3 Months Free Update
3 Months Free Update
3 Months Free Update
What are the U.S. State Department controls on technology exports known as?
BCDR strategies typically do not involve the entire operations of an organization, but only those deemed critical to their business.
Which concept pertains to the required amount of time to restore services to the predetermined level?
Which of the following provides assurance, to a predetermined acceptable level of certainty, that an entity is indeed who they claim to be?
Countermeasures for protecting cloud operations against internal threats include all of the following except:
Because of multitenancy, specific risks in the public cloud that don’t exist in the other cloud service models include all the following except:
IRM solutions allow an organization to place different restrictions on data usage than would otherwise be possible through traditional security controls.
Which of the following controls would be possible with IRM that would not with traditional security controls?
The goals of SIEM solution implementation include all of the following, except:
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?
What does static application security testing (SAST) offer as a tool to the testers?
Which European Union directive pertains to personal data privacy and an individual's control over their personal data?
Which of the following would be considered an example of insufficient due diligence leading to security or operational problems when moving to a cloud?
Which of the following types of data would fall under data rights management (DRM) rather than information rights management (IRM)?
DLP can be combined with what other security technology to enhance data controls?
The various models generally available for cloud BC/DR activities include all of the following except:
Which of the following best describes the purpose and scope of ISO/IEC 27034-1?
Which of the following could be used as a second component of multifactor authentication if a user has an RSA token?
If you're using iSCSI in a cloud environment, what must come from an external protocol or application?
Which of the following pertains to fire safety standards within a data center, specifically with their enormous electrical consumption?
What is the primary reason that makes resolving jurisdictional conflicts complicated?
What must be secured on physical hardware to prevent unauthorized access to systems?
Which of the following is NOT a criterion for data within the scope of eDiscovery?
Which of the following threat types can occur when baselines are not appropriately applied or unauthorized changes are made?
Which of the following concepts refers to a cloud customer paying only for the resources and offerings they use within a cloud environment, and only for the duration that they are consuming them?
Which of the following represents a prioritization of applications or cloud customers for the allocation of additional requested resources when there is a limitation on available resources?
Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?
Which of the following actions will NOT make data part of the "create" phase of the cloud data lifecycle?
Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?
Which of the following roles involves the connection and integration of existing systems and services to a cloud environment?
Which of the following would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?
What expectation of data custodians is made much more challenging by a cloud implementation, especially with PaaS or SaaS?
Which protocol allows a system to use block-level storage as if it was a SAN, but over TCP network traffic instead?
What is the first stage of the cloud data lifecycle where security controls can be implemented?
Which of the following pertains to a macro level approach to data center design rather than the traditional tiered approach to data centers?
Which one of the following threat types to applications and services involves the sending of requests that are invalid and manipulated through a user's client to execute commands on the application under the user's own credentials?
If a company needed to guarantee through contract and SLAs that a cloud provider would always have available sufficient resources to start their services and provide a certain level of provisioning, what would the contract need to refer to?
Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.
Which of the following is NOT a technology for securing data in transit?
If you are running an application that has strict legal requirements that the data cannot reside on systems that contain other applications or systems, which aspect of cloud computing would be prohibitive in this case?
During which phase of the cloud data lifecycle is it possible for the classification of data to change?
You just hired an outside developer to modernize some applications with new web services and functionality. In order to implement a comprehensive test platform for validation, the developer needs a data set that resembles a production data set in both size and composition.
In order to accomplish this, what type of masking would you use?
Which of the following is NOT one of the main intended goals of a DLP solution?
Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on.
Which of the following audits are considered "restricted use" versus being for a more broad audience?
Within a federated identity system, which entity accepts tokens from the identity provider?
The REST API is a widely used standard for communications of web-based services between clients and the servers hosting them.
Which protocol does the REST API depend on?
Which cloud service category would be most ideal for a cloud customer that is developing software to test its applications among multiple hosting providers to determine the best option for its needs?
Firewalls are used to provide network security throughout an enterprise and to control what information can be accessed--and to a certain extent, through what means.
Which of the following is NOT something that firewalls are concerned with?
Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?
A crucial decision any company must make is in regard to where it hosts the data systems it depends on. A debate exists as to whether it's best to lease space in a data center or build your own data center--and now with cloud computing, whether to purchase resources within a cloud.
What is the biggest advantage to leasing space in a data center versus procuring cloud services?
One of the main components of system audits is the ability to track changes over time and to match these changes with continued compliance and internal processes.
Which aspect of cloud computing makes this particular component more challenging than in a traditional data center?
ISO/IEC has established international standards for many aspects of computing and any processes or procedures related to information technology.
Which ISO/IEC standard has been established to provide a framework for handling eDiscovery processes?
In the wake of many scandals with major corporations involving fraud and the deception of investors and regulators, which of the following laws was passed to govern accounting and financial records and disclosures?
Which if the following is NOT one of the three components of a federated identity system transaction?
Which of the following service capabilities gives the cloud customer the most control over resources and configurations?
Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?
What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?
What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the following is a commonly used tool for maintaining system configurations?
How many additional DNS queries are needed when DNSSEC integrity checks are added?
What is an often overlooked concept that is essential to protecting the confidentiality of data?
Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?
Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?