CH 10 CLOUD AND VIRTUALIZATION SECURITY

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

HELEN DESIGNED A NEW PAYROLL SYSTEM THAT SHE OFFERS TO HER CUSTOMERS. SHE HOSTS THE PAYROLL SYSTEM IN AWS AND HER CUSTOMERS ACCESS IT THROUGH THE WEB. WHAT TIER OF CLOUD COMPUTING BEST DESCRIBES HELEN'S SERVICE? A. PAAS B. SAAS C. FAAS D. IAAS

B. SAAS

KIRA WOULD LIKE TO IMPLEMENT A SECURITY CONTROL THAT CAN IMPLEMENT ACCESS RESTRICTIONS ACROSS ALL OF THE SAAS SOLUTIONS USED BY HER ORGANIZATION. WHAT CONTROL WOULD BEST MEET HER NEEDS? A. SECURITY GROUP B. RESOURCE POLICY C. CASB D. SWG

C. CASB

IN WHICH OF THE FOLLOWING CLOUD CATEGORIES ARE CUSTOMERS TYPICALLY CHARGED BASED ON THE NUMBER OF VIRTUAL SERVER INSTANCES DEDICATED TO THEIR USE? A. IAAS ONLY B. SAAS ONLY C. IAAS AND PAAS D. IAAS, SAAS, AND PAAS

C. IAAS AND PAAS

IN WHAT CLOUD SECURITY MODEL DOES THE CLOUD SERVICE PROVIDER BEAR THE MOST RESPONSIBILITY FOR IMPLEMENTING SECURITY CONTROLS? A. IAAS B. FAAS C. PAAS D. SAAS

D. SAAS

GREG WOULD LIKE TO FIND A REFERENCE DOCUMENT THAT DESCRIBES HOW TO MAP CLOUD SECURITY CONTROLS TO DIFFERENT REGULATORY STANDARDS. WHAT DOCUMENT WOULD BEST ASSIST WITH THIS TASK? A. Cloud Security Alliance Cloud Control Matrix B. NIST SP 500-292 C. ISO 27001 D. PCI DSS

A. Cloud Security Alliance Cloud Control Matrix

WHICH ONE OF THE FOLLOWING WOULD NOT COMMONLY BE AVAILABLE AS AN IAAS SERVICE OFFERING? A. Customer Relationship Mgmt B. STORAGE C. NETWORKING D. COMPUTING

A. Customer Relationship Mgmt

WANDA IS RESPONSIBLE FOR A SERIES OF SEISMIC SENSORS PLACED AT REMOTE LOCATIONS. THESE SENSORS HAVE LOW-BANDWIDTH CONNECTIONS AND SHE WOULD LIKE TO PLACE COMPUTING POWER ON THE SENSORS TO ALLOW THEM TO PREPROCESS DATA BEFORE IT IS SENT BACK TO THE CLOUD. WHAT TERM BEST DESCRIBES THIS APPROACH? A. EDGE COMPUTING B. CLIENT-SERVER COMPUTING C. FOG COMPUTING D. THIN CLIENT COMPUTING

A. EDGE COMPUTING

TONY PURCHASES VIRTUAL MACHINES FROM MICROSOFT AZURE AND USES THEM EXCLUSIVELY FOR USE BY HIS ORGANIZATION. WHAT MODEL OF CLOUD COMPUTING IS THIS? A. PUBLIC CLOUD B. PRIVATE CLOUD C. HYBRID CLOUD D. COMMUNITY CLOUD

A. PUBLIC CLOUD

BRIAN WOULD LIKE TO LIMIT THE ABILITY OF USERS INSIDE HIS ORGANIZATION TO PROVISION EXPENSIVE CLOUD SERVER INSTANCES WITHOUT PERMISSION. WHAT TYPE OF CONTROL WOULD BEST HELP HIM ACHIEVE THIS GOAL? A. RESOURCE POLICY B. SECURITY GROUP C. MULTIFACTOR AUTHENTICATION D. SECURE WEB GATEWAY

A. RESOURCE POLICY

RYAN IS SELECTING A NEW SECURITY CONTROL TO MEET HIS ORGANIZATION'S OBJECTIVES. HE WOULD LIKE TO USE IT IN THEIR MULTI CLOUD ENVIRONMENT AND WOULD LIKE TO MINIMIZE THE ADMINISTRATIVE WORK REQUIRED FROM HIS FELLOW TECHNOLOGISTS. WHAT APPROACH WOULD BEST MEET HIS NEEDS? A. THIRD-PARTY CONTROL B. INTERNALLY DEVELOPED CONTROL C. CLOUD-NATIVE CONTROL D. ANY OF THE ABOVE

A. THIRD-PARTY CONTROL

14. URSULA WOULD LIKE TO LINK THE NETWORKS IN HER ON-PREMISES DATACENTER WITH CLOUD VPCS IN A SECURE MANNER. WHAT TECHNOLOGY WOULD HELP HER BEST ACHIEVE THIS GOAL? A. TRANSIT GATEWAY B. HSM C. VPC ENDPOINT D. SWG

A. TRANSIT GATEWAY

WHICH ONE OF THE FOLLOWING STATEMENTS ABOUT CLOUD COMPUTING IS INCORRECT? A. CLOUD COMPUTING OFFERS UBIQUITOUS, CONVENIENT ACCESS. B. CLOUD COMPUTING CUSTOMERS STORE DATA ON HARDWARE THAT IS SHARED WITH OTHER CUSTOMERS. C. CLOUD COMPUTING CUSTOMERS PROVISION RESOURCES THROUGH THE SERVICE PROVIDER'S SALES TEAM. D. CLOUD COMPUTING RESOURCES ARE ACCESSED OVER A NETWORK.

C. CLOUD COMPUTING CUSTOMERS PROVISION RESOURCES THROUGH THE SERVICE PROVIDER'S SALES TEAM.

FRAN'S ORGANIZATION USES A TYPE I HYPERVISOR TO IMPLEMENT AN IAAS OFFERING THAT IT SELLS TO CUSTOMERS. WHICH ONE OF THE FOLLOWING SECURITY CONTROLS IS LEAST APPLICABLE TO THIS ENVIRONMENT? A. CUSTOMERS MUST MAINTAIN SECURITY PATCHES ON GUEST OPERATING SYSTEMS. B. THE PROVIDER MUST MAINTAIN SECURITY PATCHES ON THE HYPERVISOR. C. THE PROVIDER MUST MAINTAIN SECURITY PATCHES ON THE HOST OPERATING SYSTEM. D. CUSTOMERS MUST MANAGE SECURITY GROUPS TO MEDIATE NETWORK ACCESS TO GUEST OPERATING SYSTEMS.

C. THE PROVIDER MUST MAINTAIN SECURITY PATCHES ON THE HOST OPERATING SYSTEM.

WHICH ONE OF THE FOLLOWING IS NOT AN EXAMPLE OF INFRASTRUCTURE AS CODE? A. DEFINING INFRASTRUCTURE IN JASON B. WRITING CODE TO INTERACT WITH A CLOUD PROVIDER'S API C. USING A CLOUD PROVIDER'S WEB INTERFACE TO PROVISION RESOURCES D. DEFINING INFRASTRUCTURE IN YAML

C. USING A CLOUD PROVIDER'S WEB INTERFACE TO PROVISION RESOURCES

KEVIN DISCOVERED THAT HIS WEB SERVER WAS BEING OVERWHELMED BY TRAFFIC, CAUSING A CPU BOTTLENECK. USING THE INTERFACE OFFERED BY HIS CLOUD SERVICE PROVIDER, HE ADDED ANOTHER CPU TO THE SERVER. WHAT TERM BEST DESCRIBES KEVIN'S ACTION? A. ELASTICITY B. HORIZONTAL SCALING C. VERTICAL SCALING D. HIGH AVAILABILITY

C. VERTICAL SCALING

BRENDA'S COMPANY PROVIDES A MANAGED INCIDENT RESPONSE SERVICE TO ITS CUSTOMERS. WHAT TERM BEST DESCRIBES THIS TYPE OF SERVICE OFFERING? A. MSP B. PAAS C. SAAS D. ALL SHOULD HAVE EQUAL WEIGHT

D. ALL SHOULD HAVE EQUAL WEIGHT

HOWARD IS ASSESSING THE LEGAL RISKS TO HIS ORGANIZATION BASED UPON ITS HANDLING OF PII. THE ORGANIZATION IS BASED IN THE UNITED STATES, HANDLES THE DATA OF CUSTOMERS LOCATED IN EUROPE, AND STORES INFORMATION IN JAPANESE DATACENTERS. WHAT LAW WOULD BE MOST IMPORTANT TO HOWARD DURING HIS ASSESSMENT? A. JAPANESE LAW B. EUROPEAN UNION LAW C. U.S. LAW D. ALL SHOULD HAVE EQUAL WEIGHT

D. ALL SHOULD HAVE EQUAL WEIGHT

BRIAN IS SELECTING A CASB FOR HIS ORGANIZATION AND HE WOULD LIKE TO USE AN APPROACH THAT INTERACTS WITH THE CLOUD PROVIDER DIRECTLY. WHICH CASB APPROACH IS MOST APPROPRIATE FOR HIS NEEDS? A. INLINE CASB B. OUTSIDER CASB C. COMPREHENSIVE CASB D. API-BASED CASB

D. API-BASED CASB

WHICH CLOUD COMPUTING DEPLOYMENT MODEL REQUIRES THE USE OF A UNIFYING TECHNOLOGY PLATFORM TO TIE TOGETHER COMPONENTS FROM DIFFERENT PROVIDERS? A. PUBLIC CLOUD B. PRIVATE CLOUD C. COMMUNITY CLOUD D. HYBRID CLOUD

D. HYBRID CLOUD

WHAT COMPONENT OF A VIRTUALIZATION PLATFORM IS PRIMARILY RESPONSIBLE FOR PREVENTING VM ESCAPE ATTACKS? A. ADMINISTRATOR B. GUEST OPERATING SYSTEM C. HOST OPERATING SYSTEM D. HYPERVISOR

D. HYPERVISOR


Kaugnay na mga set ng pag-aaral

Principles of RE I: Texas Real Estate License Act

View Set

AH 1 Exam 1: Care of Perioperative Pts

View Set

Chapter 15- Separation and Divorce

View Set

medulla, adrenal cortex, pituitary glands,

View Set

Oceanography Chapter 14 Homework

View Set

Chapter 23: Nursing Care of the Child With an Alteration in Tissue Integrity/Integumentary Disorder

View Set