Chapter 13: Review Questions
A(n) _____ is a contract between a CSP and the customer that describes what services are being provided and at what level.
CSA (Cloud Service Agreement)
Commingled data isn't a concern when acquiring cloud data. True or False?
False
Updated to the EU Data Protection Rules will affect how data is moved during an investigation regardless of location. True or False?
False. It will affect data transfers outside the EU.
Amazon was an early provider of Web-based services that eventually developed into the cloud concept. True or False?
False. SalesForce
In which cloud service level can customers rent hardware and install whatever OSs and applications they need?
IaaS (Infrastructure as a Service)
A CSP's incident response team typically consists of which staff? List at least three positions.
Network Admin, system admin, legal advisors.
Public cloud services such as Dropbox and OneDrive use what encryption applications?
Sophos SafeGuard Encryption and Sophos Mobile Control
The cloud services Dropbox, Google Drive, and OneDrive have Registry entries. True or False?
True
The multitenancy nature of cloud environments means conflicts in privacy laws can occur. True or False?
True
To see Google Drive synchronization files, you need a SQL viewer. True or False?
True
What capabilities should a forensics tools have to acquire data from the cloud? a. Identify and acquire data from the cloud b. Expand and contract data storage capabilities as needed for service changes. c. Circumvent firewalls to access cloud data. d. Examine virtual systems.
a.
When should a temporary restraining order be request for cloud environments? a. When cloud customers need immediate access to their data b. To enforce a court order c. When anti-forensics techniques are suspected d. When a search warrant requires seizing a CSP's hardware and software used by other parties not involved in the case
a.
NIST document SP 500-322 defines more than 75 cloud services, including which of the following? a. Backup as a service b. Security as a service c. Drupal as a service d. Intelligence as a service
a., b., c.
Which of the following is a mechanism the ECPA describes for the government to get electronic information from a provider? a. Subpoenas with prior notice b. Temporary restraining orders c. Search warrants d. Court orders
a., c., d.
Which of the following cloud deployment methods typically offers no security? a. Hybrid cloud b. Public cloud c. Community cloud d. Private cloud
b.
What are the three levels of cloud services defined by NIST? a. CRC, DRAM, and IMAP b. OpenStack, FROST, and management plane c. SaaS, PaaS, IaaS d. Hybrid, private, and community clouds
c.
Evidence of cloud access found on a smartphone usually means which cloud service level was in use? a. IaaS b. HaaS c. PaaS d. SaaS
d.
What are the two states of encrypted data in a secure cloud? a. RC4 and RC5 b. CRC-32 and UTF-16 c. Homomorphic and AES d. Data in motion and data at rest
d.
