Cloud Practice Exam 2

#1. You have a access security concern that is not covered in the contract and no way to enforce it, this is know as a.

Governance gap

Policy deference

Regulation violation

Regulatory gap

#2. Which of the following is not a benefit of SDN Security.

SDN firewalls

Deny by Default

Identification tags

Enhanced IDS

Denying Network attacks

Isolation

#3. In order to create a logical drive on 100TB hard-drive and have it be identified as a separate drive what would you use?

LUN

FCoE

iSCSI

MAC ID

#4. With securing data in the cloud Access controls and encryption are the core data security controls in use. True or False

True

False

#5. This classification approach looks at application, storage location, or the creator of the data as an indicator of sensitive information.

Module-Based

User-Based

Content-Based

Context-Based

#6. With securing cloud data transfers, most cloud provider APIs use Transport Layer Security (TLS) by default. True or False

False

True

#7. Substantive testing is used to determine whether controls have been properly designed and implemented. True or False

True

False

#8. What does AICPA’s five Trust Services Criteria consist of?

Security,Availability,Confidentiality,Processing Integrity and Privacy.

Availability,Confidentiality,Processing,Management,Governance

Processing,Management,Governance,Integrity and Privacy.

#9. Many cloud breaches attack those who maintain the cloud, not just the application running in the cloud. True or False

False

True

#10. Compliance testing is used to determine whether controls have been properly designed and implemented. And to determine whether the controls are operating properly. True or False

False

True

#11. In which cloud service models is the customer responsible for the client access endpoints.

IaaS

SaaS

PaaS

The customer is responsible for client endpoints in all models.

#12. Volatile memory contains all kinds of potentially sensitive information, who responsible for ensuring strong isolation of volatile memory in the cloud.

Provider

Customer

Both

#13. Full DRM and Provider-based control are both aspects of.

Data Loss Prevention

Enterprise Rights Management

Enforcing Lifecycle Management Security

Provider-managed encryption

#14. Cloud services offered by a provider to a limited and well-defined number of parties. is defined as which.

Public cloud

Private Cloud

Community Cloud

Partner Cloud

#15. Which of the following is not one of the five Trust Services Criteria that a CSP will attest to.

Security

Availability

Confidentiality

Process Integrity

Portability

Privacy

#16. Includes managing overall risk for the organization, aligned with the organization’s governance and risk tolerance.

Governance

Enterprise risk management

Information risk management

Information security

#17. When it comes to Application security how would you prevent Elevation of Privilege.

input validation

Rate Throttling

Authorization

Authentication

#18. In a Immutable environment, It is best practice, to get logs off servers and on to a centralized location as quickly as possible, because all servers must be considered ephemeral in the cloud. True or False

False

True

#19. Access controls in the cloud should be implemented in all of the layers except.

Management plane

Public and internal sharing controls

Hypervisor plane

Application level controls

#20. Data passes through an encryption proxy before being sent to the SaaS application is known as?

Proxy encryption

Provider-managed encryption

Application layer encryption

Database encryption

#21. This publicly available high-level SOC report contains a statement from an independent CPA that a SOC engagement was performed.

SOC3

SOC1

SOC2

Type1

#22. Container systems usually consist of the following except.

VLAN controller

Orchestration and scheduling controller

Container

Image repository

Engine

#23. Responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary.as well as processing financial transactions

Cloud Service Business Manager

Cloud Service Administrator

Cloud Service Deployment Manager

Cloud Broker

#24. A workload is a unit of processing. It can be executed on a physical server, on a virtual server, or in a container. True or False

True

False

#25. Includes the policy, process, and internal controls that direct how an organization is run, relies on the compliance function to ensure that directives are being followed.

Enterprise risk management

Governance

Information risk management

Information security

#26. Difference between REST API’s and SOAP API’s are?

Select all that apply:

Security Service

uptime/runtime

Cost

Entitlements

#27. Providers will usually encrypt all customer data at which level.

Metastructure

Logical

Physical

Infostructure

#28. Of the cloud service models who is responsible for physical security on premises.

Both

Provider

Customer

#29. Relevant industry best practices, global standards, and regulations can be used to assist in building a cloud governance framework. True or False.

True

False

#30. The CCM and EU GDPR are best practices and/or standards that can be leveraged to create a cloud governance framework. True or False?

False

True

#31. When it comes to Application security how would you prevent data modification.

input validation

encrypting

audit logging

authentication

#32. Application Security: CI/CD pipelines can actually enhance security through supporting immutable infrastructures, automating security testing, and providing extensive logging of application. True or False

False

True

#33. Combines both device and user authentication to provision network access to resources dynamically.

Management plane

SDN firewalls

Software Defined Perimeter

Microsegmentation

#34. With immutable servers, you can increase security by patching and testing images and replacing non-patched instances built off the newly patched image. True of False with new

True

False

#35. Substantive testing, looks at the accuracy and integrity of transactions that go through processes and information systems. True or False

False

True

Torque Bleu Media

Refresh the Page to Try Again!!!

Results

#1. You have a access security concern that is not covered in the contract and no way to enforce it, this is know as a.

#2. Which of the following is not a benefit of SDN Security.

#3. In order to create a logical drive on 100TB hard-drive and have it be identified as a separate drive what would you use?

#4. With securing data in the cloud Access controls and encryption are the core data security controls in use. True or False

#5. This classification approach looks at application, storage location, or the creator of the data as an indicator of sensitive information.

#6. With securing cloud data transfers, most cloud provider APIs use Transport Layer Security (TLS) by default. True or False

#7. Substantive testing is used to determine whether controls have been properly designed and implemented. True or False

#8. What does AICPA’s five Trust Services Criteria consist of?

#9. Many cloud breaches attack those who maintain the cloud, not just the application running in the cloud. True or False

#10. Compliance testing is used to determine whether controls have been properly designed and implemented. And to determine whether the controls are operating properly. True or False

#11. In which cloud service models is the customer responsible for the client access endpoints.

#12. Volatile memory contains all kinds of potentially sensitive information, who responsible for ensuring strong isolation of volatile memory in the cloud.

#13. Full DRM and Provider-based control are both aspects of.

#14. Cloud services offered by a provider to a limited and well-defined number of parties. is defined as which.

#15. Which of the following is not one of the five Trust Services Criteria that a CSP will attest to.

#16. Includes managing overall risk for the organization, aligned with the organization’s governance and risk tolerance.

#17. When it comes to Application security how would you prevent Elevation of Privilege.

#18. In a Immutable environment, It is best practice, to get logs off servers and on to a centralized location as quickly as possible, because all servers must be considered ephemeral in the cloud. True or False

#19. Access controls in the cloud should be implemented in all of the layers except.

#20. Data passes through an encryption proxy before being sent to the SaaS application is known as?

#21. This publicly available high-level SOC report contains a statement from an independent CPA that a SOC engagement was performed.

#22. Container systems usually consist of the following except.

#23. Responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary.as well as processing financial transactions

#24. A workload is a unit of processing. It can be executed on a physical server, on a virtual server, or in a container. True or False

#25. Includes the policy, process, and internal controls that direct how an organization is run, relies on the compliance function to ensure that directives are being followed.

#26. Difference between REST API’s and SOAP API’s are?

#27. Providers will usually encrypt all customer data at which level.

#28. Of the cloud service models who is responsible for physical security on premises.

#29. Relevant industry best practices, global standards, and regulations can be used to assist in building a cloud governance framework. True or False.

#30. The CCM and EU GDPR are best practices and/or standards that can be leveraged to create a cloud governance framework. True or False?

#31. When it comes to Application security how would you prevent data modification.

#32. Application Security: CI/CD pipelines can actually enhance security through supporting immutable infrastructures, automating security testing, and providing extensive logging of application. True or False

#33. Combines both device and user authentication to provision network access to resources dynamically.

#34. With immutable servers, you can increase security by patching and testing images and replacing non-patched instances built off the newly patched image. True of False with new

#35. Substantive testing, looks at the accuracy and integrity of transactions that go through processes and information systems. True or False

Facebook

Cloud Practice Exam 2

Refresh the Page to Try Again!!!

Results

#1. You have a access security concern that is not covered in the contract and no way to enforce it, this is know as a.

#2. Which of the following is not a benefit of SDN Security.

#3. In order to create a logical drive on 100TB hard-drive and have it be identified as a separate drive what would you use?

#4. With securing data in the cloud Access controls and encryption are the core data security controls in use. True or False

#5. This classification approach looks at application, storage location, or the creator of the data as an indicator of sensitive information.

#6. With securing cloud data transfers, most cloud provider APIs use Transport Layer Security (TLS) by default. True or False

#7. Substantive testing is used to determine whether controls have been properly designed and implemented. True or False

#8. What does AICPA’s five Trust Services Criteria consist of?

#9. Many cloud breaches attack those who maintain the cloud, not just the application running in the cloud. True or False

#10. Compliance testing is used to determine whether controls have been properly designed and implemented. And to determine whether the controls are operating properly. True or False

#11. In which cloud service models is the customer responsible for the client access endpoints.

#12. Volatile memory contains all kinds of potentially sensitive information, who responsible for ensuring strong isolation of volatile memory in the cloud.

#13. Full DRM and Provider-based control are both aspects of.

#14. Cloud services offered by a provider to a limited and well-defined number of parties. is defined as which.

#15. Which of the following is not one of the five Trust Services Criteria that a CSP will attest to.

#16. Includes managing overall risk for the organization, aligned with the organization’s governance and risk tolerance.

#17. When it comes to Application security how would you prevent Elevation of Privilege.

#18. In a Immutable environment, It is best practice, to get logs off servers and on to a centralized location as quickly as possible, because all servers must be considered ephemeral in the cloud. True or False

#19. Access controls in the cloud should be implemented in all of the layers except.

#20. Data passes through an encryption proxy before being sent to the SaaS application is known as?

#21. This publicly available high-level SOC report contains a statement from an independent CPA that a SOC engagement was performed.

#22. Container systems usually consist of the following except.

#23. Responsible for overseeing business and billing administration, purchasing cloud services, and requesting audit reports when necessary.as well as processing financial transactions

#24. A workload is a unit of processing. It can be executed on a physical server, on a virtual server, or in a container. True or False

#25. Includes the policy, process, and internal controls that direct how an organization is run, relies on the compliance function to ensure that directives are being followed.

#26. Difference between REST API’s and SOAP API’s are?

#27. Providers will usually encrypt all customer data at which level.

#28. Of the cloud service models who is responsible for physical security on premises.

#29. Relevant industry best practices, global standards, and regulations can be used to assist in building a cloud governance framework. True or False.

#30. The CCM and EU GDPR are best practices and/or standards that can be leveraged to create a cloud governance framework. True or False?

#31. When it comes to Application security how would you prevent data modification.

#32. Application Security: CI/CD pipelines can actually enhance security through supporting immutable infrastructures, automating security testing, and providing extensive logging of application. True or False

#33. Combines both device and user authentication to provision network access to resources dynamically.

#34. With immutable servers, you can increase security by patching and testing images and replacing non-patched instances built off the newly patched image. True of False with new

#35. Substantive testing, looks at the accuracy and integrity of transactions that go through processes and information systems. True or False

Share this: