D320 NEW EXAM WITH COMPLETE SOLUTIONS 100%
VERIFIED!!
Current Status - ANSWER Understand and analyze the business process, assets, and
requirements; after gathering adequate data, it is time for a detailed analysis; a BIA or
business impact analysis is conducted.
Business Impact Analysis - ANSWER An analysis of the priorities assigned to each
asset and process within the organization; analyzes the effect or impact any loss or
hardship might mean to the organization overall; identifies critical paths and single
points of failure; determines costs of compliance-legislative and contractual
requirements mandated.
Metered service - ANSWER The organization pays only for what it uses.
Elasticity - ANSWER Underused resources available for allocation to cloud users.
Cloud bursting - ANSWER Organizations augment internal, on-premised data center
capacities with hosted, managed services during a period of peak activity; an
organization can rent the incremental capacity needed on demand from an outside
cloud provider.
ROI (Return on Investment) - ANSWER Term related to cost-benefit measures; used to
describe a profitability ratio; calculated by dividing net profits by net assets.
Elasticity - ANSWER Customers can contract cloud providers to use virtualization to
flexibly allocate only the needed usage of each resource to the organization, while
holding costs while maintaining profitability.
Simplicity - ANSWER Enable a user to use the service without having to contact the
cloud service provider often.
,Scalability - ANSWER Increasing/reducing services can be easily, quickly, and
cost-effectively achieved.
IaaS (Infrastructure as a Service) - ANSWER Most basic service; customer can install
all software and OSs on hardware housed and connected by the cloud vendor; can be
considered a warm site for BC/DR purposes.
PaaS-Platform as a Service Includes services from IaaS, OSs. The vendor is responsible
for patching, administering, and updating of the operating system. The customer can
install any software on it.
Data Storage Types - ANSWER Used: structured/unstructured.
Unstructured Data Types - ANSWER Qualitative data; natural-language text; incorporate
media such as audio, video, images; made up of JSON, XML, binary objects- images
encoded as text strings.
Structured Data Types - ANSWER Quantitative data; organized and interpretable by
machine learning algorithms; SQL (relational) can be used to quickly input, search, and
manipulate data.
SaaS (Software as a Service) - ANSWER Everything from IaaS and PaaS plus software
programs; vendor is responsible for administering, patching, and updating everything.
Public Cloud - ANSWER Resources are owned and operated by a vendor and sold,
leased, or rented to anyone; multitenant environments.
Private Cloud - ANSWER Resources dedicated to a single customer; might be owned
and maintained by the entity that is the sole customer.
Community Cloud - ANSWER Features infrastructure and processing owned and
,operated by/for an affinity group; orgs come together to perform joint tasks and
functions.
Hybrid Cloud - ANSWER Exhibits characteristics of the other models; the organization
may want to keep some resources on a private cloud but rent some public cloud space.
Cloud Broker - ANSWER Company that buys hosting services from a provider and then
resells those services to its own customers.
CASB (Cloud Access Security Broker) - ANSWER A third-party entity offering
independent IAM, or identity and access management, services to CSPs and cloud
customers.
Regulators - ANSWER Ensure orgs are incompliance with regulatory framework for
which they are responsible for; HIPAA, GLBA, PCI DSS, ISO, SOX, etc.
Cost-Benefit Analysis - ANSWER Comparing potential positive impact of a business
decision to potential negative impact .
FIPS 140-2 - ANSWER NIST document that describes the process for accrediting and
cryptosystems for use by the federal government.
NIST 800-53 - ANSWER Guidance document with a primary goal to ensure appropriate
security requirements and controls are applied to all US federal government information
in management systems.
TCI (Trusted Cloud Initiative) Reference Model - ANSWER Guide for cloud providers,
thus allowing them to create a holistic architecture that customers can buy.
Vendor Lock-In ANSWER A situation where the customer cannot leave, migrate,
retrieve, or transfer data to an alternate provider because of some technical or
nontechnical constraint.
, Vendor Lock-Out ANSWER When a customer is not able to recover/access his or her
own data in case the provider has gone to bankruptcy or has left the market.
Blockchain- ANSWER Open means of conveying value using encryption
technologies/algorithms; transactional ledger where all participants can view every
transaction.
Containers- ANSWER Logical segmentation of memory space in a device, creating two
or more abstract areas that cannot interface directly.
Quantum Computing- ANSWER Emerging technology that allows IT systems to operate
beyond binary math.
Homomorphic Encryption - ANSWER Theoretical phenomenon whereby encrypted
material is processed without necessarily decrypting it first.
STRIDE Threat Model - ANSWER Spoofing, Tampering, Repudiation, Information
disclosure, Denial of service, and Elevation of Privilege.
Apache cloud stack - ANSWER Open source cloud computing software for creating,
managing, and deploying infrastructure cloud services.
Business Requirement - ANSWER Operational driver for making decisions and input for
the management of risk.
Single Points of Failure methods to decrease SPOFs - ANSWER Add redundancies,
create parallel processes, cross train personnel, back up data and load
sharing/balancing for IT assets.
Quantitative Risk Assessment - ANSWER Specific numerical values take for example
1,2, and 3. use a consistent set of methods, principles or rules for assessing risks.
VERIFIED!!
Current Status - ANSWER Understand and analyze the business process, assets, and
requirements; after gathering adequate data, it is time for a detailed analysis; a BIA or
business impact analysis is conducted.
Business Impact Analysis - ANSWER An analysis of the priorities assigned to each
asset and process within the organization; analyzes the effect or impact any loss or
hardship might mean to the organization overall; identifies critical paths and single
points of failure; determines costs of compliance-legislative and contractual
requirements mandated.
Metered service - ANSWER The organization pays only for what it uses.
Elasticity - ANSWER Underused resources available for allocation to cloud users.
Cloud bursting - ANSWER Organizations augment internal, on-premised data center
capacities with hosted, managed services during a period of peak activity; an
organization can rent the incremental capacity needed on demand from an outside
cloud provider.
ROI (Return on Investment) - ANSWER Term related to cost-benefit measures; used to
describe a profitability ratio; calculated by dividing net profits by net assets.
Elasticity - ANSWER Customers can contract cloud providers to use virtualization to
flexibly allocate only the needed usage of each resource to the organization, while
holding costs while maintaining profitability.
Simplicity - ANSWER Enable a user to use the service without having to contact the
cloud service provider often.
,Scalability - ANSWER Increasing/reducing services can be easily, quickly, and
cost-effectively achieved.
IaaS (Infrastructure as a Service) - ANSWER Most basic service; customer can install
all software and OSs on hardware housed and connected by the cloud vendor; can be
considered a warm site for BC/DR purposes.
PaaS-Platform as a Service Includes services from IaaS, OSs. The vendor is responsible
for patching, administering, and updating of the operating system. The customer can
install any software on it.
Data Storage Types - ANSWER Used: structured/unstructured.
Unstructured Data Types - ANSWER Qualitative data; natural-language text; incorporate
media such as audio, video, images; made up of JSON, XML, binary objects- images
encoded as text strings.
Structured Data Types - ANSWER Quantitative data; organized and interpretable by
machine learning algorithms; SQL (relational) can be used to quickly input, search, and
manipulate data.
SaaS (Software as a Service) - ANSWER Everything from IaaS and PaaS plus software
programs; vendor is responsible for administering, patching, and updating everything.
Public Cloud - ANSWER Resources are owned and operated by a vendor and sold,
leased, or rented to anyone; multitenant environments.
Private Cloud - ANSWER Resources dedicated to a single customer; might be owned
and maintained by the entity that is the sole customer.
Community Cloud - ANSWER Features infrastructure and processing owned and
,operated by/for an affinity group; orgs come together to perform joint tasks and
functions.
Hybrid Cloud - ANSWER Exhibits characteristics of the other models; the organization
may want to keep some resources on a private cloud but rent some public cloud space.
Cloud Broker - ANSWER Company that buys hosting services from a provider and then
resells those services to its own customers.
CASB (Cloud Access Security Broker) - ANSWER A third-party entity offering
independent IAM, or identity and access management, services to CSPs and cloud
customers.
Regulators - ANSWER Ensure orgs are incompliance with regulatory framework for
which they are responsible for; HIPAA, GLBA, PCI DSS, ISO, SOX, etc.
Cost-Benefit Analysis - ANSWER Comparing potential positive impact of a business
decision to potential negative impact .
FIPS 140-2 - ANSWER NIST document that describes the process for accrediting and
cryptosystems for use by the federal government.
NIST 800-53 - ANSWER Guidance document with a primary goal to ensure appropriate
security requirements and controls are applied to all US federal government information
in management systems.
TCI (Trusted Cloud Initiative) Reference Model - ANSWER Guide for cloud providers,
thus allowing them to create a holistic architecture that customers can buy.
Vendor Lock-In ANSWER A situation where the customer cannot leave, migrate,
retrieve, or transfer data to an alternate provider because of some technical or
nontechnical constraint.
, Vendor Lock-Out ANSWER When a customer is not able to recover/access his or her
own data in case the provider has gone to bankruptcy or has left the market.
Blockchain- ANSWER Open means of conveying value using encryption
technologies/algorithms; transactional ledger where all participants can view every
transaction.
Containers- ANSWER Logical segmentation of memory space in a device, creating two
or more abstract areas that cannot interface directly.
Quantum Computing- ANSWER Emerging technology that allows IT systems to operate
beyond binary math.
Homomorphic Encryption - ANSWER Theoretical phenomenon whereby encrypted
material is processed without necessarily decrypting it first.
STRIDE Threat Model - ANSWER Spoofing, Tampering, Repudiation, Information
disclosure, Denial of service, and Elevation of Privilege.
Apache cloud stack - ANSWER Open source cloud computing software for creating,
managing, and deploying infrastructure cloud services.
Business Requirement - ANSWER Operational driver for making decisions and input for
the management of risk.
Single Points of Failure methods to decrease SPOFs - ANSWER Add redundancies,
create parallel processes, cross train personnel, back up data and load
sharing/balancing for IT assets.
Quantitative Risk Assessment - ANSWER Specific numerical values take for example
1,2, and 3. use a consistent set of methods, principles or rules for assessing risks.