Chapter 13: Review Questions

Ace your homework & exams now with Quizwiz!

A(n) _____ is a contract between a CSP and the customer that describes what services are being provided and at what level.

CSA (Cloud Service Agreement)

Commingled data isn't a concern when acquiring cloud data. True or False?

False

Updated to the EU Data Protection Rules will affect how data is moved during an investigation regardless of location. True or False?

False. It will affect data transfers outside the EU.

Amazon was an early provider of Web-based services that eventually developed into the cloud concept. True or False?

False. SalesForce

In which cloud service level can customers rent hardware and install whatever OSs and applications they need?

IaaS (Infrastructure as a Service)

A CSP's incident response team typically consists of which staff? List at least three positions.

Network Admin, system admin, legal advisors.

Public cloud services such as Dropbox and OneDrive use what encryption applications?

Sophos SafeGuard Encryption and Sophos Mobile Control

The cloud services Dropbox, Google Drive, and OneDrive have Registry entries. True or False?

True

The multitenancy nature of cloud environments means conflicts in privacy laws can occur. True or False?

True

To see Google Drive synchronization files, you need a SQL viewer. True or False?

True

What capabilities should a forensics tools have to acquire data from the cloud? a. Identify and acquire data from the cloud b. Expand and contract data storage capabilities as needed for service changes. c. Circumvent firewalls to access cloud data. d. Examine virtual systems.

a.

When should a temporary restraining order be request for cloud environments? a. When cloud customers need immediate access to their data b. To enforce a court order c. When anti-forensics techniques are suspected d. When a search warrant requires seizing a CSP's hardware and software used by other parties not involved in the case

a.

NIST document SP 500-322 defines more than 75 cloud services, including which of the following? a. Backup as a service b. Security as a service c. Drupal as a service d. Intelligence as a service

a., b., c.

Which of the following is a mechanism the ECPA describes for the government to get electronic information from a provider? a. Subpoenas with prior notice b. Temporary restraining orders c. Search warrants d. Court orders

a., c., d.

Which of the following cloud deployment methods typically offers no security? a. Hybrid cloud b. Public cloud c. Community cloud d. Private cloud

b.

What are the three levels of cloud services defined by NIST? a. CRC, DRAM, and IMAP b. OpenStack, FROST, and management plane c. SaaS, PaaS, IaaS d. Hybrid, private, and community clouds

c.

Evidence of cloud access found on a smartphone usually means which cloud service level was in use? a. IaaS b. HaaS c. PaaS d. SaaS

d.

What are the two states of encrypted data in a secure cloud? a. RC4 and RC5 b. CRC-32 and UTF-16 c. Homomorphic and AES d. Data in motion and data at rest

d.


Related study sets

Week 3 PATHO 370 Check Your Understanding

View Set

Chapter 7 Miscellaneous Personal Lines Coverage

View Set

Small business management Mid-Term

View Set

AP Gov Political Socialization and Public Opinion

View Set

Chapter 2: Anatomy and Physiology

View Set

مكانيكا تقليديه (1) طالبه:عفاف موسى استنتاجات تعاريف معادلات

View Set