This repository contains my exam submission for the course SKY2100 Cloud Security at Høyskolen Kristiania.
Overview
The exam is divided into two main parts.
Part A – Cloud Security Theory
This section covers strategic and security-related topics, including hybrid multi-cloud architecture, a PaaS-first cloud strategy, regulatory compliance such as GDPR and US-based frameworks, DevSecOps and Secure Software Development Lifecycle (SSDLC), and the NIST Cybersecurity Framework (CSF 2.0).
Part B – Practical Implementation
This section consists of hands-on tasks performed in an Ubuntu virtual machine environment. The work includes system analysis using /proc/cpuinfo, network scanning with nmap, web server setup with Nginx, load testing using ApacheBench, performance monitoring with htop, Docker container deployment and benchmarking, and a simulated overload scenario resembling a denial-of-service condition.
Technologies Used
Ubuntu Linux virtual machine Nginx web server Docker ApacheBench Nmap htop Microsoft Azure concepts
Key Learning Outcomes
This project demonstrates understanding of cloud security architectures such as hybrid and multi-cloud models, implementation of secure development practices through DevSecOps, knowledge of international compliance requirements, application of the NIST Cybersecurity Framework in practical scenarios, and hands-on experience with system performance testing and network analysis.
Files
cloud-security-exam.pdf – Full exam submission
Disclaimer
This project was developed as part of an academic exam and is intended for educational purposes only.
Author
Bachelor student in Cybersecurity Høyskolen Kristiania