Topic 1: Exam Pool A
The use of which of the following technologies will NOT require the security
dependency of an operating system, other than its own?
A.
Management plane
B.
Type 1 hypervisor
C.
Type 2 hypervisor
D.
Virtual machine
Type 1 hypervisor
Which of the following is characterized by a set maximum capacity?
Response:
A.
A secret-sharing-made-short (SSMS) bit-splitting implementation
B.
A tightly coupled cloud storage cluster
C.
A loosely coupled cloud storage cluster
D.
A public-key infrastructure
A tightly coupled cloud storage cluster
Which of the following is a possible negative aspect of bit-splitting?
A.
Greater chance of physical theft of assets
B.
Loss of public image
C.
Some risk to availability, depending on the implementation
D.
A small fire hazard
Some risk to availability, depending on the implementation
What sort of legal enforcement may the Payment Card Industry (PCI) Security
Standards Council not bring to bear against organizations that fail to comply with
the Payment Card Industry Data Security Standard (PCI DSS)?
Response:
A.
Fines
B.
Jail time
C.
Suspension of credit card processing privileges
D.
Subject to increased audit frequency and scope
Jail time
Each of the following are dependencies that must be considered when reviewing the
BIA after cloud migration except:
Response:
A.
The cloud provider’s suppliers
B.
The cloud provider’s vendors
C.
The cloud provider’s utilities
D.
The cloud provider’s resellers
The cloud provider’s resellers
Which Common Criteria Evaluation Assurance Level (EAL) is granted to those
products that are formally verified in terms of design and tested by an independent
third party?
A.
1
B.
3
C.
5
D.
7
7
Which of the following best describes data masking?
Response:
A.
A method where the last few numbers in a dataset are not obscured. These are often
used for authentication.
B.
A method for creating similar but inauthentic datasets used for software testing and user
training.
C.
A method used to protect prying eyes from data such as social security numbers and
credit card data.
D.
Data masking involves stripping out all similar digits in a string of numbers so as to
obscure the original number.
A method for creating similar but inauthentic datasets used for software testing and user
training.
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common
threats to organizations participating in cloud computing.
According to the CSA, what is one reason the threat of insecure interfaces and APIs
is so prevalent in cloud computing?
Response:
A.
Most of the cloud customer’s interaction with resources will be performed through APIs.
B.
APIs are inherently insecure.
C.
Attackers have already published vulnerabilities for all known APIs.
D.
APIs are known carcinogens.
Most of the cloud customer’s interaction with resources will be performed through APIs.
You are the security policy lead for your organization, which is considering
migrating from your on-premises, legacy environment into the cloud. You are
reviewing the Cloud Security Alliance Cloud Controls Matrix (CSA CCM) as a tool for
your organization.
Which of the following benefits will the CSA CCM offer your organization?Response:
A.
Simplifying regulatory compliance
B.
Collecting multiple data streams from your log files
C.
Ensuring that the baseline configuration is applied to all systems
D.
Enforcing contract terms between your organization and the cloud provider
Simplifying regulatory compliance
SOX was enacted because of which of the following?
Response:
A.
Poor BOD oversight
B.
Lack of independent audits
C.
Poor financial controls
D.
All of the above
All of the above
Page 3 out of 52 Pages |
Previous |