Cloud Practice Exam 1

#1. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

Type 1

Type 2

SOC 1

SOC 3

SOC 2

#2. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

Data Rights Management (DRM)

Metadata Rights Management (MRM)

Information Rights Management (IRM)

Media Rights Management (MDM)

#3. SaaS solution provides a full multitenant application, with all the architectural complexities of any large software platform. True or False

False

True

#4. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

Applistructure

Metastructure

Infostructure

Infrastructure

#5. Application security encompasses the following except.

Elasticity

Encryption protocol

Responsiveness.

DevOps

Higher baseline security

Independent virtual machines.

Isolated environments.

#6. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

False

True

#7. The applications deployed in the cloud and the underlying application services used to build them.

Metastructure

Applistructure

Infostructure

Infrastructure

#8. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

False

True

#9. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

IaaS

SaaS

PaaS

Private Cloud

#10. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

recovery acceptance agreement (RAG)

recovery service level (RSL)

recovery point objective (RPO)

recovery time gap (RTG)

#11. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

Client-side key management

External Key Management

Remote Key Management

Customer key management

#12. The cloud infrastructure is a composition of two or more clouds (private,community, or public) enables data and application portability.

Hybrid Cloud

IaaS

Private Cloud

Community Cloud

Public Cloud

#13. General Data Protection Regulation (GDPR)

Applies to the processing of personal data in the Japan

Applies to the processing of personal data in the EU/EEA

Applies to the processing of personal data in the Australia

Applies to the processing of personal data in the Canada

#14. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

Controls models or frameworks

Reference architectures

Conceptual models or frameworks

Design patterns

#15. You must create and manage your own encryption keys, and you must use your own tools to encrypt data prior to sending it to Cloud Storage.

Cloud key management

Client-side key management

Remote key management

External key management

#16. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

Payment Card industry (PCI)

NIST 800-53

Sarbanes–Oxley Act (SOX)

SOC 1

Gramm-Leach-Bliley Act

#17. A standard template for cloud providers to document their security and compliance controls is known as?

Consensus Assessment Initiative Questionnaire (CAIQ)

Cloud Controls Matrix (CCM

Cloud Access Security Broker (CASB)

Content Delivery Network (CDN)

#18. Widely considered to be the gold standard when it comes to security of information systems and their data.

FIPS 140-2

NIST 800-53

Directive 95/46/EC of the European (Data Protection Directive)

ISO 27001, (27001:2013)

#19. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

Inter-Cloud Provider

Cloud Access Security Broker (CASB

Cloud Broker

Cloud Service Provider (CSP)

#20. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

SaaS

Community Cloud

PaaS

IaaS

#21. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

Private Cloud

Community Cloud

SaaS

Paas

IaaS

#22. What is the fourth stage of the data life cycle?

#23. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

Private Cloud

Public Cloud

Hybrid Cloud

Community Cloud

IaaS

#24. What are the components of PaaS Encryption (choose all that apply)

Select all that apply:

Database encryption

Proxy encryption

Application layer encryption

Provider-managed encryption

#25. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

Create

Use

#26. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

True

False

#27. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

SaaS

PaaS

Public Cloud

Private Cloud

#28. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

True

False

#29. Which of the following is not a method of enforcing Lifecycle Management Security?

Backups and business continuity

Ensuring compliance

Dynamic masking

Managing data location/residency

#30. One of the core tenants of risk management is that you can manage, transfer, accept, or avoid risks. True or False

False

True

#31. Used for an inspection of the operating effectiveness of the controls.

SOC 1

SOC 3

SOC 2

Type 2

Type 1

#32. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

Conceptual models or frameworks

Controls models or frameworks

Reference architectures

Design patterns

#33. DLP implementation in the cloud comes with related difficulties and costs, True or False?

False

True

#34. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

Identify necessary security and compliance requirements, and any existing controls.

Define the architecture.

Identify control gaps.

Design and implement controls to fill the gaps

Identify provider access controls

Assess the security controls

#35. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

Cloud Access Security Broker (CASB)

Cloud Broker

Cloud Service Provider (CSP)

Inter-Cloud Provider

Refresh The Page to Try Again!!!

#1. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

#2. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

#3. SaaS solution provides a full multitenant application, with all the architectural complexities of any large software platform. True or False

#4. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

#5. Application security encompasses the following except.

#6. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

#7. The applications deployed in the cloud and the underlying application services used to build them.

#8. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#9. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#10. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

#11. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#12. The cloud infrastructure is a composition of two or more clouds (private,community, or public) enables data and application portability.

#13. General Data Protection Regulation (GDPR)

#14. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

#15. You must create and manage your own encryption keys, and you must use your own tools to encrypt data prior to sending it to Cloud Storage.

#16. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

#17. A standard template for cloud providers to document their security and compliance controls is known as?

#18. Widely considered to be the gold standard when it comes to security of information systems and their data.

#19. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#20. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#21. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#22. What is the fourth stage of the data life cycle?

#23. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

#24. What are the components of PaaS Encryption (choose all that apply)

#25. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

#26. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#27. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

#28. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

#29. Which of the following is not a method of enforcing Lifecycle Management Security?

#30. One of the core tenants of risk management is that you can manage, transfer, accept, or avoid risks. True or False

#31. Used for an inspection of the operating effectiveness of the controls.

#32. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#33. DLP implementation in the cloud comes with related difficulties and costs, True or False?

#34. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

#35. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

Results

Disclaimer

Facebook

Cloud Practice Exam 1

Refresh The Page to Try Again!!!

#1. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

#2. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

#3. SaaS solution provides a full multitenant application, with all the architectural complexities of any large software platform. True or False

#4. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

#5. Application security encompasses the following except.

#6. ITAR is a Department of State program. EAR is a Commerce Department program, True or False?

#7. The applications deployed in the cloud and the underlying application services used to build them.

#8. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#9. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#10. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?

#11. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#12. The cloud infrastructure is a composition of two or more clouds (private,community, or public) enables data and application portability.

#13. General Data Protection Regulation (GDPR)

#14. Includes visualizations and descriptions used to explain cloud security concepts and principles, such as the CSA logical model in this document

#15. You must create and manage your own encryption keys, and you must use your own tools to encrypt data prior to sending it to Cloud Storage.

#16. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

#17. A standard template for cloud providers to document their security and compliance controls is known as?

#18. Widely considered to be the gold standard when it comes to security of information systems and their data.

#19. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#20. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#21. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#22. What is the fourth stage of the data life cycle?

#23. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

#24. What are the components of PaaS Encryption (choose all that apply)

#25. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

#26. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#27. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?

#28. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False

#29. Which of the following is not a method of enforcing Lifecycle Management Security?

#30. One of the core tenants of risk management is that you can manage, transfer, accept, or avoid risks. True or False

#31. Used for an inspection of the operating effectiveness of the controls.

#32. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#33. DLP implementation in the cloud comes with related difficulties and costs, True or False?

#34. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

#35. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

Results

Share this: