Task 1 : Introduction

Many companies migrate their on-premises resources to the cloud to gain benefits such as cost savings, greater stability, and improved security. However, not all recognize the new risks that come with this transition, often leaving their assets even less protected than before. This beginner-friendly room outlines the risks and common pitfalls companies face when migrating to the cloud, and helps you understand how to protect them as a SOC analyst.

Learning Objectives

• Learn the main cloud models: IaaS, PaaS, and SaaS

• Explore security risks coming from the cloud providers

• Understand the core concepts of security in the cloud

• Identify the challenges of monitoring clouds as a SOC

Task 2 : What Is Cloud

Which cloud model allows you to migrate a big on-premises network to the cloud?

IaaS

Which cloud model do Elastic Cloud and CrowdStrike Falcon fit into?
Note: You may need to perform external research to answer this question.

SaaS

Task 3 : Security of the Cloud

Is the cloud provider responsible for securing and monitoring its own infrastructure (Yea/Nay)?

Yea

But should you trust the cloud provider without watching for supply chain threats? (Yea/Nay)

Nay

Task 4 : Security in the Cloud

Does moving an unpatched server to the cloud make it secure again? (Yea/Nay)

Nay

What is the first major obstacle to integrating most cloud products with a SIEM?

Paid Logs

Task 5 : Cloud Security Monitoring

What term describes cloud compute resources like VMs or containers?

Workloads

Which of the mentioned cloud security tools do Falco and Tetragon fit into?
Note: You may need to perform external research to answer this question.

CWPP

Task 6 : Challenge

What is the flag you get after completing the first exercise?

THM{flag_as_a_service!}

What is the flag you get after completing the second exercise?

THM{ready_for_cloud_migration!}