Apart from using encryption at the file system level, what technology is the most widely used to protect data stored in an object storage system?
A localized incident or disaster can be addressed in a cost-effective manner by using which of the following?
Cryptographic keys for encrypted data stored in the cloud should be ________________ .
When an organization is considering the use of cloud services for BCDR planning and solutions, which of the following cloud concepts would be the most important?
In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type?
Which of the following storage types is most closely associated with a database-type storage implementation?
What is the intellectual property protection for a confidential recipe for muffins?
Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based IDS over a host-based IDS, assuming all capabilities are equal?
Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?
The management plane is used to administer a cloud environment and perform administrative tasks across a variety of systems, but most specifically it's used with the hypervisors.
What does the management plane typically leverage for this orchestration?
An SLA contains the official requirements for contract performance and satisfaction between the cloud provider and cloud customer. Which of the following would NOT be a component with measurable metrics and requirements as part of an SLA?
When data discovery is undertaken, three main approaches or strategies are commonly used to determine what the type of data, its format, and composition are for the purposes of classification.
Which of the following is NOT one of the three main approaches to data discovery?
Which of the following are distinguishing characteristics of a managed service provider?
What process is used within a cloud environment to maintain resource balancing and ensure that resources are available where and when needed?
Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?
Which of the following should NOT be part of the requirement analysis phase of the software development lifecycle?
Which of the cloud cross-cutting aspects relates to the requirements placed on a system or application by law, policy, or requirements from standards?
Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?
What is a standard configuration and policy set that is applied to systems and virtual machines called?
Which of the cloud cross-cutting aspects relates to the oversight of processes and systems, as well as to ensuring their compliance with specific policies and regulations?
Which audit type has been largely replaced by newer approaches since 2011?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?
Which crucial aspect of cloud computing can be most threatened by insecure APIs?
What process is used within a cloud environment to maintain resource balancing and ensure that resources are available where and when needed?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?
Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?
Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?
What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?
Where is a DLP solution generally installed when utilized for monitoring data at rest?
Which cloud deployment model would be ideal for a group of universities looking to work together, where each university can gain benefits according to its specific needs?
Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?
In order to prevent cloud customers from potentially consuming enormous amounts of resources within a cloud environment and thus having a negative impact on other customers, what concept is commonly used by a cloud provider?
Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries.
What term pertains to the application of scientific norms and protocols to digital investigations?
Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?
With a federated identity system, where would a user perform their authentication when requesting services or application access?
In order to comply with regulatory requirements, which of the following secure erasure methods would be available to a cloud customer using volume storage within the IaaS service model?
Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?
In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?
Where is an XML firewall most commonly and effectively deployed in the environment?
Which of the following aspects of security is solely the responsibility of the cloud provider?
Which cloud storage type requires special consideration on the part of the cloud customer to ensure they do not program themselves into a vendor lock-in situation?
Which of the following roles would be responsible for managing memberships in federations and the use and integration of federated services?
Which of the following technologies is NOT commonly used for accessing systems and services in a cloud environment in a secure manner?
When using an IaaS solution, what is a key benefit provided to the customer?
Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?
Which of the following threat types involves an application developer leaving references to internal information and configurations in code that is exposed to the client?
From a legal perspective, what is the most important first step after an eDiscovery order has been received by the cloud provider?
Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?
Which jurisdiction lacks specific and comprehensive privacy laws at a national or top level of legal authority?
Which United States law is focused on data related to health records and privacy?
Which type of audit report does many cloud providers use to instill confidence in their policies, practices, and procedures to current and potential customers?
Which of the following threat types can occur when encryption is not properly applied or insecure transport mechanisms are used?
Which of the following standards primarily pertains to cabling designs and setups in a data center?
Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?
Within an Infrastructure as a Service model, which of the following would NOT be a measured service?
Which of the following would NOT be considered part of resource pooling with an Infrastructure as a Service implementation?
Which technology can be useful during the "share" phase of the cloud data lifecycle to continue to protect data as it leaves the original system and security controls?
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?