Cloud Security
Everything on SkillVeris tagged Cloud Security — collected across the glossary, study notes, blog, and cheat sheets.
13 resources across 1 library
Interview Questions(13)
How Do You Manage Secrets in a DevOps Pipeline?
Secrets management means storing credentials, API keys, and certificates in a dedicated secrets store with encryption, access control, and audit logging, then…
What is HashiCorp Vault and How Does It Work?
HashiCorp Vault is a centralized secrets-management system that securely stores, dynamically generates, and tightly controls access to credentials, encryption…
What is DevSecOps and How Do You Implement It?
DevSecOps is the practice of integrating security checks and ownership directly into every stage of the DevOps pipeline — from code commit through build, test,…
What Are the Key Principles of Container Security?
Container security means hardening every layer of the container lifecycle — the base image, the build process, the runtime configuration, and the host kernel —…
What Is Network Segmentation and Why Does It Matter?
Network segmentation is the practice of dividing a network into smaller, isolated zones with controlled traffic between them, so that a compromise in one zone…
What is Infrastructure Drift and How Do You Detect and Prevent It?
Infrastructure drift happens when the real state of provisioned infrastructure diverges from what its infrastructure-as-code definition declares — usually beca…
How Do You Manage SSH Keys Securely in a DevOps Team?
Secure SSH key management means generating a unique asymmetric key pair per engineer (never sharing private keys), distributing only public keys to servers via…
What is a Bastion Host and Why Do You Need One?
A bastion host is a purpose-built, hardened server placed at the edge of a private network that acts as the single, monitored entry point administrators must p…
Kubernetes NetworkPolicies vs Cloud Security Groups: What is the Difference?
Kubernetes NetworkPolicies control pod-to-pod traffic inside a cluster by matching pod labels and namespaces at the CNI plugin layer, while cloud security grou…
What is SSL/TLS Termination and Where Should It Happen?
SSL/TLS termination is the point in an infrastructure where encrypted HTTPS traffic is decrypted back into plain HTTP, typically at a load balancer, reverse pr…
What is Policy as Code and Why Use It in DevOps?
Policy as code is the practice of writing an organization’s compliance, security, and operational rules — like "no S3 bucket may be public" or "every deploymen…
What is HashiCorp Sentinel and How Does It Enforce Policy?
HashiCorp Sentinel is a policy-as-code framework embedded across the HashiCorp toolchain — Terraform Cloud/Enterprise, Vault, Consul, and Nomad — that evaluate…
What are CIS Benchmarks?
CIS Benchmarks are consensus-developed, vendor-neutral configuration hardening guides published by the Center for Internet Security, each providing a specific,…