Cloud Practice Exam 1

#1. A standard template for cloud providers to document their security and compliance controls is known as?

Cloud Controls Matrix (CCM

Cloud Access Security Broker (CASB)

Consensus Assessment Initiative Questionnaire (CAIQ)

Content Delivery Network (CDN)

#2. In Cloud Data Access Controls the management plane consist of the following.

applications on the cloud platform to design and implement your own controls to manage access

Controls for managing access of users that directly access the cloud platform’s management plane

data is shared externally to the public or partners that don’t have direct access to the cloud platform, t

#3. Determining the costs of compliance should which include the following (choose all that apply)

Select all that apply:

The legislative and contractual requirements mandated for your organization

Your organization’s regulatory restrictions.

The type of encryption your company uses

The types and locations of your customers

The industry the organization is in

#4. The five main phases in secure application design and development include the following except.

Training

Define

Assign

Design

Test

Develop

#5. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

Reference architectures

Controls models or frameworks

Design patterns

Conceptual models or frameworks

#6. Cloud Data Access Controls include all but the following.

Public and internal sharing controls

Management plane

Application level controls

Private Access Controls

#7. Egress Monitoring (DLP) address which of the following?

Select all that apply:

Additional Security

Enhanced Monitoring

Encryption Enforcement

Policy Enforcement

Regulatory Compliance

#8. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

Client-side key management

Customer key management

External Key Management

Remote Key Management

#9. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

Cloud Broker

Cloud Access Security Broker (CASB)

Cloud Service Provider (CSP)

Inter-Cloud Provider

#10. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

True

False

#11. What is the fourth stage of the data life cycle?

Destroy

Share

Store

Create

Archive

Use

#12. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

False

True

#13. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

Applistructure

Infostructure

Metastructure

Infrastructure

#14. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

IaaS

SaaS

PaaS

Private Cloud

Public Cloud

#15. Cloud vendor becomes responsible for administering, patching, and updating this software as well as all the infrastructure, computer and storage needs.

IaaS

NaaS

PaaS

SaaS

#16. The three methods of data discovery are the following.

preservation, dispersion and replication

Data distribution, labels and e-discovery

Dynamic. Transactional and Static

metadata, labels, and content analysis.

#17. Data retention policies covers all of the following except.

Accessibility of Archives

Storage Technologies

Cost

Format of the Stored Data

Duration of Data Storage

#18. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

PaaS

NIST

IaaS

SaaS

#19. Used for an inspection of the operating effectiveness of the controls.

SOC 3

Type 1

SOC 2

Type 2

SOC 1

#20. Which of the following is incorrect, with regards to data storage?

Object-based storage stores data as objects in a volume, with labels and metadata.

File-based is a cloud storage architecture that manages the data in a hierarchy of files.

Databases store data in fields, in a relational motif.

CDN stores data in caches of copied content near locations of high demand

None, they are all correct

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

SaaS

Private Cloud

IaaS

PaaS

#22. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

Conceptual Model

Reference Model

Controls Matrix Model

Controls model

#23. What are the components of IaaS Encryption (choose all that apply)

Select all that apply:

Client-side encryption

Instance-managed encryption:

Server-side encryption

Externally managed encryption

Application layer encryption

#24. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

True

False

#25. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

True

False

#26. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management is known as.

recovery point objective (RPO)

recovery point level (RPL)

data recovery implementation

recovery service level (RSL)

#27. Actively scans running applications with penetration tests to detect possible security vulnerabilities.

Encryption Application security testing (EAST)

Dynamic Application Security Testing (DAST)

Static application security testing (SAST)

#28. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

Personal Information Protection and Electronic Documents Act (PIPEDA

EU GDPR

The Trans-Atlantic Data Privacy Framework

Network Information Security (NIS) Directive

#29. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

SOC 2

SOC 3

Type 2

Type 1

SOC 1

#30. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

Public Cloud

Private Cloud

Community Cloud

Hybrid Cloud

#31. Which of the following is not one of the five Cloud Characteristics?

Resource pooling

They are all Cloud Characteristics

Measured or “metered” service

Rapid elasticity

Broad network access

On-demand self-service

#32. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

Create

Use

Share

Archive

Store

#33. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

Community Cloud

Private Cloud

Public Cloud

Hybrid Cloud

#34. The cloud customer is basically only involved in uploading and processing data in the production environment

PaaS

SaaS

IaaS

Data discovery

#35. Which of the four methods is not a potential options for handling key management?

Virtual appliance/software

Proxy encryption

Hybrid

Cloud provider service

hardware security module (HSM)

Torque Bleu Media

Refresh The Page to Try Again!!!

#1. A standard template for cloud providers to document their security and compliance controls is known as?

#2. In Cloud Data Access Controls the management plane consist of the following.

#3. Determining the costs of compliance should which include the following (choose all that apply)

#4. The five main phases in secure application design and development include the following except.

#5. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#6. Cloud Data Access Controls include all but the following.

#7. Egress Monitoring (DLP) address which of the following?

#8. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#9. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

#10. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

#11. What is the fourth stage of the data life cycle?

#12. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#13. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

#14. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#15. Cloud vendor becomes responsible for administering, patching, and updating this software as well as all the infrastructure, computer and storage needs.

#16. The three methods of data discovery are the following.

#17. Data retention policies covers all of the following except.

#18. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

#19. Used for an inspection of the operating effectiveness of the controls.

#20. Which of the following is incorrect, with regards to data storage?

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#22. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

#23. What are the components of IaaS Encryption (choose all that apply)

#24. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#25. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

#26. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management is known as.

#27. Actively scans running applications with penetration tests to detect possible security vulnerabilities.

#28. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

#29. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

#30. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#31. Which of the following is not one of the five Cloud Characteristics?

#32. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

#33. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#34. The cloud customer is basically only involved in uploading and processing data in the production environment

#35. Which of the four methods is not a potential options for handling key management?

Results

Facebook

Cloud Practice Exam 1

Refresh The Page to Try Again!!!

#1. A standard template for cloud providers to document their security and compliance controls is known as?

#2. In Cloud Data Access Controls the management plane consist of the following.

#3. Determining the costs of compliance should which include the following (choose all that apply)

#4. The five main phases in secure application design and development include the following except.

#5. Uses templates for implementing cloud security, typically generalized (e.g. an IaaS security reference architecture). They can be very abstract, bordering on conceptual, or quite detailed, down to specific controls and functions.

#6. Cloud Data Access Controls include all but the following.

#7. Egress Monitoring (DLP) address which of the following?

#8. Keys are maintained and controlled by the customer at their own location. This offers the highest degree of security for the customer.

#9. A third-party entity offering independent identity and access management (IAM) services to CSPs and cloud customers, often as an intermediary

#10. Outsourcing Key Management Keys should be stored with the data they’re protecting. True or False

#11. What is the fourth stage of the data life cycle?

#12. Test data generation and Dynamic masking are techniques to protect data used in development and test environments. True or False?

#13. Includes the most change, because it becomes the “virtual infrastructure” that the customer is in complete control of (and responsible for) securing.

#14. Multitenant environments; multiple customers will share the underlying resources that are owned and operated by the provider.

#15. Cloud vendor becomes responsible for administering, patching, and updating this software as well as all the infrastructure, computer and storage needs.

#16. The three methods of data discovery are the following.

#17. Data retention policies covers all of the following except.

#18. Google Docs, Microsoft’s Office 365, and QuickBooks Online are all examples of what Cloud Service?

#19. Used for an inspection of the operating effectiveness of the controls.

#20. Which of the following is incorrect, with regards to data storage?

#21. Transparent Database Encryption (TDE) is used in which of the Cloud Service Models.

#22. a visual representation that helps to illustrate the expected relationship between cause and effect in a financial context

#23. What are the components of IaaS Encryption (choose all that apply)

#24. Legal Frameworks Governing Data Protection and Privacy are rooted primarily in location of cloud provider,cloud user, data subject and servers, True or False?

#25. Infrastructure as a Service represents the closest that Cloud comes to a traditional data center True or False.

#26. The amount of data a company would need to maintain and recover in order to function at a level acceptable to management is known as.

#27. Actively scans running applications with penetration tests to detect possible security vulnerabilities.

#28. The transfer of data from the European Union to the US,It addresses concerns regarding the expansive data collection activities of U.S. intelligence agencies.

#29. Used for publicly high-level report by an independent CPA, a SOC engagement was performed.

#30. The cloud infrastructure is operated solely for a single organization. It may be managed by the organization or by a third party and may be located on-premises or off premises.

#31. Which of the following is not one of the five Cloud Characteristics?

#32. Cloud customers should also consider implementing some form of egress monitoring in during this phase.

#33. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns. It may be managed by the organizations or by a third party and may be located on-premises or off-premises.

#34. The cloud customer is basically only involved in uploading and processing data in the production environment

#35. Which of the four methods is not a potential options for handling key management?

Results

Share this: