Refresh The Page to Try Again!!!
#1. Rackspace, Microsoft’s Azure, and Amazon Web Services (AWS) are examples of?
#2. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management.
#3. A set of resources (racks, blades, software packages) owned by the single customer but located and maintained at the cloud provider’s data center is a part of?
#4. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.
#5. It is best practice to identify requirements, design the architecture, and then identify the gaps based on the capabilities of the underlying cloud platform. True or False
#6. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM
#7. What is the fourth stage of the data life cycle?
#8. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.
#9. One of the core tenants of risk management is that you can manage, transfer, accept, or avoid risks. True or False
#10. Which of the following is NOT a Cloud security model?
#11. A provider owns the underlying infrastructure, but it’s provisioned and made available solely for the use of the specific community is known as.
#12. What is the second stage of the data life cycle?
#13. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.
#14. Allows customers to maintain separation between data at rest and encryption keys while still leveraging the power of cloud for compute and analytics.
#15. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary
#16. The three methods of data discovery are the following.
#17. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.
#18. Determining the costs of compliance should which include the following (choose all that apply)
Select all that apply:
#19. A standard template for cloud providers to document their security and compliance controls is known as?
#20. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.
#21. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.
#22. Which of the four methods is not a potential options for handling key management?
#23. Widely considered to be the gold standard when it comes to security of information systems and their data.
#24. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.
#25. Privacy laws are either Omnibus-covers all categories of personal data or sectoral;covers only specific categories of personal data. True or False
#26. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context
#27. What are the six stages of the Data Life Cycle?
#28. Cloud vendor becomes responsible for administering, patching, and updating this software as well as all the infrastructure, computer and storage needs.
#29. A customer-managed key allows a cloud customer to manage their own encryption key while the provider manages the encryption engine. True or False?
#30. DLP implementation in the cloud comes with related difficulties and costs, True or False?
#31. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.
#32. The cloud customer is basically only involved in uploading and processing data in the production environment
#33. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.
#34. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.
#35. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.
Results
Good Job You’re On Your Way!!
You’re NOT ready!!
Get Back to the Books!!