D320 - Managing Cloud Security Test
Questions with Correct Answers
Which phase of the cloud data life cycle requires adherence to export and import restrictions, including
Export Administration Regulations (EAR) and the Wassenaar Arrangement?
A) Create
B) Share
C) Use
D) Destroy
B
Why is the striping method of storing data used in most redundant array of independent disks (RAID)
configurations?
A) It prevents outages and attacks from occurring in a cloud environment.
B) It prevents data from being recovered once it is destroyed using crypto-shredding.
C) It allows data to be safely distributed and stored in a common centralized location.
D) It allows efficient data recovery as even if one drive fails, other drives fill in the missing data.
D
What is the purpose of egress monitoring tools?
A) They are used to convert a given set of data or information into a different value.
,B) They are used to prevent data from going outside the control of an organization.
C) They are used to create data during the Create phase of the cloud data life cycle.
D) They are used to remove data during the Destroy phase of the cloud data life cycle.
B
A company is looking at different types of cloud storage options. One of the threats to cloud storage
that the company foresees is the possibility of losing forensic artifacts in the event of an incident
response investigation.
Which type of cloud storage has the highest risk of losing forensic artifacts in the event of an incident
response investigation?
A) File-based
B) Long-term
C) Block
D) Ephemeral
D
A manager is made aware of a customer complaint about how an application developed by the company
collects personal and environmental information from the devices it is installed on.
Which document should the manager refer to in order to determine if the company has properly
disclosed information about what data it collects from this application's users?
A) Retention policy
B) Breach notification
C) Privacy notice
D) Denial of service
,C
An organization needs to store passwords in a database securely. The data should not be available to
system administrators.
Which technique should the organization use?
A) Encryption
B) Hashing
C) Encoding
D) Masking
B
A company is looking to ensure that the names of individuals in its data in the cloud are not revealed in
the event of a data breach, as the data is sensitive and classified.
Which data masking technique should the company use to prevent attackers from identifying individuals
in the event of a data breach?
A) Crypto-shredding
B) Degaussing
C) Anonymization
D) Randomization
C
An organization needs to quickly identify the document owner in a shared network folder.
Which technique should the organization use to meet this goal?
A) Labeling
, B) Classification
C) Mapping
D) Categorization
A
An organization plans to introduce a new data standard and wants to ensure that system inventory data
will be efficiently discovered and processed.
Which type of data should the organization use to meet this goal?
A) Structured
B) Semi-structured
C) Annotated
D) Mapped
A
An organization implemented an information rights management (IRM) solution to prevent critical data
from being copied without permission and a cloud backup solution to ensure that the critical data is
protected from storage failures.
Which IRM challenge will the organization need to address?
A) Jurisdictional conflicts
B) Agent conflicts
C) Replication restrictions
D) Execution restrictions
C
Questions with Correct Answers
Which phase of the cloud data life cycle requires adherence to export and import restrictions, including
Export Administration Regulations (EAR) and the Wassenaar Arrangement?
A) Create
B) Share
C) Use
D) Destroy
B
Why is the striping method of storing data used in most redundant array of independent disks (RAID)
configurations?
A) It prevents outages and attacks from occurring in a cloud environment.
B) It prevents data from being recovered once it is destroyed using crypto-shredding.
C) It allows data to be safely distributed and stored in a common centralized location.
D) It allows efficient data recovery as even if one drive fails, other drives fill in the missing data.
D
What is the purpose of egress monitoring tools?
A) They are used to convert a given set of data or information into a different value.
,B) They are used to prevent data from going outside the control of an organization.
C) They are used to create data during the Create phase of the cloud data life cycle.
D) They are used to remove data during the Destroy phase of the cloud data life cycle.
B
A company is looking at different types of cloud storage options. One of the threats to cloud storage
that the company foresees is the possibility of losing forensic artifacts in the event of an incident
response investigation.
Which type of cloud storage has the highest risk of losing forensic artifacts in the event of an incident
response investigation?
A) File-based
B) Long-term
C) Block
D) Ephemeral
D
A manager is made aware of a customer complaint about how an application developed by the company
collects personal and environmental information from the devices it is installed on.
Which document should the manager refer to in order to determine if the company has properly
disclosed information about what data it collects from this application's users?
A) Retention policy
B) Breach notification
C) Privacy notice
D) Denial of service
,C
An organization needs to store passwords in a database securely. The data should not be available to
system administrators.
Which technique should the organization use?
A) Encryption
B) Hashing
C) Encoding
D) Masking
B
A company is looking to ensure that the names of individuals in its data in the cloud are not revealed in
the event of a data breach, as the data is sensitive and classified.
Which data masking technique should the company use to prevent attackers from identifying individuals
in the event of a data breach?
A) Crypto-shredding
B) Degaussing
C) Anonymization
D) Randomization
C
An organization needs to quickly identify the document owner in a shared network folder.
Which technique should the organization use to meet this goal?
A) Labeling
, B) Classification
C) Mapping
D) Categorization
A
An organization plans to introduce a new data standard and wants to ensure that system inventory data
will be efficiently discovered and processed.
Which type of data should the organization use to meet this goal?
A) Structured
B) Semi-structured
C) Annotated
D) Mapped
A
An organization implemented an information rights management (IRM) solution to prevent critical data
from being copied without permission and a cloud backup solution to ensure that the critical data is
protected from storage failures.
Which IRM challenge will the organization need to address?
A) Jurisdictional conflicts
B) Agent conflicts
C) Replication restrictions
D) Execution restrictions
C
