During which stage of the SDLC process should security be consulted and begin its
initial involvement?

A.

Testing

B.

Design

C.

Development

D.

Requirement gathering

Why are PaaS environments at a higher likelihood of suffering backdoor
vulnerabilities?

A.

They rely on virtualization.

B.

They are often used for software development.

C.

They have multitenancy.

D.

They are scalable.

You are in charge of creating the BCDR plan and procedures for your organization. Your
organization has its production environment hosted by a cloud provider, and you have
appropriate protections in place.
Which of the following is a significant consideration for your BCDR backup?
Response:

A.

Enough personnel at the BCDR recovery site to ensure proper operations

B.

Good cryptographic key management

C.

Access to the servers where the BCDR backup is stored

D.

Forensic analysis capabilities

DLP can be combined with what other security technology to enhance data controls?
Response:

A.

DRM

B.

SIEM

C.

Kerberos

D.

Hypervisors

Which of the following is considered an administrative control?

A.

Access control process

B.

Keystroke logging

C.

Door locks

D.

Biometric authentication

The cloud deployment model that features organizational ownership of the hardware and
infrastructure, and usage only by members of that organization, is known as:
Response:

A.

Private

B.

Public

C.

Hybrid

D.

Motive

Using one cloud provider for your operational environment and another for your
BCDR backup will also give you the additional benefit of ____________.
Response:

A.

Allowing any custom VM builds you use to be instantly ported to another environment

B.

Avoiding vendor lock-in/lockout

C.

Increased performance

D.

Lower cost

The Transport Layer Security (TLS) protocol creates a secure communications channel
over public media (such as the Internet). In a typical TLS session, what is the usual means
for establishing trust between the parties?
Response:

A.

Out-of-band authentication

B.

Multifactor authentication

C.

 PKI certificates

D.

Preexisting knowledge of each other

Vulnerability scans are dependent on ________ in order to function.
Response:

A.

Privileged access

B.

Vulnerability signatures

C.

Malware libraries

D.

Forensic analysis

Different types of cloud deployment models use different types of storage from
traditional data centers, along with many new types of software platforms for
deploying applications and configurations. Which of the following is NOT a storage
type used within a cloud environment?

A.

Docker

B.

Object

C.

Structured

D.

Volume