Refresh The Page to Try Again!!!
#1. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False
#2. A provider owns the underlying infrastructure, but it’s provisioned and made available solely for the use of the specific community is known as.
#3. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),
#4. Egress Monitoring (DLP) address which of the following?
Select all that apply:
#5. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context
#6. Determining the costs of compliance should which include the following (choose all that apply)
Select all that apply:
#7. Targets US financial and insurance institutions and requires them to protect account holders’ private information.
#8. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems
#9. What are the components of PaaS Encryption (choose all that apply)
Select all that apply:
#10. Lists cloud security controls and maps them to multiple security and compliance standards.
#11. Detects application vulnerabilities by scanning the source code and binaries to detect problems before the code is loaded into memory and run
#12. Cloud Data Storage Types include all but the following.
#13. The vendor will be responsible for patching, administering, and updating the OS.
#14. Used for Security Availability, processing integrity, and privacy, the controls of an org are in line with security
#15. Reusable solutions to particular problems. In security, an example is IaaS log management.
#16. A community cloud can also be provisioned by a third party on behalf of the various members of the community. (FEDramp cloud) True or False?
#17. The Act on the Protection of Personal Information (APPI), adopted as early as 2003, was one of the first data protection regulations in Asia.
#18. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.
#19. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.
#20. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?
#21. A standard template for cloud providers to document their security and compliance controls is known as?
#22. One of the core tenants of risk management is that you can manage, transfer, accept, or avoid risks. True or False
#23. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.
#24. Used for an inspection of the operating effectiveness of the controls.
#25. A content delivery network (CDN) is a form of data caching, usually near geophysical locations of high use/demand, for copies of data commonly requested by user. True or False
#26. The production percentage service level that needs to be restored to meet BCDR objectives in the case of a failure is known as?
#27. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False
#28. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.
#29. What is the second stage of the data life cycle?
#30. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management is known as.
#31. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.
#32. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.
#33. Offers access to a resource pool of fundamental computing infrastructure, such as compute, network, or storage.
#34. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.
#35. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.
Results
Good Job You’re On Your Way!!
You’re NOT ready!!
Get Back to the Books!!