MANAGING CLOUD SECURITY UPDATED EXAM SCRIPT
QUESTIONS AND ANSWERS GRADED A+
✔✔What is a key capability of security information and event management?
A Intrusion prevention capabilities
B Automatic remediation of issues
C Centralized collection of log data
D Secure remote access - ✔✔C
✔✔Which data source provides auditability and traceability for event investigation as
well as documentation?
A Storage files
B Packet capture
C Network interference
D Database tables - ✔✔B
✔✔Which data source provides auditability and traceability for event investigation as
well as documentation?
A Network segmentation
B Ephemeral storage
C Database schema
D Virtualization platform logs - ✔✔D
✔✔Which technology is used to manage identity access management by building trust
relationships between organizations?
A Single sign-on
B Multifactor authentication
C Federation
D Biometric authentication - ✔✔C
✔✔Which term describes the action of confirming identity access to an information
system?
A Coordination
B Concept
C Access
D Authentication - ✔✔D
✔✔Which cloud computing tool is used to discover internal use of cloud services using
various mechanisms such as network monitoring?
,A Data loss prevention (DLP)
B Content delivery network (CDN)
C Cloud access security broker (CASB)
D Web application firewall (WAF) - ✔✔C
✔✔Which cloud computing technology unlocks business value through digital and
physical access to maps?
A Multitenancy
B Cloud application
C Application programming interface
D On-demand self-service - ✔✔C
✔✔Which cloud computing tool may help detect data migrations to cloud services?
A Uniform resource locator (URL) filtering
B Cloud security gateways
C Cloud data transfer
D Data loss prevention - ✔✔D
✔✔What is a key component of the infrastructure as a service (IaaS) cloud service
model?
A Allows choice and reduces lock-in
B Supports multiple languages and frameworks
C Ease of use and limited administration
D High reliability and resilience - ✔✔D
✔✔What is a key capability of infrastructure as a service (IaaS)?
A Hosted application management
B Converged network and IT capacity pool
C Leased application and software licensing
D Multiple hosting environments - ✔✔B
✔✔Which option should an organization choose if there is a need to avoid software
ownership?
A Software as a service (SaaS)
B Platform as a service (PaaS)
C Containers as a service (CaaS)
D Infrastructure as a service (IaaS) - ✔✔A
✔✔Which cloud model offers access to a pool of fundamental IT resources such as
computing, networking, or storage?
,A Infrastructure
B Platform
C Application
D Data - ✔✔A
✔✔In which situation could cloud clients find it impossible to recover or access their
own data if their cloud provider goes bankrupt?
A Vendor lock-in
B Multitenant
C Multicloud
D Vendor lock-out - ✔✔D
✔✔Which cloud deployment model is operated for a single organization?
A Consortium
B Hybrid
C Public
D Private - ✔✔D
✔✔Which cloud model provides data location assurance?
A Hybrid
B Private
C Community
D Public - ✔✔B
✔✔Which cloud model allows the consumer to have sole responsibility for management
and governance?
A Hybrid
B Community
C Private
D Public - ✔✔C
✔✔Which technology allows an organization to control access to sensitive documents
stored in the cloud?
A Digital rights management (DRM)
B Database activity monitoring (DAM)
C Identity and access management (IAM)
D Distributed resource scheduling (DRS) - ✔✔A
, ✔✔Which security technology can provide secure network communications from on-site
enterprise systems to a cloud platform?
A Domain name system security extensions (DNSSEC)
B Internet protocol security (IPSec) virtual private network (VPN)
C Web application firewall (WAF)
D Data loss prevention (DLP) - ✔✔B
✔✔How do immutable workloads effect security overhead?
A They reduce the management of the hosts.
B They automatically perform vulnerability scanning as they launch.
C They restrict the amount of instances in a cluster.
D They create patches for a running workload. - ✔✔A
✔✔Which document addresses CSP issues such as guaranteed uptime, liability,
penalties, and dispute mediation process?
A General data protection regulation (GDPR)
B Service organization control 3 (SOC 3)
C Service level agreement (SLA)
D Common criteria assurance framework (CC) - ✔✔C
✔✔Which design principle of secure cloud computing ensures that the business can
resume essential operations in the event of an availability-affecting incident?
A Disaster recovery
B Resource pooling
C Access control
D Session management - ✔✔A
✔✔Which design principle of secure cloud computing ensures that users can utilize
data and applications from around the globe?
A Portability
B Scalability
C On-demand self-service
D Broad network access - ✔✔D
✔✔Which design principle of secure cloud computing involves deploying cloud service
provider resources to maximize availability in the event of a failure?
A Elasticity
B Resiliency
C Scalability
QUESTIONS AND ANSWERS GRADED A+
✔✔What is a key capability of security information and event management?
A Intrusion prevention capabilities
B Automatic remediation of issues
C Centralized collection of log data
D Secure remote access - ✔✔C
✔✔Which data source provides auditability and traceability for event investigation as
well as documentation?
A Storage files
B Packet capture
C Network interference
D Database tables - ✔✔B
✔✔Which data source provides auditability and traceability for event investigation as
well as documentation?
A Network segmentation
B Ephemeral storage
C Database schema
D Virtualization platform logs - ✔✔D
✔✔Which technology is used to manage identity access management by building trust
relationships between organizations?
A Single sign-on
B Multifactor authentication
C Federation
D Biometric authentication - ✔✔C
✔✔Which term describes the action of confirming identity access to an information
system?
A Coordination
B Concept
C Access
D Authentication - ✔✔D
✔✔Which cloud computing tool is used to discover internal use of cloud services using
various mechanisms such as network monitoring?
,A Data loss prevention (DLP)
B Content delivery network (CDN)
C Cloud access security broker (CASB)
D Web application firewall (WAF) - ✔✔C
✔✔Which cloud computing technology unlocks business value through digital and
physical access to maps?
A Multitenancy
B Cloud application
C Application programming interface
D On-demand self-service - ✔✔C
✔✔Which cloud computing tool may help detect data migrations to cloud services?
A Uniform resource locator (URL) filtering
B Cloud security gateways
C Cloud data transfer
D Data loss prevention - ✔✔D
✔✔What is a key component of the infrastructure as a service (IaaS) cloud service
model?
A Allows choice and reduces lock-in
B Supports multiple languages and frameworks
C Ease of use and limited administration
D High reliability and resilience - ✔✔D
✔✔What is a key capability of infrastructure as a service (IaaS)?
A Hosted application management
B Converged network and IT capacity pool
C Leased application and software licensing
D Multiple hosting environments - ✔✔B
✔✔Which option should an organization choose if there is a need to avoid software
ownership?
A Software as a service (SaaS)
B Platform as a service (PaaS)
C Containers as a service (CaaS)
D Infrastructure as a service (IaaS) - ✔✔A
✔✔Which cloud model offers access to a pool of fundamental IT resources such as
computing, networking, or storage?
,A Infrastructure
B Platform
C Application
D Data - ✔✔A
✔✔In which situation could cloud clients find it impossible to recover or access their
own data if their cloud provider goes bankrupt?
A Vendor lock-in
B Multitenant
C Multicloud
D Vendor lock-out - ✔✔D
✔✔Which cloud deployment model is operated for a single organization?
A Consortium
B Hybrid
C Public
D Private - ✔✔D
✔✔Which cloud model provides data location assurance?
A Hybrid
B Private
C Community
D Public - ✔✔B
✔✔Which cloud model allows the consumer to have sole responsibility for management
and governance?
A Hybrid
B Community
C Private
D Public - ✔✔C
✔✔Which technology allows an organization to control access to sensitive documents
stored in the cloud?
A Digital rights management (DRM)
B Database activity monitoring (DAM)
C Identity and access management (IAM)
D Distributed resource scheduling (DRS) - ✔✔A
, ✔✔Which security technology can provide secure network communications from on-site
enterprise systems to a cloud platform?
A Domain name system security extensions (DNSSEC)
B Internet protocol security (IPSec) virtual private network (VPN)
C Web application firewall (WAF)
D Data loss prevention (DLP) - ✔✔B
✔✔How do immutable workloads effect security overhead?
A They reduce the management of the hosts.
B They automatically perform vulnerability scanning as they launch.
C They restrict the amount of instances in a cluster.
D They create patches for a running workload. - ✔✔A
✔✔Which document addresses CSP issues such as guaranteed uptime, liability,
penalties, and dispute mediation process?
A General data protection regulation (GDPR)
B Service organization control 3 (SOC 3)
C Service level agreement (SLA)
D Common criteria assurance framework (CC) - ✔✔C
✔✔Which design principle of secure cloud computing ensures that the business can
resume essential operations in the event of an availability-affecting incident?
A Disaster recovery
B Resource pooling
C Access control
D Session management - ✔✔A
✔✔Which design principle of secure cloud computing ensures that users can utilize
data and applications from around the globe?
A Portability
B Scalability
C On-demand self-service
D Broad network access - ✔✔D
✔✔Which design principle of secure cloud computing involves deploying cloud service
provider resources to maximize availability in the event of a failure?
A Elasticity
B Resiliency
C Scalability
