Skip to main content

Chapter 9 Checkpoint

The cloud & identity security toolkit, all together. This mixed quiz pulls from every lesson. Passing means you can secure the modern perimeter — where identity, not the network, gates access, and most breaches are an over-broad permission or a leaked credential.

How this works

The quiz samples from a larger bank each attempt. The chapter's through-line: identity is the perimeter. Harden IAM to least privilege, catch misconfigurations at scale, verify every request, govern the human-identity lifecycle, and manage keys/secrets with control + visibility. If a question stings, follow its revisit link.

What you should be able to do now

  • Harden IAM — least privilege and temporary credentials, because identity is the perimeter.
  • Govern non-human identity — short-lived, attested workload identity (SPIFFE/SPIRE, federation) over static, sprawling machine secrets.
  • Run CSPM — find misconfigurations across the estate, knowing config is your job under shared responsibility.
  • Apply runtime security — eBPF behavioral detection against living-off-the-land, and CNAPP consolidation.
  • Secure Kubernetes — admission control, signed images, secrets, and network policies for the platform itself.
  • Build zero-trust architecture — signal-based decisions and mTLS/workload identity for service-to-service.
  • Govern SSO & federation — centralized identity, and the deprovisioning/reviews everyone forgets.
  • Manage keys & secrets at scale — KMS, dynamic secrets, and authorized, audited access.

The checkpoint

Required checkpoint

Chapter 9: Cloud & Identity Security

Pass to unlock the Next button below

Chapter 9 complete

You now understand the modern perimeter: in the cloud, identity gates everything, so harden IAM to least privilege and kill long-lived keys; catch misconfigurations at scale knowing config is your responsibility; verify every request including service-to-service; govern human identity through its whole lifecycle; and manage keys and secrets with control and visibility. The single idea: identity is the perimeter, so secure it relentlessly.

→ On to Chapter 10: Compliance & Risk, Operationalized — turning all the controls you've learned into the auditable, governed program that regulators and customers require.