3 Months Free Update
3 Months Free Update
3 Months Free Update
Which of the following would NOT be considered part of resource pooling with an Infrastructure as a Service implementation?
Your company is in the planning stages of moving applications that have large data sets to a cloud environment.
What strategy for data removal would be the MOST appropriate for you to recommend if costs and speed are primary considerations?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which of the following represents a prioritization of applications or cloud customers for the allocation of additional requested resources when there is a limitation on available resources?
Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?
Above and beyond general regulations for data privacy and protection, certain types of data are subjected to more rigorous regulations and oversight.
Which of the following is not a regulatory framework for more sensitive or specialized data?
Which of the following would be considered an example of insufficient due diligence leading to security or operational problems when moving to a cloud?
Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?
Modern web service systems are designed for high availability and resiliency. Which concept pertains to the ability to detect problems within a system, environment, or application and programmatically invoke redundant systems or processes for mitigation?
The European Union is often considered the world leader in regard to the privacy of personal data and has declared privacy to be a "human right."
In what year did the EU first assert this principle?
Which data state would be most likely to use digital signatures as a security protection mechanism?
Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?
If a key feature of cloud computing that your organization desires is the ability to scale and expand without limit or concern about available resources, which cloud deployment model would you MOST likely be considering?
Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?
The president of your company has tasked you with implementing cloud services as the most efficient way of obtaining a robust disaster recovery configuration for your production services.
Which of the cloud deployment models would you MOST likely be exploring?
ISO/IEC has established international standards for many aspects of computing and any processes or procedures related to information technology.
Which ISO/IEC standard has been established to provide a framework for handling eDiscovery processes?
Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?
Which of the following is NOT one of the main intended goals of a DLP solution?
With IaaS, what is responsible for handling the security and control over the volume storage space?
Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?
From the perspective of compliance, what is the most important consideration when it comes to data center location?
If you are running an application that has strict legal requirements that the data cannot reside on systems that contain other applications or systems, which aspect of cloud computing would be prohibitive in this case?
When an API is being leveraged, it will encapsulate its data for transmission back to the requesting party or service.
What is the data encapsulation used with the SOAP protocol referred to as?
Where is a DLP solution generally installed when utilized for monitoring data in use?
Although much of the attention given to data security is focused on keeping data private and only accessible by authorized individuals, of equal importance is the trustworthiness of the data.
Which concept encapsulates this?
An SLA contains the official requirements for contract performance and satisfaction between the cloud provider and cloud customer. Which of the following would NOT be a component with measurable metrics and requirements as part of an SLA?
Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on.
Which of the following audits are considered "restricted use" versus being for a more broad audience?
You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers.
Which of the following would be the most appropriate action to take first?
Which cloud storage type is typically used to house virtual machine images that are used throughout the environment?
Which of the following is considered an internal redundancy for a data center?
Which of the following threat types can occur when baselines are not appropriately applied or when unauthorized changes are made?
Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?
Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries.
What term pertains to the application of scientific norms and protocols to digital investigations?
One of the main components of system audits is the ability to track changes over time and to match these changes with continued compliance and internal processes.
Which aspect of cloud computing makes this particular component more challenging than in a traditional data center?
Your boss has tasked your team with getting your legacy systems and applications connected with new cloud-based services that management has decided are crucial to customer service and offerings.
Which role would you be assuming under this directive?
What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?
Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?
Which of the following service categories entails the least amount of support needed on the part of the cloud customer?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?
Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?
Which security concept would business continuity and disaster recovery fall under?
Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?
What type of masking would you employ to produce a separate data set for testing purposes based on production data without any sensitive information?
What is the term we use to describe the general ease and efficiency of moving data from one cloud provider either to another cloud provider or down from the cloud?
What masking strategy involves the replacing of sensitive data at the time it is accessed and used as it flows between the data and application layers of a service?
Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except:
Many aspects of cloud computing bring enormous benefits over a traditional data center, but also introduce new challenges unique to cloud computing.
Which of the following aspects of cloud computing makes appropriate data classification of high importance?
Which component of ITIL pertains to planning, coordinating, executing, and validating changes and rollouts to production environments?
Which kind of SSAE audit reviews controls dealing with the organization’s controls for assuring the confidentiality, integrity, and availability of data?
Which protocol, as a part of TLS, handles negotiating and establishing a connection between two parties?
With a federated identity system, where would a user perform their authentication when requesting services or application access?
Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?
Where is an XML firewall most commonly and effectively deployed in the environment?
What type of storage structure does object storage employ to maintain files?
A DLP solution/implementation has three main components.
Which of the following is NOT one of the three main components?
Which of the following threat types involves the sending of invalid and manipulated requests through a user's client to execute commands on the application under their own credentials?
Data centers have enormous power resources that are distributed and consumed throughout the entire facility.
Which of the following standards pertains to the proper fire safety standards within that scope?
Within a federated identity system, which entity accepts tokens from the identity provider?
When dealing with PII, which category pertains to those requirements that can carry legal sanctions or penalties for failure to adequately safeguard the data and address compliance requirements?
The share phase of the cloud data lifecycle involves allowing data to leave the application, to be shared with external systems, services, or even other vendors/contractors.
What technology would be useful for protecting data at this point?
Although the REST API supports a wide variety of data formats for communications and exchange, which data formats are the most commonly used?
Which of the cloud cross-cutting aspects relates to the ability to reuse or move components of an application or service?
Which of the following is the sole responsibility of the cloud provider, regardless of which cloud model is used?
Which aspect of cloud computing makes data classification even more vital than in a traditional data center?
Who would be responsible for implementing IPsec to secure communications for an application?
Other than cost savings realized due to measured service, what is another facet of cloud computing that will typically save substantial costs in time and money for an organization in the event of a disaster?
Which process serves to prove the identity and credentials of a user requesting access to an application or data?
Which type of audit report is considered a "restricted use" report for its intended audience?
What changes are necessary to application code in order to implement DNSSEC?
Which of the following is NOT one of five principles of SOC Type 2 audits?
What provides the information to an application to make decisions about the authorization level appropriate when granting access?
What is the concept of segregating information or processes, within the same system or application, for security reasons?
Which of the following is NOT a factor that is part of a firewall configuration?
Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?
Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?
Which component of ITIL involves planning for the restoration of services after an unexpected outage or incident?
With an application hosted in a cloud environment, who could be the recipient of an eDiscovery order?
For optimal security, trust zones are used for network segmentation and isolation. They allow for the separation of various systems and tiers, each with its own security level.
Which of the following is typically used to allow administrative personnel access to trust zones?
Which component of ITIL involves the creation of an RFC ticket and obtaining official approvals for it?
Which of the following could be used as a second component of multifactor authentication if a user has an RSA token?
Which ITIL component focuses on ensuring that system resources, processes, and personnel are properly allocated to meet SLA requirements?
Limits for resource utilization can be set at different levels within a cloud environment to ensure that no particular entity can consume a level of resources that impacts other cloud customers.
Which of the following is NOT a unit covered by limits?
Which of the following are distinguishing characteristics of a managed service provider?
When crafting plans and policies for data archiving, we should consider all of the following, except:
Cryptographic keys for encrypted data stored in the cloud should be ________________ .
Which protocol operates at the network layer and provides for full point-to-point encryption of all communications and transmissions?
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:
How many additional DNS queries are needed when DNSSEC integrity checks are added?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?
Which audit type has been largely replaced by newer approaches since 2011?
Which value refers to the amount of time it takes to recover operations in a BCDR situation to meet management's objectives?
Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?
Which term relates to the application of scientific methods and practices to evidence?
What must be secured on physical hardware to prevent unauthorized access to systems?
What does the management plane typically utilize to perform administrative functions on the hypervisors that it has access to?
Which technology can be useful during the "share" phase of the cloud data lifecycle to continue to protect data as it leaves the original system and security controls?
Which of the following roles involves the provisioning and delivery of cloud services?
From a legal perspective, what is the most important first step after an eDiscovery order has been received by the cloud provider?
Which of the following roles is responsible for preparing systems for the cloud, administering and monitoring services, and managing inventory and assets?
What is used for local, physical access to hardware within a data center?
Which of the following is considered an external redundancy for a data center?
Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?
What controls the formatting and security settings of a volume storage system within a cloud environment?
Which of the following threat types can occur when an application does not properly validate input and can be leveraged to send users to malicious sites that appear to be legitimate?
Which of the following does NOT relate to the hiding of sensitive data from data sets?
Which concept BEST describes the capability for a cloud environment to automatically scale a system or application, based on its current resource demands?
What is the biggest concern with hosting a key management system outside of the cloud environment?
What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?
Which of the following roles is responsible for obtaining new customers and securing contracts and agreements?
Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?
Which of the following concepts refers to a cloud customer paying only for the resources and offerings they use within a cloud environment, and only for the duration that they are consuming them?
Which of the following roles involves the connection and integration of existing systems and services to a cloud environment?
What type of masking strategy involves making a separate and distinct copy of data with masking in place?
Which of the following is the optimal humidity level for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and Air Conditioning Engineers (ASHRAE)?
What type of PII is regulated based on the type of application or per the conditions of the specific hosting agreement?
Which of the following pertains to a macro level approach to data center design rather than the traditional tiered approach to data centers?
Which United States law is focused on data related to health records and privacy?
Which type of audit report does many cloud providers use to instill confidence in their policies, practices, and procedures to current and potential customers?
What expectation of data custodians is made much more challenging by a cloud implementation, especially with PaaS or SaaS?
Which of the following approaches would NOT be considered sufficient to meet the requirements of secure data destruction within a cloud environment?