Cloud Practice Exam 1

#1. Reusable solutions to particular problems. In security, an example is IaaS log management.

Controls models or frameworks

Design patterns

Reference architectures

Conceptual models or frameworks

#2. Cloud Data Access Controls include all but the following.

Management plane

Application level controls

Public and internal sharing controls

Private Access Controls

#3. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

Payment Card industry (PCI)

NIST 800-53

Sarbanes–Oxley Act (SOX)

Directive 95/46/EC

Gramm-Leach-Bliley Act

#4. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

External Key Management

Remote Key Management

Customer key management

Client-side key management

#5. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

True

False

#6. The vendor will be responsible for patching, administering, and updating the OS.

Paas

IaaS

SaaS

Private Cloud

#7. What is the fourth stage of the data life cycle?

Use

#8. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

Network Information Security Directive (NIS Directive)

The Gramm-Leach-Bliley Act

Directive 95/46/EC of the European (Data Protection Directive)

Sarbanes–Oxley Act (SOX)

#9. The applications deployed in the cloud and the underlying application services used to build them.

Infrastructure

Infostructure

Applistructure

Metastructure

#10. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

Select all that apply:

Cloud Access Security Brokers (CASB)

Content Delivery Network (CDN)

Consensus Assessment Initiative Questionnaire (CAIQ)

Cloud Controls Matrix (CCM)

#11. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

Infostructure

Metastructure

Applistructure

Infastructure

#12. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

Anonymization

Masking

Randomization

Obfuscation

#13. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

Hybrid Cloud

Private Cloud

Public Cloud

Community Cloud

#14. Used for an inspection of the operating effectiveness of the controls.

Type 1

SOC 2

SOC 1

SOC 3

Type 2

#15. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

Reference architectures

Controls models or frameworks

Conceptual models or frameworks

Design patterns

#16. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management.

recovery file assessment

recovery service level (RSL)

Acceptable Use Policy

recovery point objective (RPO)

#17. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

Public Cloud

SaaS

PaaS

IaaS

Private Cloud

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

False

True

#19. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

SaaS

PaaS

IaaS

Public Cloud

#20. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

Cloud Broker

Cloud Service Provider (CSP)

Inter-Cloud Provider

Cloud Access Security Broker (CASB

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

Private Cloud

PaaS

IaaS

SaaS

#22. Which of the following is not a method of enforcing Lifecycle Management Security?

Dynamic masking

Backups and business continuity

Managing data location/residency

Ensuring compliance

#23. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

SOC 1

NIST 800-53

Gramm-Leach-Bliley Act

Payment Card industry (PCI)

Sarbanes–Oxley Act (SOX)

#24. The five main phases in secure application design and development include the following except.

Define

Test

Training

Develop

Design

Assign

#25. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

Public Cloud

Hybrid Cloud

Community Cloud

Private Cloud

#26. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

IaaS

SaaS

PaaS

Community Cloud

#27. A set of resources (racks, blades, software packages) owned by the single customer but located and maintained at the cloud provider’s data center is a part of?

Private Cloud

IaaS

SaaS

Public Cloud

#28. Which of the following is NOT a Cloud security model?

Conceptual models or frameworks

Design patterns

Reference architectures

Cloud Management Plane Framework

Controls models or frameworks

#29. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

True

False

#30. Which of the four methods is not a potential options for handling key management?

Virtual appliance/software

Cloud provider service

hardware security module (HSM)

Hybrid

Proxy encryption

#31. What is the second stage of the data life cycle?

Use

Share

Prevent

Store

Create

#32. DLP implementation in the cloud comes with related difficulties and costs, True or False?

True

False

#33. What are the six stages of the Data Life Cycle?

Archive,Destroy,Use,Store,Share,Create

Create,Store,Use,Share,Archive,Destroy

Store,Share,Create,Archive,Destroy,Use

Create,Archive,Destroy,Use,Store,Share

#34. Involves managing, controlling and securing content from unwanted access.

Cloud Customer

Information rights management (IRM)

Inter-Cloud Provider

Digital rights management (DRM)

#35. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

Create

Use

Share

Destroy

Store

Refresh The Page to Try Again!!!

#1. Reusable solutions to particular problems. In security, an example is IaaS log management.

#2. Cloud Data Access Controls include all but the following.

#3. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

#4. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#5. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#6. The vendor will be responsible for patching, administering, and updating the OS.

#7. What is the fourth stage of the data life cycle?

#8. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

#9. The applications deployed in the cloud and the underlying application services used to build them.

#10. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

#11. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

#12. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

#13. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#14. Used for an inspection of the operating effectiveness of the controls.

#15. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

#16. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management.

#17. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

#19. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

#20. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#22. Which of the following is not a method of enforcing Lifecycle Management Security?

#23. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

#24. The five main phases in secure application design and development include the following except.

#25. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#26. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#27. A set of resources (racks, blades, software packages) owned by the single customer but located and maintained at the cloud provider’s data center is a part of?

#28. Which of the following is NOT a Cloud security model?

#29. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

#30. Which of the four methods is not a potential options for handling key management?

#31. What is the second stage of the data life cycle?

#32. DLP implementation in the cloud comes with related difficulties and costs, True or False?

#33. What are the six stages of the Data Life Cycle?

#34. Involves managing, controlling and securing content from unwanted access.

#35. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

Results

Disclaimer

Facebook

Cloud Practice Exam 1

Refresh The Page to Try Again!!!

#1. Reusable solutions to particular problems. In security, an example is IaaS log management.

#2. Cloud Data Access Controls include all but the following.

#3. Forces executives to oversee all accounting practices, it also holds them accountable for fraudulent/deceptive activity.

#4. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#5. The primary security responsibilities of the cloud provider in compute virtualization are to enforce isolation and maintain a secure virtualization infrastructure. True or False.

#6. The vendor will be responsible for patching, administering, and updating the OS.

#7. What is the fourth stage of the data life cycle?

#8. Establishes a framework to enable networks and information systems to resist, at a given level of confidence, actions that compromise the availability, authenticity, integrity, or confidentiality of stored data.

#9. The applications deployed in the cloud and the underlying application services used to build them.

#10. The Cloud Security Alliance provides two tools for cloud security concepts and principles. (Choose Two)

#11. Acts as the glue that binds the technologies together and enables management and configuration remotely of a customer’s cloud environment.

#12. Removing the telltale nonspecific identifiers is called? (Data must be marked as sensitive when it is created)

#13. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#14. Used for an inspection of the operating effectiveness of the controls.

#15. Categorized and detail specific cloud security controls or categories of controls, such as the CSA CCM

#16. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management.

#17. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#18. The key difference between cloud and traditional computing is the metastructure. True or False.

#19. Full application that’s managed and hosted by the provider. Consumers access it with a web browser, mobile app, or a lightweight client app.

#20. Responsible for peering with other cloud services and providers, as well as overseeing and managing federations and federated services.

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#22. Which of the following is not a method of enforcing Lifecycle Management Security?

#23. A guidance document with the primary goal of ensuring that appropriate security requirements and controls are applied to all US federal government information in information management systems

#24. The five main phases in secure application design and development include the following except.

#25. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#26. Experiences Data lock-in, in the same way as in SaaS, but in this case the onus is completely on the customer to create compatible export routines.

#27. A set of resources (racks, blades, software packages) owned by the single customer but located and maintained at the cloud provider’s data center is a part of?

#28. Which of the following is NOT a Cloud security model?

#29. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

#30. Which of the four methods is not a potential options for handling key management?

#31. What is the second stage of the data life cycle?

#32. DLP implementation in the cloud comes with related difficulties and costs, True or False?

#33. What are the six stages of the Data Life Cycle?

#34. Involves managing, controlling and securing content from unwanted access.

#35. Cryptographic erasure (cryptoshredding) should be used during this phase of the data life cycle.

Results

Share this: