Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ccsk > chapter 11 > Flashcards

chapter 11 Flashcards

1
Q 
In 2009, international investment into cloud computing services amounted to approximately:
A. $10 million
B. $100 million
C. $5 billion
D. $17 billion
A

D. $17 billion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
According to the ENISA (European Network and Information Security Agency), 2013 investment in cloud computing will amount to approximately:
A. $4 billion
B. $10 billion
C. $40 billion
D. over $40 billion
A

D. over $40 billion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following statements about cloud technology is NOT true?
A. Scale and flexibility are not necessarily harmful or beneficial factors, from a security point of view.
B. Cloud computing is a relatively new technology for sharing computer resources.
C. Cloud computing may be used for purposes as diverse as data processing and email handling.
D. Investment in cloud computing has been increasing in recent years.

A

B. Cloud computing is a relatively new technology for sharing computer resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
According to the 2009 ENISA report, the new economic model has driven change in terms of:
A. security
B. scale
C. architecture
D. both B and C
A

D. both B and C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
Many SMEs (small and medium enterprises) are switching to the cloud for which of the following purposes:
A. reduced cost and increased security
B. resource sharing
C. flexibility and reduced cost
D. management and aggregation
A

C. flexibility and reduced cost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
Major concerns for SMEs (small and medium enterprises) migrating to the cloud are:
A. liability for incidents
B. confidentiality of information
C. incraesed costs
D. both A and B
A

D. both A and B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
Cloud computing can refer to how many different service types?
A. two
B. three
C. four
D. five or more
A

B. three

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
All of the following are recognized cloud service types, EXCEPT:
A. application as a service
B. functions as a service
C. platform as a service
D. infrastructure as a service
A

B. functions as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following elements should be included in a security checklist for cloud service customers?

A. legal issues
B. physical security
C. technical issues
D. all of the above

A

D. all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A security checklist for cloud customers should serve all of the following purposes except:

A. schedule an independent audit of the cloud service provider
B. compare different cloud provider offerings
C. obtain assurance from cloud service providers
D. reduce assurance burden on cloud providers

A

A. schedule an independent audit of the cloud service provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Most legal issues in cloud computing are resolved through:
A. regulatory authorities’ investigations
B. private right of action
C. contract evaluation and/or negotiations
D. both A and C

A

C. contract evaluation and/or negotiations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

According to ENISA (European Network and Information Security Agency), the European Commission should study/clarify:
A. the Data Protection Directive
B. Article 29 Data Protection Working Party
C. E-Commerce Directive
D. all of the above

A

D. all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The issue of incident handling (monitoring and traceability) belongs under which of the following categories of research?
A. data protection in large-scale systems
B. building trust in the cloud
C. large scale computer systems engineering
D. both A and C

A

A. data protection in large-scale systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The issue of virtual private clouds belongs under which of the following categories of research?

A. data protection in large-scale systems
B. building trust in the cloud
C. large scale computer systems engineering
D. all of the above

A

B. building trust in the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The issue of resilience in cloud computing belongs under which of the following categories of research?

A. data protection in large-scale systems
B. building trust in the cloud
C. large scale computer systems engineering
D. both B and C

A

C. large scale computer systems engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
In general, security measures are:
A. cheaper on a smaller scale.
B. more expensive on a larger scale.
C. cheaper on a larger scale.
D. not dependent on the scale.
A

C. cheaper on a larger scale.

17
Q 
Benefits of scale include all of the following, EXCEPT:
A. timeliness of response to incidents
B. ease of implementation
C. threat management
D. multiple locations
A

B. ease of implementation

18
Q

Which of the following statements is NOT true?
A. Security is a priority concern for many cloud customers.
B. Large cloud providers are able to offer a standardized, open interface.
C. Security of a service is an important market differentiator.
D. Most cloud customers make choices solely on the basis of the reputation of confidentiality of the services.

A

D. Most cloud customers make choices solely on the basis of the reputation of confidentiality of the services.

19
Q

Which of the following statements is NOT true?
A. When using virtualization, forensic analysis may require more down-time.
B. Cloud computing can provide more economical storage for audit logs.
C. Cloud computing may allow for more comprehensive logging.
D. Cloud providers can relocate resources for filtering, authentication and encryption.

A

A. When using virtualization, forensic analysis may require more down-time.

20
Q 
In which of the following service models can customers take snapshots of virtual infrastructure on a regular basis, to compare with a baseline?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and C
A

C. infrastructure as a service

21
Q

The 2009 ENISA (European Network and Information Security Agency) Report identifies:

A. three top security risks
B. five top security risks
C. eight top security risks
D. ten top security risks

A

C. eight top security risks

22
Q 
Which of the following is NOT a top security risk identified in the 2009 ENISA (European Network and Information Security Agency) Report?
A. malicious insider
B. lifecycle disruption
C. loss of governance
D. isolation failure
A

B. lifecycle disruption

23
Q 
. Which of the following is NOT a top security risk identified in the 2009 ENISA  (European Network and Information Security Agency) Report?
A. lock-in
B. compliance risks
C. management interface compromise
D. patch failure
A

D. patch failure

24
Q

Cloud computing architectures generally have all of the following characteristics, EXCEPT:
A. “service on demand” (i.e. pay-as-you-go system)
B. highly abstracted resources
C. delayed scalability and flexibility
D. programmatic management

A

C. delayed scalability and flexibility

25
Q 
Software offered by a third party provider available through the internet would be categorized under which of the following cloud service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and C
A

A. software as a service

ccsk (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions