CSS341 Quiz 6

What type of credential is commonly used to restrict access to an API?

API key

Brian is selecting a CASB for his organization and he would like to use an approach that interacts with the cloud provider directly. Which CASB approach is most appropriate for his needs?

API-based CASB

Which one of the following would not commonly be available as an IaaS service offering?

CRM

Which one of the following statements about cloud computing is incorrect?

Cloud computing customers provision resources through the service provider's sales team.

A coalition of universities banded together and created a cloud computing environment that is open to all member institutions. The services provided are basic IaaS components. What term best describes this cloud model?

Community cloud

Under the shared responsibility model, which component always remains the responsibility of the customer, regardless of the cloud service model used?

Data

Which one of the following services is not an example of FaaS computing?

DeepLens

Kevin is using a service where a cloud provider offers a platform that executes his code in response to discrete events. He is billed based on the actual resources consumed during each code execution event. What term best describes this service?

FaaS

Which cloud computing deployment model requires the use of a unifying technology platform to tie together components from different providers?

Hybrid cloud

Under the shared responsibility model, in which tier of cloud computing is the customer responsible for securing the operating system?

IaaS

In which of the following cloud categories are customers typically charged based on the number of virtual server instances dedicated to their use?

IaaS and PaaS

Which one of the following is a characteristic of DevOps approaches to technology?

Increasing the frequency of application releases

Which one of the following statements about inline CASB is incorrect?

Inline CASB solutions can monitor activity but cannot actively enforce policy.

In which cloud computing service model does the customer share responsibility with the cloud provider for datacenter security?

None of the above

Gina gained access to a client's AWS account during a penetration test. She would like to determine what level of access she has to the account. Which one of the following tools would best meet her need?

Pacu

Tony purchases virtual machines from Microsoft Azure and uses them exclusively for use by his organization. What model of cloud computing is this?

Public cloud

Helen designed a new payroll system that she offers to her customers. She hosts the payroll system in AWS and her customers access it through the web. What tier of cloud computing best describes Helen's service?

SaaS

Amanda would like to run a security configuration scan of her Microsoft Azure cloud environment. Which one of the following tools would be most appropriate for her needs?

ScoutSuite

Which one of the following conditions is not likely to trigger an alert during an automated cloud security assessment?

Sharing of API keys among different developers

Which one of the following is not an example of infrastructure as code?

Using a cloud provider's web interface to provision resources