of medium without incurring a loss of data leakage or storage capacity.

A company that obtains sensitive data from customer essentially wipe data when they no longer need the information. Data wiping also protects the organization from reputational risk and paying hefty funds related to non-compliance. Lastly, it saves the environment as one needs not physically destroy old devices as data is securely wiped from the disks using file erasures.