Cloud Essentials+ Questions

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following documents specifies metrics to determine whether a cloud service provider is delivering the things specified in the statement of work (SOW)?

Service level agreement

The finance department wants you to convert the IT infrastructure capital expenditures to operating expenditures. Which of the following would do this?

Switch to a pay-as-you-go model

Which of the following keeps data synced between two or more locations in real-time?

Synchronous

Which of the following properties ensures timely and uninterrupted access to an asset?

Availability

What refers to the copying snapshots of instances to different locations to protect against data loss or corruption?

Backup

Lucas is the network administrator for a company. Management has asked him to prepare a report regarding the performance of the current environment so that they can manage or improve the performance of their environment. What will he use to accomplish this task?

Baseline

Which of the following steps should you perform first for running a cloud assessment?

Determine current and future requirements.

Which of the following helps to determine the practicality of the proposed move to the cloud?

Feasibility study

Which federal regulation establishes a standard approach for assessing, monitoring, and authorizing cloud computing services under the Federal Information Security Management Act (FISMA)?

Federal Risk and Authorization Management Program

An engineer in your team says that the company should use new technology to enter a new stream of business. He says that the company should sell and monitor linked home appliances and smart thermostats. Which technology is he talking about?

Internet of Things

You have migrated to the cloud, and users have access to cloud-based productivity software. There are 10 users in the finance group. Each user has a laptop, a tablet, and a smartphone that can access the productivity software. Using a subscription model, how many software licenses will you need to purchase for the finance department?

10

Which of the following International Organization of Standardization (ISO) standards mandates requirements that define how to implement, monitor, maintain, and continually improve an information security management system?

27001

Which International Organization of Standardization (ISO) standard covers the following topics? * Removal and return of cloud service customer assets upon contract termination * Alignment of security management for virtual and physical networks * Virtual machine hardening requirements to meet business needs

27017

Which of the following International Organization of Standardization (ISO) standards is designed to be used as a reference for selecting cloud services information security controls?

27017

Which of the following things are determined by a feasibility study during cloud assessment?

A migration path to the cloud Compliance, security, and privacy guidelines

Which of the following is not a key operating principle of blockchain?

Anonymity

Which of the following risks will you consider during and after the migration process while performing the right migration steps?

Application issues Complexity creep

Which of the following is responsible for managing risk in an organization?

Asset owner

Which of the following helps to establish the identity of an entity with adequate assurance?

Authentication

A new software patch is available for the organization's firewall. Before proceeding with the software update, you make a copy of the firewall's configuration. Which data security principle are you performing?

Availability

Which licensing model has the following benefits: * Greater flexibility * Reduced costs * Enhanced license management

Bring your own license

You are working as a cloud engineer at BigCo. The company hires a team of contractors for three-month projects. After three months, a new team of contractors will be brought in. Which type of software licensing allows the licenses to be transferred from the first group to the second group?

Bring your own license

In the shared responsibility model, who is responsible for the security of compute and storage resources?

CSP

Who is responsible for security "in" the cloud in the shared responsibility model?

Client

You are beginning a cloud assessment for your company and need to contact key stakeholders. Who in the following list is not an example of a key stakeholder for the cloud assessment?

Cloud service provider

A medical company wants to take advantage of a complex application but wants to realize the cost savings by accessing a shared instance of the application hosted in the cloud. Because of regulatory requirements, what type of cloud delivery model would you recommend to use?

Community

What refers to the continuous execution of the first three steps (dev, build, and test) in an application development life cycle?

Continuous integration

Which of the following cloud technologies reduces the amount of storage space needed by removing redundant copies of stored files?

Deduplication

Which of the following services within a cloud is responsible for resolving hostnames to IP addresses?

Domain Name System

You have been tasked with designing the Federal Information Processing Standard (FIPS) 140-2 compliant application. Which technology should you be concerned with?

Encryption

Which of the following stipulates and outlines the books and record-keeping requirements?

Financial Industry Regulatory Authority

You are obtaining cloud-based networking for your company. The CIO insists that the cloud resources be as safe as possible from potential hackers. Which service will help with this?

Firewall

You are negotiating an SLA with a CSP. Which of the following high availability guarantees is likely to cost you the most?

Five nines

Linux as an operating system utilizes which license type?

Free-for-use

Which of the following defines the set of actions or steps taken once a risk event has occurred?

Incident response

Which cloud service allows a customer to install all software, including operating systems (OSs) on hardware housed and connected by the cloud vendor?

Infrastructure

Meghan is working as a cloud analyst at Congruence Corp. Management has informed her about the data breach in the company's datacenter. For this, she investigated the security of the datacenter and found that the data in transit are intercepted by an attacker. Which of the following has the attacker compromised during the attack?

Integrity

Which of the following statements are correct regarding a gap analysis?

It identifies which technical features or functions have been left out of the migration plan. It prioritizes the allocation of resources.

Your current cloud contract is expiring, and you need to quickly move to a different provider. Which type of migration is best in this situation?

Lift and shift

Which of the following properties is the measure of the latency between the data and the end user?

Locality

Which of the following cloud services uses probabilities to make predictions about input?

Machine learning

Mike recently implemented an intrusion prevention system designed to block common network attacks from affecting his organization. What type of risk management strategy is he pursuing?

Mitigation

Which of the following risk responses attempts to reduce the probability of a threat against an asset by utilizing resources?

Mitigation

Which of the following risk responses decides to initiate actions to prevent any risk from taking place?

Mitigation

You are setting up a cloud solution for your company, and it needs to be optimized for unstructured data. Which storage type is appropriate?

Object

Which of the following cloud resources will have a cost associated with any transfer of data out of the CSP's infrastructure?

Object storage Network

Which of the following strives to make automation efficient and manageable in the cloud?

Orchestration

Which of the following documents are used to provide high-level guidance dictated by business goals and objectives?

Policy

Which of the following provides directions, guidance, and goals for an organization?

Policy

What refers to a small project that demonstrates the feasibility of a solution or part of a solution?

Proof of concept

You want to test a solution from a CSP to show that a new technology works properly. Which type of evaluation should you perform?

Proof of concept

Lauren's healthcare provider maintains data such as the patient's health, treatments, and medical billing. What type of data is this?

Protected health information

Microsoft Azure is an example of which type of cloud deployment model?

Public

Which of the following analyses is dependent on the perceived value of an asset?

Qualitative

Which of the following analyses is dependent on the monetary value of an asset?

Quantitative

Bella, a cloud administrator, is looking at business requirements that specify the data available at the disaster recovery site must not be more than 24 hours old. Which of the following metrics correctly relates to these requirements?

Recovery time objective

According to the results of a testing process, Ron, an application tester, has made some changes to the application. Now, he wishes to check whether the changes made in the application have caused the previously existing functionality to fail or not. Which test should he perform?

Regression

You are working as a cloud administrator at Congruence Crop. You have approached the development team for some minor changes to increase the usability of an application used by the business group. Earlier security audits of the code demonstrated no critical vulnerabilities, and since the changes were minor, they were given a peer review and then pushed to the live environment. Consequent vulnerability scans now show various flaws that were not present in the previous versions of the code. Which of the following practices should have been followed?

Regression testing

What will you use to collect written information about a CSP's capabilities?

Request for information

You are searching for the right cloud vendor for your organization. Which of the following should be your first step?

Request for information

Which of the following is the process of rendering data unusable either digitally or physically?

Sanitization

Your CTO wants to ensure that company users in Asia, Europe, and South America have access to cloud resources. Which cloud characteristic should be considered to meet the business need?

Scalability

In the Continuous Integration Continuous Delivery (CI/CD) pipeline, the four steps (develop, build, test, and release) are separated into _____________ from each other, and the CI/CD attempts to remove them.

Silos

Gmail is an example of which type of cloud service?

Software as a service

Which cloud concept makes networks more agile by separating the forwarding of network packets from the logical decision-making process?

Software-defined networking

Which document specifies the steps that an individual or an organization takes once an event occurs?

Standard operating procedure

John is working as a cloud engineer at XYZ Inc. Management has asked him to test the backup disaster recovery site. For this, he wants to verify that the database in the disaster recovery facility is updated in real-time and remains current with the production replica in the primary data center. Which of the following should he use in his primary data center servers?

Synchronous replication

A client is negotiating an SLA with a CSP. Who is responsible for defining the recovery point objective (RPO) and recovery time objective (RTO)?

The client defines the RPO, and the CSP defines the RTO.

Which of the following data sovereignty laws will an organization consider for doing business internationally?

The nationality of the user for whom the organization is storing data The location of the organization that stores the data The nation where the data is stored

What is SSH used for within the cloud environment?

To remotely manage a Linux server

Internal IT employees need to learn to use a new cloud-based software interface to manage corporate services. What should you request from the CSP?

Training

Which of the following are the basic responses to risk?

Transfer, avoid, mitigate, and accept

You are implementing multiple levels of security for new cloud resources. Which of the following is not a method of cloud-based identity access management?

Virtual desktop infrastructure

Laura, a penetration tester, is asked to identify the services and desktops that have missing security updates and patches. Which of the following will she perform to accomplish the task?

Vulnerability scanning

The three main components of risk are:

assets, threat, and probability.


Ensembles d'études connexes

Smartbook Chapter 12: Accounting for Partnerships

View Set

Assessing Head and Neck w/ PrepU

View Set

Introduction to Respiratory System - Med Surg

View Set

Final Study Guide Art Appreciation

View Set

ACC 444 - CH 10 (Processing Integrity and Availability Controls)

View Set

Signs/Licensing Requirements Quiz

View Set