#1. Data owners are expected to select the appropriate classification for a particular data set.
#2. Which of the following is not one of the four NIST/ISO/IEC deployment models.
#3. Data passes through an encryption proxy before being sent to the SaaS application is known as?
#4. Includes the policy, process, and internal controls that direct how an organization is run, relies on the compliance function to ensure that directives are being followed.
#5. When it comes to Application security how would you prevent Elevation of Privilege.
#6. When object storage is used as the back-end for an application (including mobile applications), encrypt the data using an encryption engine embedded in the application or client is known as.
#7. A PaaS vendor will let you VA test your application code and test their platform as well. True or False
#8. Providers will usually encrypt all customer data at which level.
#9. An architectural concept that enables centralized management and emphasizes the role of software in running networks to dynamically control, change, and manage network behavior.
#10. The CCM and EU GDPR are best practices and/or standards that can be leveraged to create a cloud governance framework. True or False?
#11. When it comes to Application security how would you prevent Spoofing
#12. In which phase of the Data Lifecycle employs encryption in transit, application security and data loss prevention?
#13. The process of asserting an identity across different systems or organizations (key for Single Sign On).
#14. Creating a bastion network and forcing all cloud traffic through it can act as a chokepoint. True or False
#15. By placing an encryption proxy in a trusted area between the cloud user and the cloud provider you will ensure the data transfer is secure, True or False
#16. Which of the following is incorrect?
#17. Application Security: CI/CD pipelines can actually enhance security through supporting immutable infrastructures, automating security testing, and providing extensive logging of application. True or False
#18. A point-in-time look at the design of the controls is known as?
#19. Compliance testing is used to determine whether controls have been properly designed and implemented. And to determine whether the controls are operating properly. True or False
#20. Can be used to identify the virtual drives that can be accessed within a zone.
#21. In which cloud service models is the customer responsible for the client access endpoints.
#22. According to the AICPA, a system comprises the following components except?
#23. Software Defined Networks (SDN) offers the ability to maintain segregation and isolation for the multitenant environment. True or False
#24. Auto-scaling and failover are the two most important attributes that a virtual appliance should have in a cloud environment. True or False
#25. Volatile memory contains all kinds of potentially sensitive information, who responsible for ensuring strong isolation of volatile memory in the cloud.
#26. Which of the following is not a benefit of SDN Security.
#27. Cloud services offered by a provider to a limited and well-defined number of parties. is defined as which.
#28. Of the cloud service models who is responsible for physical security on premises.
#29. Private cloud governance depends on who owns and operates the private cloud: If you outsource a private cloud, governance changes. True or False
#30. Replacing an exploited server with a newly patched server to stave off an attack is an example of which.
#31. You need to perform a bulk security tests on the images in your network, which would be the best approach?
#32. A workload is a unit of processing. It can be executed on a physical server, on a virtual server, or in a container. True or False
#33. Substantive testing is used to determine whether controls have been properly designed and implemented. True or False
#34. Access controls in the cloud should be implemented in all of the layers except.
#35. Which of the following is not a benefit of SDN Security.
