Topic 1: Exam Pool A
Of the following, which is probably the most significant risk in a managed cloud
environment?
Response:
A.
DDoS
B.
Management plane breach
C.
Guest escape
D.
Physical attack on the utility service lines
Management plane breach
You have been tasked with creating an audit scope statement and are making your
project outline. Which of the following is NOT typically included in an audit scope
statement?
A.
Statement of purpose
B.
Deliverables
C.
Classification
D.
Costs
Costs
Cloud environments pose many unique challenges for a data custodian to properly
adhere to policies and the use of data. What poses the biggest challenge for a data
custodian with a PaaS implementation, over and above the same concerns with
IaaS?
Response:
A.
Access to systems
B.
Knowledge of systems
C.
Data classification rules
D.
Contractual requirements
Knowledge of systems
Log data should be protected ____________.
Response:
A.
One level below the sensitivity level of the systems from which it was collected
B.
At least at the same sensitivity level as the systems from which it was collected
C.
With encryption in transit, at rest, and in use
D.
According to NIST guidelines
At least at the same sensitivity level as the systems from which it was collected
Which of the following is not a reason for conducting audits?
A.
Regulatory compliance
B.
User satisfaction
C.
Determination of service quality
D.
Security assurance
User satisfaction
Under EU law, a cloud customer who gives sensitive data to a cloud provider is still
legally responsible for the damages resulting from a data breach caused by the
provider; the EU would say that it is the cloud customer’s fault for choosing the
wrong provider.
This is an example of insufficient ____________.
A.
Proof
B.
Evidence
C.
Due diligence
D.
Application of reasonableness
Due diligence
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats
to organizations participating in cloud computing.
According to the CSA, what is one reason the threat of insecure interfaces and APIs is so
prevalent in cloud computing?
Response:
A.
Cloud customers and third parties are continually enhancing and modifying APIs.
B.
APIs can have automated settings.
C.
It is impossible to uninstall APIs.
D.
APIs are a form of malware.
Cloud customers and third parties are continually enhancing and modifying APIs.
A honeypot can be used for all the following purposes except ____________.
Response:
A.
Gathering threat intelligence
B.
Luring attackers
C.
Distracting attackers
D.
Delaying attackers
Luring attackers
Who is the entity identified by personal data?
Response:
A.
The data owner
B.
The data processor
C.
The data custodian
D.
The data subject
The data subject
Egress monitoring solutions usually include a function that ____________.
Response:
A.
Uses biometrics to scan users
B.
Inspects incoming packets
C.
Resides on client machines
D.
Uses stateful inspection
Resides on client machines
Page 5 out of 52 Pages |
Previous |