CCSP - 2nd Edition Practice Test - Domain 1: Cloud Concepts, Architecture, and Design Flashcards
Alice is the CEO for a software company; she is considering migrating the operation from the current traditional on-premises environment into the cloud. Which cloud service model should she most likely consider for her company’s purposes?
A. Platform as a service (PaaS)
B. Software as a service (SaaS)
C. Backup as a service (Baas)
D. Infrastructure as a service (IaaS)
A. PaaS will allow her developers to create and design their software on a variety of operating systems (OSs), increasing the breadth of the market she can sell to. Also, she can use geographically dispersed programmers to work on projects concurrently, and the
provider will be responsible for maintaining and updating the OSs as necessary.
Alice is the CEO for a software company; she is considering migrating the operation from the current traditional on-premises environment into the cloud. Which aspect of cloud computing should she be most concerned about, in t terms of security issues?
A. Multitenancy
B. Metered service
C. Service-level agreement (SLA)
D. Remote access
A. Of these four options, multitenancy poses the greatest risk to software developers in the cloud, because developers need to be concerned with two things: protecting their intellectual property (the software they’re making) and protecting resource calls their software makes to the underlying infrastructure (which, if detectable by other cloud customers, could provide information that constitutes a side-channel attack).
Alice is the CEO for a software company; she is considering migrating the operation from the current traditional on-premises environment into the cloud. In order to protect her company’s intellectual property, Alice might want to consider implementing all these techniques/solutions except \_\_\_\_\_\_\_\_ . A. Egress monitoring B. Encryption C. Turnstiles D. Digital watermarking
C. Turnstiles are a physical security barrier to prevent piggybacking/tailgating (an unauthorized person coming through an entrance behind someone who is authorized),
but they don’t really present much protection for intellectual property in this case.
Alice is the CEO for a software company; she is considering migrating the operation from
the current traditional on-premises environment into the cloud. What is probably the
biggest factor in her decision?
A. Network scalability
B. Off-site backup capability
C. Global accessibility
D. Reduced overall cost due to outsourcing administration
D. While all of these are traits of cloud computing and will likely benefit Alice’s company, from her position as senior manager of the organization she is likely to consider the financial benefit first and foremost.
In which of the following situations does the data owner have to administer the OS?
A. IaaS
B. PaaS
C. Off-site archive
D. SaaS
A. With infrastructure as a service (IaaS), the customer (data owner) will administer the OS and applications.
You are setting up a cloud implementation for an online retailer who will accept credit card payments. According to the Payment Card Industry Data Security Standard (PCI DSS), what can you never store for any length of time?
A. Personal data of consumers
B. The credit card verification (CCV) number
C. The credit card number
D. Home address of the customer
B. PCI DSS requires that the CCV (or, sometimes, “CVV” for “card verifi cation value”) only be used in the transaction, not stored. The data described in all the other options may be stored after the transaction is complete.
The Payment Card Industry Data Security Standard (PCI DSS) distinguishes merchants by different tiers, based on.
A. Number of transactions per year
B. Dollar value of transactions per year
C. Geographic location
D. Jurisdiction
A. The four merchant levels in PCI are distinguished by the number of transactions that merchant conducts in a year. The dollar value of transactions per year, geographic location, and jurisdiction are not attributes that are evaluated for PCI DSS tier levels.
