CIS 3357 Chapter 4
Sharon is investigation a standards based construct to enable automation on her load balancers. What is a good lightweight data interchange format standard that is easily readable and for computing systems to parse and to generate? Choose 2 A. XML B. JSON C. REST D. Python
A, B XML JSON
What is a long standing text based interface that is used to configure network services both locally and remotely? A. GUI B. CLI C. REST D. SNMP E. API
A. CLI
RESTful APIs using XML and JSON on southbound interfaces can be used to orchestrate and automate what cloud-based services? Choose all that apply A. Firewalls B. Load Balancers C. Virtual Machines D. DNS Servers E. Durable Storage Volumes
All of them apply
Samantha has been tasked to meet FedRAMP compliance for her customer's new contract. Where should she integrate compliance in her project? Choose 4 A. Hand-off B. Design C. Implementation D. Automation rollout E. Planning F. Validation G. HIDS H. JSON/XML scripting
B, C, E, F Design, Implementation, Planning, Validation
Carl is planning his cloud migration and must meet HIPPA requirements for confidential storage of cloud data at rest and in use in the cloud. What services must be addressed by Carl. choose 2 A. Virtual Private Network B. Storage C. Client side D. Database
B, D storage, database
Cloud segmentaion enhances security for cloud-based applications. What services is it a best practice to segment? A. Python B. Compute C. RAM D. VPN
B. Compute
Hank works in his e-commerce company's IT security group and has been tasked to investigate options that will allow customers to securely access their personal records stored on the cloud deployment from their smartphones. What is the most common in-flight e-commerce security posture on the market? A. MD5 B. SSL/TLS C. IPsec D. VPN
B. SSL/TLS
Storage that does not survive a virtual machine removal is referred to as what classification? Choose 2 A. Durable B. RAID C. Ephemeral D. Nondurable
C, D ephemeral, nondurable
A web-based dashboard is being deployed by your company. Hank has been tasked to develop the application but is concerned that the application must pull data from many different cloud locations and devices. What is a good interface for him to use to meet his requirements? A. Python B. XML C. API D. SNMP E. TLS
C. API
What technology was instrumental in the growth of cloud services? A. XML B. Python C. Automation D. Authentication E. Scripting F. Workflow services G. Encryption
C. Automation
Hank just completed running some security automation scripts on his new fleet of application virtual machines. After applying intrusion detection, virus, and malware protection on the Linux images, he notices an increase in which VM metric on his management dashboard? A. DMA B. BIOS C. CPU D. IPsec E. I/O
C. CPU
Who does responsibility for stored data integrity in the cloud belong to? A. cloud provider B. compliance agency C. cloud customer D. shared responsibility
C. Cloud Customer
What is a common cloud based GUI used to get an overview of your security operations? A. Puppet automation B. Gemalto Systems C. Dashboard D. Vender based security appliance
C. Dashboard
Mike has been investigating multiple hacking attempts on his cloud e-commerce web servers. He wants to add a front end with a service that actively takes countermeasures to shut down the hacking attempts. What application would you suggest that Mike deploy? A.DMZ B. IDS C. IPS D. RAID E. HIDS
C. IPS
What are complex software systems that automate cloud operations and are offered by companies such as Chef and Puppet called? A. Authentication B. Federations C. Orchestration D. Ephemeral
C. Orchestration
Your company has purchased a specialized intrusion prevention system that is virtualized and designed for cloud-based network micro segmentation deployments. When reading the documentation, Sam notices a link to download a Java-Based application to monitor and configure the IPS. What kind of automation system is this? A. CLI B. GUI C. Vender Based D. API E. RESTful
C. Vendor based
A constantly changing six-digit numerical token is used in what type of cloud service? A. XML B. TLS C. SSL D. MFA E. JSON
D. MFA
Jim has a critical server in the application tier of his cloud-based deployment. He is looking at a device specific security solution to add defense in depth capabilities to his currently deployed network based security defenses. He has been researching ways to mitigate potential hacking attempts. What is a good solution for him? A. DMZ B. IDS C. IPs D. Classification automation E. HIDS
E. HIDS
Robert has been tasked to create a security implementation that segments his employer's e-commerce design to allow for policy enforcement. What are some of the areas that he is investigating? choose 3 A. Network B. Automation C. Storage D. Compute E. Api's F. JSON/XML
a, c, d network, storage, compute
MFA tokens can be obtain where? choose 2 A. python app B. smartphone app C. automation systems D. keyfob E. cloud vendor management dashboard
b, d smartphone app, keyfob
