Cloud Practice Exam 1

#1. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

False

True

#2. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

PaaS

Public Cloud

SaaS

Private Cloud

#3. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

Hybrid Cloud

Community Cloud

Private Cloud

Public Cloud

#4. What are the six stages of the Data Life Cycle?

Create,Archive,Destroy,Use,Store,Share

Archive,Destroy,Use,Store,Share,Create

Store,Share,Create,Archive,Destroy,Use

Create,Store,Use,Share,Archive,Destroy

#5. What are the components of PaaS Encryption (choose all that apply)

Select all that apply:

Provider-managed encryption

Application layer encryption

Database encryption

Proxy encryption

#6. A standard template for cloud providers to document their security and compliance controls is known as?

Cloud Controls Matrix (CCM

Consensus Assessment Initiative Questionnaire (CAIQ)

Content Delivery Network (CDN)

Cloud Access Security Broker (CASB)

#7. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

Applistructure

Infostructure

Infastructure

Metastructure

#8. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

FIPS 140-2

NIST 800-53

The Gramm-Leach-Bliley Act

The Sarbanes–Oxley Act (SOX)

#9. The cloud customer is basically only involved in uploading and processing data in the production environment

PaaS

IaaS

SaaS

Data discovery

#10. A content delivery network (CDN) is a form of data caching, usually near geophysical locations of high use/demand, for copies of data commonly requested by user. True or False

False

True

#11. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

recovery acceptance agreement (RAG)

recovery time gap (RTG)

recovery service level (RSL)

recovery point objective (RPO)

#12. The three methods of data discovery are the following.

Dynamic. Transactional and Static

Data distribution, labels and e-discovery

metadata, labels, and content analysis.

preservation, dispersion and replication

#13. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

Paas

Community Cloud

Private Cloud

IaaS

SaaS

#14. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

True

False

#15. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

Private Cloud

Community Cloud

Public Cloud

Hybrid Cloud

#16. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

Reference architectures

Controls models or frameworks

Conceptual models or frameworks

Design patterns

#17. Cloud Data Access Controls include all but the following.

Application level controls

Private Access Controls

Public and internal sharing controls

Management plane

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

False

True

#19. The core components of a computing system: compute, network, and storage is known as?

Metastructure

Infostructure

Infrastructure

Applistructure

#20. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

Sarbanes–Oxley Act (SOX)

Network Information Security Directive (NIS Directive)

The Gramm-Leach-Bliley Act

Directive 95/46/EC of the European (Data Protection Directive)

#21. A Cloud Access Security Broker(CASB), can handle IAM and key management services for cloud customers, True or False?

False

True

#22. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

SaaS

IaaS

PaaS

Public Cloud

#23. Which of the following is not a method of enforcing Lifecycle Management Security?

Dynamic masking

Managing data location/residency

Ensuring compliance

Backups and business continuity

#24. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

PaaS

Private Cloud

Public Cloud

SaaS

IaaS

#25. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

Applistructure

Metastructure:

Infrastructure

Infostructure

#26. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

Select all that apply:

Cloud Controls Matrix (CCM)

Consensus Assessment Initiative Questionnaire (CAIQ)

Content Delivery Network (CDN)

Cloud Access Security Brokers (CASB)

#27. Which of the following is NOT a Cloud security model?

Design patterns

Conceptual models or frameworks

Controls models or frameworks

Cloud Management Plane Framework

Reference architectures

#28. Used for Security Availability, processing integrity, and privacy, the controls of an org are in line with security

Type 1

Type 2

SOC 1

SOC 2

SOC 3

#29. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

False

True

#30. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

False

True

#31. Widely considered to be the gold standard when it comes to security of information systems and their data.

ISO 27001, (27001:2013)

FIPS 140-2

Directive 95/46/EC of the European (Data Protection Directive)

NIST 800-53

#32. General Data Protection Regulation (GDPR) includes the following except.

Breaches of Security

Cross-border Data Transfer Restrictions

Sanctions

Encryption Standards

Data Subjects’ Rights:

Accountability Obligations

Discrepancies among Member States:

#33. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

Network Information Security (NIS) Directive

Personal Information Protection and Electronic Documents Act (PIPEDA

The Trans-Atlantic Data Privacy Framework

EU GDPR

#34. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

False

True

#35. Application security encompasses the following except.

Isolated environments.

Responsiveness.

Independent virtual machines.

DevOps

Encryption protocol

Higher baseline security

Elasticity

Torque Bleu Media

Refresh The Page to Try Again!!!

#1. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#2. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

#3. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#4. What are the six stages of the Data Life Cycle?

#5. What are the components of PaaS Encryption (choose all that apply)

#6. A standard template for cloud providers to document their security and compliance controls is known as?

#7. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

#8. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

#9. The cloud customer is basically only involved in uploading and processing data in the production environment

#10. A content delivery network (CDN) is a form of data caching, usually near geophysical locations of high use/demand, for copies of data commonly requested by user. True or False

#11. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

#12. The three methods of data discovery are the following.

#13. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#14. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#15. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#16. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

#17. Cloud Data Access Controls include all but the following.

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

#19. The core components of a computing system: compute, network, and storage is known as?

#20. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

#21. A Cloud Access Security Broker(CASB), can handle IAM and key management services for cloud customers, True or False?

#22. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

#23. Which of the following is not a method of enforcing Lifecycle Management Security?

#24. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#25. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

#26. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

#27. Which of the following is NOT a Cloud security model?

#28. Used for Security Availability, processing integrity, and privacy, the controls of an org are in line with security

#29. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

#30. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

#31. Widely considered to be the gold standard when it comes to security of information systems and their data.

#32. General Data Protection Regulation (GDPR) includes the following except.

#33. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

#34. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

#35. Application security encompasses the following except.

Results

Facebook

Cloud Practice Exam 1

Refresh The Page to Try Again!!!

#1. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#2. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

#3. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#4. What are the six stages of the Data Life Cycle?

#5. What are the components of PaaS Encryption (choose all that apply)

#6. A standard template for cloud providers to document their security and compliance controls is known as?

#7. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

#8. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

#9. The cloud customer is basically only involved in uploading and processing data in the production environment

#10. A content delivery network (CDN) is a form of data caching, usually near geophysical locations of high use/demand, for copies of data commonly requested by user. True or False

#11. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

#12. The three methods of data discovery are the following.

#13. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#14. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#15. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#16. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

#17. Cloud Data Access Controls include all but the following.

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

#19. The core components of a computing system: compute, network, and storage is known as?

#20. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

#21. A Cloud Access Security Broker(CASB), can handle IAM and key management services for cloud customers, True or False?

#22. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

#23. Which of the following is not a method of enforcing Lifecycle Management Security?

#24. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#25. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

#26. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

#27. Which of the following is NOT a Cloud security model?

#28. Used for Security Availability, processing integrity, and privacy, the controls of an org are in line with security

#29. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

#30. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

#31. Widely considered to be the gold standard when it comes to security of information systems and their data.

#32. General Data Protection Regulation (GDPR) includes the following except.

#33. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

#34. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

#35. Application security encompasses the following except.

Results

Share this: