Fundamentals of Cloud Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

True or False? The key to Cortex XDR is blocking core exploit and malware techniques, not individual attacks.

True.

Which three options partially comprise the six elements of SecOps? (Choose three.) A. People B. Networking C. Data storage D. Technology E. Processes

A. People D. Technology E. Processes

Which SecOp function requires processing large amounts of information, and typically is automated? A. Identify B. Investigate C. Mitigate D. Improve

A. Identify

Which step of the CI/CD pipeline cannot be automated? A. Coding B. Integration C. Testing D. Monitoring

A. Coding

Which NIST cloud service model requires the customer to keep the operating system up to date? A. IaaS B. PaaS C. FaaS D. SaaS

A. IaaS

Which three options partially comprise the six elements of SecOps? (Choose three.) A. Visibility B. Disaster recovery C. Business D. Interfaces E. Regular audits

A. Visibility C. Business D. Interfaces

Which two advantages does endpoint protection technology have over network traffic analysis? (Choose two.) A. ability to identify most common attacks by their symptoms B. deployed and managed centrally C. easier to deploy endpoint protection when people work from home D. detects command and control channels E. can easily identify worms

A. ability to identify most common attacks by their symptoms C. easier to deploy endpoint protection when people work from home

What are the two meanings of the CI/CD pipeline? (Choose two.) A. continuous integration/continuous delivery B. continuous implementation/continuous delivery C. continuous integration/continuous deployment D. continuous implementation/continuous deployment

A. continuous integration/continuous delivery C. continuous integration/continuous deployment

An analysis tool raised an alert, but the security analyst who researched it discovered it wasn't a problem. Which type of finding is this? A. false positive B. true positive C. false negative D. true negative

A. false positive

Which option is a type 2 hypervisor? A. hosted B. native C. bare-metal D. imported

A. hosted

What is the term for traffic between a web site and a remote user's browser? A. north-south B. east-west C. unknown D. cloud

A. north-south

Which type of traffic can be secured by a physical appliance? A. north-south B. east-west C. unknown D. cloud

A. north-south

In which cloud computing service model does a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure? A. platform as a service (PaaS) B. infrastructure as a service (IaaS) C. software as a service (SaaS) D. public cloud

A. platform as a service (PaaS)

Who is responsible for the software of a sanctioned SaaS application? A. provider B. IT department C. line of business that uses it D. users

A. provider

Which NIST cloud deployment model would you recommend for a startup that does not have much money to pay for hosting or a data center and needs a 24x7 server? A. public B. private C. community D. hybrid

A. public

Which three attributes are advantages of serverless computing, when compared with CaaS? (Choose three.) A. reduced costs B. increased control over the workload C. increased ability to monitor and identify problems D. increased agility E. reduced operational overhead

A. reduced costs D. increased agility E. reduced operational overhead

Which cloud use model restricts your choice of a runtime environment to the environments supported by the cloud provider? A. serverless B. on-demand containers C. containers as a service (CaaS) D. standard docker containers

A. serverless

What is the advantage of automated responses over manual responses? A. speed B. accuracy C. flexibility D. user friendliness

A. speed

Which action is part of the identity security pillar? A. user and entity behavior analytics (UEBA) B. Microservice-aware micro-segmentation C. integration with the CI/CD workflow D. automated asset inventory

A. user and entity behavior analytics (UEBA)

Ten containers running on five virtual machines are spread between two type 1 hypervisors. How many OS instances are you running? A. 2 B. 5 C. 7 D. 17

B. 5

Which cloud provider calls its IaaS service Elastic Computing Service (ECS)? A. Alibaba B. AWS C. Azure D. GCP

B. AWS

Who is responsible for the security settings of a sanctioned SaaS application? A. provider B. IT department C. line of business that uses it D. users

B. IT department

Which three operating systems are supported by Cortex XDR? (select three) A. z/OS B. Linux C. macOS D. Minix E. Android

B. Linux C. macOS E. Android

Which action is part of the network security pillar? A. user and entity behavior analytics (UEBA) B. Microservice-aware micro-segmentation C. integration with the CI/CD workflow D. automated asset inventory

B. Microservice-aware micro-segmentation

Which environment allows you to install an appliance that sees all traffic? A. LAN when people work from home B. Non-virtualized data center C. virtualized data center D. VPC network

B. Non-virtualized data center

Which NIST cloud service model limits your choice of runtime environments in which an application can be written? A. IaaS B. PaaS C. FaaS D. SaaS

B. PaaS

What are the two advantages of SASE? (Choose two.) A. a single physical point of ingress into the organization B. a single logical point of ingress into the organization C. a single physical point of egress out of the organization D. a single logical point of egress from the organization

B. a single logical point of ingress into the organization D. a single logical point of egress from the organization

Two companies use Gmail for their email (SaaS). Which two components may be transparently shared between them? (Choose two.) A. address book B. application code C. messages D. message database E. user identities

B. application code D. message database

1. What does the first phase of implementing security in virtualized data centers consist of? A. consolidating servers across trust levels B. consolidating servers within trust levels C. selectively virtualizing network security functions D. implementing a dynamic computing fabric

B. consolidating servers within trust levels

Which cloud use model allows you to use containers without having to manage the underlying hardware and virtualization layers, but still lets you access the underlying virtualization if needed? A. serverless B. containers as a service (CaaS) C. standard docker containers D. VM-integrated containers

B. containers as a service (CaaS)

What is the term for traffic between a web site and a local database that stores information for it? A. north-south B. east-west C. unknown D. cloud

B. east-west

Which type of traffic can stay contained in a single physical server? A. north-south B. east-west C. unknown D. trusted

B. east-west

An analysis tool's machine learning identified, correctly, that the network is infected by a worm. What type of finding is this? A. false positive B. true positive C. false negative D. true negative

B. true positive

Ten containers running on five virtual machines are spread between two type 2 hypervisors. How many OS instances are you running? A. 2 B. 5 C. 7 D. 17

C. 7

What is the relationship between SIEM and SOAR? A. SIEM products implement the SOAR business process. B. SIEM and SOAR are different names for the same product category. C. SIEM systems collect information to identify issues that SOAR products help mitigate. D. SOAR systems collect information to identify issues that SIEM products help mitigate.

C. SIEM systems collect information to identify issues that SOAR products help mitigate.

Which step of the CI/CD pipeline is the ideal place for automated penetration testing? A. Coding B. Integration C. Testing D. Deployment

C. Testing

What is the order in which the endpoint checks if a new program is safe? A. behavioral threat protection, then local analysis, then WildFire query B. local analysis, then behavioral threat protection, then WildFire query C. WildFire query, then local analysis, then behavioral threat protection D. local analysis, then WildFire query, then behavioral threat protection

C. WildFire query, then local analysis, then behavioral threat protection

Which systems must you secure to ensure compliance with security standards? A. the servers in the data center B. the devices owned by the enterprise, whether they are servers in the data center, cloud vms you manage, or user endpoint devices C. any system where the data for which you are responsible goes D. every device that is either owned by the enterprise, or used by enterprise employees

C. any system where the data for which you are responsible goes

Intra-VM traffic is also known as which type of traffic? A. north-south B. unknown C. east-west D. untrusted

C. east-west

Which action is part of the compute security pillar? A. user and entity behavior analytics (UEBA) B. Microservice-aware micro-segmentation C. integration with the CI/CD workflow D. automated asset inventory

C. integration with the CI/CD workflow

What stage of an attack is typically east-west traffic? A. reconnaissance B. weaponization C. lateral spread D. actions on the objective

C. lateral spread

Of the endpoint checks, what is bypassed for known programs? A. WildFire query B. behavioral threat protection C. local analysis D. Firewall analysis

C. local analysis

Which two types of services does SASE provide? (Choose two.) A. Storage B. security C. networking D. compute

C. networking

What does Cortex XSOAR use to automate security processes? A. bash scripts B. Windows PowerShell C. playbooks D. Python scripts

C. playbooks

Which cloud service model lets you install a firewall to protect your information? A. SaaS B. PaaS C. FaaS D. IaaS

D. IaaS

You are responsible for the security of the application, the runtime, and the VM operating system. Which cloud deployment model are you using? A. SaaS B. FaaS C. PaaS D. IaaS

D. IaaS

GDPR compliance is required to do business in which area? A. United States of America B. Canada C. China D. European Union

D. European Union

What is the meaning of a SaaS application that is advertised as being HIPPA compliant? A. Regardless of how you configure the application for your enterprise, you will be HIPPA compliant. B. If your administrator configures the security settings on the application correctly, you will be HIPPA compliant. C. If your administrator and your users use the application correctly, you will be HIPPA compliant. D. If your administrator and your users use the application correctly, the application will not cause you to not be HIPPA compliant.

D. If your administrator and your users use the application correctly, the application will not cause you to not be HIPPA compliant.

Which SecOp function is proactive? A. Identify B. Investigate C. Mitigate D. Improve

D. Improve

How would a port filter firewall classify access to the URL https://example.com:22/this/page? A. HTTP B. HTTPS C. Telnet D. SSH

D. SSH

Which NIST cloud service model does not require the customer organization to do any programming? A. IaaS B. PaaS C. FaaS D. SaaS

D. SaaS

What does SASE stand for? A. Service Access SEcurity B. Semi-Accessible Sensitive Environment C. Secrets Accessible in a Secure Environment D. Secure Access Service Edge

D. Secure Access Service Edge

What does SOAR stand for? A. Security Operations Automation for Reaction B. Secure Operations And Research C. Security Operations, Analysis, and Research D. Security Orchestration, Automation, and Response

D. Security Orchestration, Automation, and Response

Which cloud use model runs just one container per virtual machine? A. serverless B. containers as a service (CaaS) C. standard docker containers D. VM-integrated containers

D. VM-integrated containers

Which action is part of the compute cloud governance and compliance pillar? A. user and entity behavior analytics (UEBA) B. Microservice-aware micro-segmentation C. integration with the CI/CD workflow D. automated asset inventory

D. automated asset inventory

Which continuous processes replaces manual checks with automated code testing and deployment? A. integration B. development C. delivery D. deployment

D. deployment

Which of the following security issues can cause a long patched vulnerability to resurface? A. VM sprawl B. intra-vm communications C. hypervisor vulnerabilities D. dormant virtual machines

D. dormant virtual machines

A news company can serve all requests from their data center 95% of the time. However, some days there is a huge demand for news updates. Which NIST deployment model is recommended for the company? A. public B. private C. community D. hybrid

D. hybrid

Which component may be shared with other cloud tenants even when using IaaS? A. application B. runtime C. virtual machine (guest) D. physical machine (host)

D. physical machine (host)

True or False? Prisma SaaS is used to protect sanctioned SaaS use, as part of an integrated security solution that includes next-generation firewalls to prevent unsanctioned SaaS use. Prisma SaaS communicates directly with the SaaS applications themselves and therefore does not need to be deployed inline and does not require any software agents, proxies, additional hardware, or network configuration changes.

False

True or False? Prisma SaaS protects data in hosted files and application entries.

True

Which type of hypervisor is hosted and runs within an operating system environment? Type 1 Type 2 Type 3 Type 4

Type 2

Which DevOps CI/CD pipeline feature requires developers to integrate code into a repository several times per day for automated testing? continuous delivery continuous deployment continuous identity continuous integration

continuous integration

Which cloud security compliance requirement uses granular policy definitions to govern access to SaaS applications and resources in the public cloud and to apply network segmentation? access governance compliance auditing configuration governance real-time discovery

access governance

Which cloud native security platform function remediates vulnerabilities and misconfigurations consistently across the entire build-deploy-run lifecycle? automation integration visibility continuity

automation

Which SASE security-as-a-service layer capability provides visibility into SaaS application use, understands where sensitive data resides, enforces company policies for user access, and protects data from hackers? secure web gateway (SWG) data loss prevention (DLP) firewall as a service (FWaaS) cloud access security broker (CASB)

cloud access security broker (CASB)

Which Prisma SaaS feature connects directly to the applications themselves and provides continuous silent monitoring of the risks within sanctioned SaaS applications, with detailed luminosity that is not possible with traditional security solutions? granular data visibility large scale data control data exposure visibility contextual data exposure

data exposure visibility

Which security consideration is associated with inadvertently missed anti-malware and security patch updates to virtual machines? hypervisor vulnerabilities VM sprawl dormant VMs intra-VM communications

dormant VMs

Which phased approach of hybrid cloud security requires networking and security solutions that not only can be virtualized but also are virtualization-aware and can dynamically adjust as necessary to address communication and protection requirements, respectively? consolidation servers within trust levels dynamic computing fabric consolidation servers across trust levels selective network security virtualization

dynamic computing fabric

Which value can be achieved by the ability to pool resources in cloud computing? resource aggregation economies of scale and agility application consolidation elasticity

economies of scale and agility

In which cloud service model are customers responsible for securing their virtual machines and the virtual machine operating systems, and for operating system runtime environments, application software, and application data? platform as a service (PaaS) identity as a service (IaaS) software as a service (SaaS) infrastructure as a service (IaaS)

infrastructure as a service (IaaS)

Which cloud solution is hosted in-house and usually is supported by a third party? distributed workforce cloud infrastructure on-premises infrastructure as a service

on-premises

Which security technology is designed to help organizations embrace the concepts of cloud and mobility by providing network and network security services from a common cloud-delivered architecture? cloud native secure access service edge (SASE) platform as a service distributed cloud

secure access service edge (SASE)

Which cloud security best practice is deployed to ensure that every person who views or works with your data has access only to what is absolutely necessary? set appropriate privileges keep cloud software updated build security policies and best practices into cloud images review default settings

set appropriate privileges

Which type of algorithm does Prisma SaaS use to sort sensitive documents into top-level categories for document classification and categorization? dynamic programming supervised machine learning artificial intelligence recursive

supervised machine learning

Which software development concept that also has been applied more generally to IT says that additional future costs for rework are anticipated due to an earlier decision or course of action that was necessary for agility but was not necessarily the most optimal or appropriate decision or course of action? role-based access control technical debt software lifecycle runtime environment

technical debt

Which sanctioned SaaS use control prevents known and unknown malware from residing in sanctioned SaaS applications, regardless of source? threat prevention data visibility control risk prevention data exposure control

threat prevention


Ensembles d'études connexes

Fingers, Hand, Wrist, Forearm, Elbow, Humerus, and Shoulder

View Set

Simple, Complete, and Compound Subjects and Predicates

View Set

AP Gov: Interest Groups and Campaigning

View Set

Muscles of the face, lips and tongue

View Set

informatics exam 1 in class questions

View Set