CS4451 Module 11
Which of the following statements are true regarding containers and VMs? Select three.
A Type I hypervisor is a bare metal hypervisor. Containers and VMs can be moved from one computer to another. A container holds only the necessary operating system components for a specific application to run.
You are a cloud sales engineer working with an institution that needs to comply with strict federal regulations to avoid being levied very hefty fines. What type of cloud offering are you most likely to recommend?
A community cloud
Diana is not very tech savvy but is a marketing genius. She signs a deal with a cloud contractor who will help her set up an online retail store selling rare items. On what type of cloud will her website most likely be hosted?
A public cloud because the cloud services are available to everyone.
A programming hobbyist uses a cloud provider to create an online app to back up his CD collection. As soon as he launches the app, it creates an online backup in the form of an ISO image, creates separate MP3 files for each song, and downloads them to a specific folder. What type of computing does this most likely resemble?
Cloud
How does a cloud firewall differ from one installed and implemented using a physical security appliance?
Cloud firewalls may cost more in the long run.
In this architecture, software code can be updated more easily with new features and functionality added without rewriting the entire application. What framework, model, or architecture does this statement describe? Select two.
Cloud-native Microservices
Tanvi is responsible for applying and enforcing mitigation controls to help secure the cloud implementation her company is about to deploy. What areas of cloud computing is she most likely to be concerned with? Select three.
Compute Network Storage
Which of the following statements most accurately describes characteristics of cloud computing? Select two.
Computing resources can be increased or decreased quickly to meet changing demands. They reduce the cost of CapEx by shifting them to OpEx.
In an SDN you need to configure the entity responsible for routing and security checks? Which component are you going to be configuring?
Control plane
An industrial plant has a series of Internet of Things devices that connect to a nearby wireless system. The system will process the collected data, store it, and send it off to the cloud. From a computing location perspective, what type of model is assumed in this scenario?
Edge
A small team of innovative engineers are organizing a company to research and develop unconventional computing and networking modes of operation. Since they have limited funds for hardware, they will initially use a cloud provider. What type of cloud platform are they most likely to use?
Iaas
A potential client wants to migrate some of their services to the cloud but is concerned about failover capabilities. What will the sales engineer from the cloud provider most likely say to help ease the client's concern?
If there is a server failure, services will be moved to other servers at no additional cost.
A company has ported their software to the cloud using a cloud-native format. The components of the application were implemented using a collection of microservices. Which of the following best describes what the company should do to ensure the microservices are able to access each other securely?
Implement secrets management.
Yara is responsible for managing the hybrid cloud posture her company has adopted. Which of the following practices is Yara most likely to help enforce? Select two.
Inspect encrypted traffic. Run scans to identify weak points.
A large organization uses a cloud provider with a security model that incorporates a variety of technologies. Their goal is to ensure predefined security policies are applied when their data or applications are accessed. In addition, they want to continue monitoring security risks when users or devices are connected. What type of model are they using to help ensure access to their digital assets is secure?
SASE
A large corporation with offices and branch sites throughout the world needs the flexibility of being able to securely handle different kinds of traffic and conditions between sites in real time. Which of the following technologies is most likely to offer the best solution?
SD-WAN
Jelvin is working for an organization that is committed to developing software in which critical security functions can be automated and not require manual intervention. Which of the following enables this capability?
SDV
Which of the following best describes what should be used to help secure VMs and/or containers? Select two.
SELinux Nonprivileged user accounts to manage container-based processes
As a cloud specialist, you are asked to set up a system that, among other capabilities, can analyze traffic that is encrypted using SSL. What type of device are you most likely to deploy?
SWG
A university is locally managing the learning management system they use for students on a few clustered servers. They are exploring cloud solutions to relieve some of the burden related to managing the servers. Which of the following implementations would help them satisfy their requirement?
SaaS
You configure a collection of cloud-based virtual machines (VMs) that should be logically separated from other systems in your cloud configuration. What type of control can you implement to help realize this end?
Security group
A company is using resources on a server to host an application in a Software as a Service (SaaS) environment. Which of the following best describes the type of architecture being employed?
Serverless infrastructure
Company A bought out Company B because they are certain they can dramatically capitalize on their software portfolio. Company B sees many opportunities in porting a good number of their offerings to the cloud using a cloud-native format. What are some of the benefits Company B anticipates by porting the software? Select two.
Software teams can use a variety of programming languages when rewriting the code. Cloud-based apps are well suited for microservices APIs and RESTful APIs.
Which of the following most accurately describes the relationship between the Open Systems Interconnection (OSI) model used to describe a traditional network and the cloud?
The OSI model is not very useful because cloud assets are virtualized.
Kokum is on a team analyzing the possibility of developing future apps using microservices. The team has a brainstorming session on cloud security and writes down everything that comes to mind. Considering the statements they wrote, which of the following are NOT true? Select two.
The security of applications running in the cloud is the responsibility of the cloud provider. If we develop an app with built-in security, its native instantiation will be sufficiently secure.
A company was convinced their cloud implementation was very secure. However, a security audit conducted by a third-party cloud security company discovered a vulnerability. Which of the following could have contributed to, or explains, the vulnerability?
They failed to clearly understand the responsibility matrix.
A government agency agrees to include a contractual clause that enables third parties to assess security control of cloud providers. Why are they most likely to include such a clause?
They want to be authenticated as being in compliance.
Various departments in a large organization have been using computing and storage resources from AWS in an uncoordinated fashion. To manage their cloud resources more efficiently, they would like to adopt an approach that is more consolidated and streamlined. Which of the following would you recommend?
Transit gateway
Your company asks you to be the project lead in establishing a private cloud. Which of the following are most likely to be true? Select two.
You will create a private network and isolate it from all the available cloud service providers. You expect your company to purchase and maintain all the required hardware and software.
A company has been managing their data center for years. As the company has grown, so has their need for additional hardware. They've decided to migrate to the cloud but need a solution that can withstand natural disasters. Which of the following best identifies the feature of cloud providers that can furnish this capability?
Zones