Cloud Practice Exam 1

#1. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

IaaS

Paas

SaaS

Private Cloud

Community Cloud

#2. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

Controls models or frameworks

Conceptual models or frameworks

Design patterns

Reference architectures

#3. General Data Protection Regulation (GDPR) includes the following except.

Accountability Obligations

Discrepancies among Member States:

Breaches of Security

Encryption Standards

Sanctions

Cross-border Data Transfer Restrictions

Data Subjects’ Rights:

#4. What are the components of PaaS Encryption (choose all that apply)

Select all that apply:

Database encryption

Provider-managed encryption

Proxy encryption

Application layer encryption

#5. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

Inter-Cloud Provider

Cloud Broker

Cloud Service Provider (CSP)

Cloud Access Security Broker (CASB)

#6. Allows customers to maintain separation between data at rest and encryption keys while still leveraging the power of cloud for compute and analytics.

Customer key management

External key management

Client-side key management

Remote key management

#7. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

IaaS

Community Cloud

Hybrid Cloud

Private Cloud

Public Cloud

#8. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

Cloud Access Security Broker (CASB

Cloud Service Provider (CSP)

Inter-Cloud Provider

Cloud Broker

#9. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

Controls models or frameworks

Reference architectures

Design patterns

Conceptual models or frameworks

#10. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

Masking

Randomization

Obfuscation

Anonymization

#11. The core components of a computing system: compute, network, and storage is known as?

Metastructure

Infrastructure

Applistructure

Infostructure

#12. Targets US financial and insurance institutions and requires them to protect account holders’ private information.

FIPS 140-2

NIST 800-53

Gramm-Leach-Bliley Act

FIPS 140-5

Sarbanes–Oxley Act (SOX)

#13. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

Public Cloud

Private Cloud

IaaS

SaaS

PaaS

#14. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

True

False

#15. Lists cloud security controls and maps them to multiple security and compliance standards.

Consensus Assessment Initiative Questionnaire (CAIQ)

Enterprise risk management

Cloud Controls Matrix (CCM)

Content analysis

#16. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

The Gramm-Leach-Bliley Act

NIST 800-53

FIPS 140-2

The Sarbanes–Oxley Act (SOX)

#17. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

Conceptual Model

Reference Model

Controls Matrix Model

Controls model

#18. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

SaaS

IaaS

Community Cloud

PaaS

#19. In Cloud Data Access Controls the management plane consist of the following.

data is shared externally to the public or partners that don’t have direct access to the cloud platform, t

Controls for managing access of users that directly access the cloud platform’s management plane

applications on the cloud platform to design and implement your own controls to manage access

#20. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

Infostructure

Infrastructure

Metastructure:

Applistructure

#21. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

Client-side key management

Customer key management

External Key Management

Remote Key Management

#22. What is the second stage of the data life cycle?

Prevent

#23. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

Media Rights Management (MDM)

Data Rights Management (DRM)

Information Rights Management (IRM)

Metadata Rights Management (MRM)

#24. Widely considered to be the gold standard when it comes to security of information systems and their data.

ISO 27001, (27001:2013)

Directive 95/46/EC of the European (Data Protection Directive)

FIPS 140-2

NIST 800-53

#25. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

Store

Use

Create

Share

Destroy

#26. Application security encompasses the following except.

Encryption protocol

Elasticity

Responsiveness.

DevOps

Isolated environments.

Higher baseline security

Independent virtual machines.

#27. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

PaaS

IaaS

SaaS

NIST

#28. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

Design and implement controls to fill the gaps

Define the architecture.

Identify necessary security and compliance requirements, and any existing controls.

Identify provider access controls

Assess the security controls

Identify control gaps.

#29. What are the six stages of the Data Life Cycle?

Create,Store,Use,Share,Archive,Destroy

Create,Archive,Destroy,Use,Store,Share

Archive,Destroy,Use,Store,Share,Create

Store,Share,Create,Archive,Destroy,Use

#30. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

Sarbanes–Oxley Act (SOX)

Payment Card industry (PCI)

Gramm-Leach-Bliley Act

Directive 95/46/EC

NIST 800-53

#31. A provider owns the underlying infrastructure, but it’s provisioned and made available solely for the use of the specific community is known as.

Community Cloud

Public Cloud

Private Cloud

IaaS

#32. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

Private Cloud

Hybrid Cloud

Public Cloud

Community Cloud

#33. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

True

False

#34. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

Community Cloud

Private Cloud

Hybrid Cloud

Public Cloud

#35. Egress Monitoring (DLP) address which of the following?

Select all that apply:

Regulatory Compliance

Encryption Enforcement

Additional Security

Enhanced Monitoring

Policy Enforcement

Torque Bleu Media

Refresh The Page to Try Again!!!

#1. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#2. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#3. General Data Protection Regulation (GDPR) includes the following except.

#4. What are the components of PaaS Encryption (choose all that apply)

#5. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

#6. Allows customers to maintain separation between data at rest and encryption keys while still leveraging the power of cloud for compute and analytics.

#7. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

#8. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#9. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

#10. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

#11. The core components of a computing system: compute, network, and storage is known as?

#12. Targets US financial and insurance institutions and requires them to protect account holders’ private information.

#13. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#14. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#15. Lists cloud security controls and maps them to multiple security and compliance standards.

#16. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

#17. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

#18. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#19. In Cloud Data Access Controls the management plane consist of the following.

#20. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

#21. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#22. What is the second stage of the data life cycle?

#23. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

#24. Widely considered to be the gold standard when it comes to security of information systems and their data.

#25. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

#26. Application security encompasses the following except.

#27. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

#28. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

#29. What are the six stages of the Data Life Cycle?

#30. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

#31. A provider owns the underlying infrastructure, but it’s provisioned and made available solely for the use of the specific community is known as.

#32. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

#33. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#34. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#35. Egress Monitoring (DLP) address which of the following?

Results

Facebook

Cloud Practice Exam 1

Refresh The Page to Try Again!!!

#1. Provides development or application platforms, such as databases, application platforms (e.g. a place to run Python, PHP, or other code),

#2. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#3. General Data Protection Regulation (GDPR) includes the following except.

#4. What are the components of PaaS Encryption (choose all that apply)

#5. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

#6. Allows customers to maintain separation between data at rest and encryption keys while still leveraging the power of cloud for compute and analytics.

#7. A customer uses Private cloud resources for their legacy production environment, accessed remotely by their users, but also employs PaaS function for software development/testing, away from the production environment.

#8. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#9. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

#10. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

#11. The core components of a computing system: compute, network, and storage is known as?

#12. Targets US financial and insurance institutions and requires them to protect account holders’ private information.

#13. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#14. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#15. Lists cloud security controls and maps them to multiple security and compliance standards.

#16. A NIST document that describes the process for accrediting and cryptosystems for use by the US federal government.

#17. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

#18. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#19. In Cloud Data Access Controls the management plane consist of the following.

#20. The protocols and mechanisms that provide the interface between the infrastructure layer and the other layers.

#21. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#22. What is the second stage of the data life cycle?

#23. Protection of consumer media, such as music, publications, video, movies, and so on, is known as what.

#24. Widely considered to be the gold standard when it comes to security of information systems and their data.

#25. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

#26. Application security encompasses the following except.

#27. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

#28. To establish a A Simple Cloud Security Process Model is it best practice to do the following except.

#29. What are the six stages of the Data Life Cycle?

#30. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

#31. A provider owns the underlying infrastructure, but it’s provisioned and made available solely for the use of the specific community is known as.

#32. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.

#33. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#34. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#35. Egress Monitoring (DLP) address which of the following?

Results

Share this: