Chapter 2 Domain 2: Cloud Data Security (Ben Malisow) Flashcards

Question 1

Q

In which of these options does the encryption engine reside within the application accessing the database?

A. Transparent encryption
B. Symmetric-key encryption
C. Application-level encryption
D. Homomorphic encryption

Answer

A

C. Application-level encryption

Explanation:
In application-level encryption, the application will encrypt data before it is placed in the database. In transparent encryption, the entire database is encrypted. Symmetric-key encryption is a kind of encryption and not truly indicative of a strategy used in database encryption. Homomorphic encryption is an experimental, theoretical process that might allow processing encrypted information without the need to decrypt it first.

Question 2

Q

You are the security team leader for an organization that has an infrastructure as a service (IaaS) production environment hosted by a cloud provider. You want to implement an event monitoring (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) solution in your production environment in order to acquire better data for security defenses and decisions. Which of the following is probably your most significant concern about implementing this solution in the cloud?

A. The solution should give you better analysis capability by automating a great deal of the associated tasks.
B. Dashboards produced by the tool are a flawless management benefit.
C. You will have to coordinate with the cloud provider to ensure that the tool is acceptable and functioning properly.
D. Senior management will be required to approve the acquisition and implementation of the tool.

Answer

A

C. You will have to coordinate with the cloud provider to ensure that the tool is acceptable and functioning properly.

Explanation:
Because the tool will require at least some installation and reporting capability within the cloud environment, it is essential to coordinate with the cloud provider to ensure that the solution you choose will function properly and is allowed by the provider. Option A is true, but not a major concern; that is a benefit of SIEM/SEM/SIM tools. Option B is not true because dashboards can often misconstrue pertinent reporting data when they are used to chase management goals instead of distilling raw data appropriately. Option D is not true because management should not be involved in such granular decisions.

Question 3

Q

Which of the following is not a step in the crypto-shredding process?

A. Encrypt data with a particular encryption engine.
B. Encrypt first resulting keys with another encryption engine.
C. Save backup of second resulting keys.
D. Destroy original second resulting keys.

Answer

A

C. Save backup of second resulting keys.

Explanation:
In crypto-shredding, the purpose is to make the data unrecoverable; saving a backup of the keys would attenuate that outcome because the keys would still exist for the purpose of recovering data. All other steps outline the crypto-shredding process.

Question 4

Q

Which of the following sanitization methods is feasible for use in the cloud?

A. Crypto-shredding
B. Degaussing
C. Physical destruction
D. Overwriting

Answer

A

A. Crypto-shredding

Explanation:
Cloud customers are allowed to encrypt their own data and manage their own keys; crypto-shredding is therefore possible. Degaussing is not likely in the cloud because it requires physical access to the storage devices and because most cloud providers are using solid-state drives (SSDs) for storage, which are not magnetic. Physical destruction is not feasible because the cloud customer doesn’t own the hardware and therefore won’t be allowed to destroy it. Overwriting probably won’t work because finding all data in all aspects of the cloud is difficult and the data is constantly being backed up and securely stored, so a thorough process would be very tricky.

Question 5

Q

Which of the following is not a method for enhancing data portability?

A. Crypto-shredding
B. Using standard data formats
C. Avoiding proprietary services
D. Favorable contract terms

Answer

A

A. Crypto-shredding

Explanation:
Crypto-shredding is for secure sanitization, not portability. The other methods all enhance portability.

Question 6

Q

When implementing a digital rights management (DRM) solution in a cloud environment, which of the following does not pose an additional challenge for the cloud customer?

A. Users might be required to install a DRM agent on their local devices.
B. DRM solutions might have difficulty interfacing with multiple different operating systems and services.
C. DRM solutions might have difficulty interacting with virtualized instances.
D. Ownership of intellectual property might be difficult to ascertain.

Answer

A

D. Ownership of intellectual property might be difficult to ascertain.

Explanation:
The owner of intellectual property will not change whether the material is stored in the cloud or in a legacy environment. Moving into the cloud will probably result in more use of personal devices, requiring users to install local DRM agents, so option A is true, making it not a suitable answer to this question. Options B and C are also true, due to the nature of cloud computing, and are therefore also not suitable for this question.

Question 7

Q

When implementing cryptography in a cloud environment, where is the worst place to store the keys?

A. With the cloud provider
B. Off the cloud, with the data owner
C. With a third-party provider, in key escrow
D. Anywhere but with the cloud provider

Answer

A

A. With the cloud provider

Explanation:
Option A creates a conflict of interest and does not enforce separation of duties. The best practice is to not store cryptographic keys with the data they encrypt, to avoid a potential conflict of interest and to enforce separation of duties. Each of the other choices is a reasonable choice and therefore not the answer to this question.

Question 8

Q

Which of the following is not a security concern related to archiving data for long-term storage?

A. Long-term storage of the related cryptographic keys
B. Format of the data
C. Media the data resides on
D. Underground depth of the storage facility

Answer

A

D. Underground depth of the storage facility

Explanation:
A long-term storage facility may or may not be located underground; the security of that facility (and the data contained therein) is not dependent on this aspect. Option A is a security concern because loss of the keys may result in losing the data (by losing access to the data), and keeping the keys with the data they protect increases risk. Both the format of the data and the media on which it resides (options B and C) are important to bear in mind, as either (or both) may be outmoded by the time the data might need to be retrieved from the archive; data and formats do not age well.

Question 9

Q

Data dispersion is a cloud data security technique that is most similar to which legacy implementation?

A. Business continuity and disaster recovery (BC/DR)
B. Redundant Array of Inexpensive Disks (RAID)
C. Software-defined networking (SDN)
D. Content delivery network (CDN)

Answer

A

B. Redundant Array of Inexpensive Disks (RAID)

Explanation:
Data dispersion is basically RAID in the cloud, with data elements parsed and stored over several areas/devices instead of stored as a unit in a single place. RAID (and data dispersion) does aid in BC/DR activities by increasing the robustness and resiliency of stored data, but BC/DR is a much more general discipline, so it is not the optimum answer for the question. SDN is used for abstracting network control commands away from production data, and CDN is usually used for ensuring quality of streaming media.

Question 10

Q

Data dispersion uses _______________, where the traditional implementation is called “striping.”

A. Chunking
B. Vaulting
C. Lumping
D. Grouping

Answer

A

A. Chunking

Explanation:
Where RAID used data striping across multiple drives, with data dispersion this technique is referred to as “chunking,” or sometimes “sharding” when encryption is also used. The other options are not common data dispersion terms used in cloud computing and have no meaning in this context.

Question 11

Q

Data dispersion uses _______________, where the traditional implementation is called “parity bits.”

A. Smurfing
B. Snarfing
C. Erasure coding
D. Real-time bitlinking

Answer

A

C. Erasure coding

Explanation:
Erasure coding is the practice of having sufficient data to replace a lost chunk in data dispersion, protecting against the possibility of a device failing while it holds a given chunk; parity bits serve the same purpose in a traditional RAID configuration. The other options are not common data dispersion terms used in cloud computing and have no meaning in this context.

Question 12

Q

Data dispersion provides protection for all the following security aspects except _______________.

A. Protecting confidentiality against external attack on the storage area
B. Loss of availability due to single-storage-device failure
C. Loss due to seizure by law enforcement in a multitenant environment
D. Protecting against loss due to user error

Answer

A

D. Protecting against loss due to user error

Explanation:
Data dispersion can’t aid in inadvertent loss caused by an errant user; if the user accidentally deletes/corrupts a file, that file will be deleted/corrupted across all the storage spaces where it is dispersed. The technique does, however, protect against the other risks. It enhances confidentiality because an attacker gaining illicit access to a single storage space will only get a chunk of the data, which is useless without the other chunks. This same aspect also protects loss when law enforcement seizes a specific storage device/space when they are investigating another tenant at the same cloud provider your organization uses. And loss of availability due to single device failure is probably the primary reason for having data dispersion (like RAID before it).

Question 13

Q

Your organization is migrating the production environment to an infrastructure as a service (IaaS) cloud implementation. Your users will need to be able to get access to their data, install programs, and partition memory space for their own purposes. You should configure the cloud memory as _______________.

A. Object
B. Volume
C. Synthetic
D. Database

Answer

A

B. Volume

Explanation:
Volume storage allows all the functions described in the question. Object storage has data arranged in a file structure, and databases arrange data in tables and relational schemes; neither of these options offers the functions described in the question. Synthetic is not a cloud memory configuration option.

Question 14

Q

Your organization is migrating the production environment to an infrastructure as a service (IaaS) cloud implementation. Your users will need to be able to get access to their data and share data with other users in a defined way, according to a hierarchy. You should configure the cloud memory as _______________.

A. Object storage
B. Volume storage
C. Synthetic storage
D. Databases

Answer

A

A. Object storage

Explanation:
Object storage is usually arranged in a file hierarchy. Volume storage has data with no defined structure (only memory space), and databases ar-range data in tables and relational schemes; neither of these options offers the functions described in the question. Synthetic is not a cloud memory con-figuration option.

Question 15

Q

What is one of the benefits of implementing an egress monitoring solution?

A. Preventing distributed denial of service (DDoS) attacks
B. Inventorying data assets
C. Interviewing data owners
D. Protecting against natural disasters

Answer

A

B. Inventorying data assets

Explanation:
Egress monitoring solutions (often referred to as DLP tools, where DLP stands for data loss protection or data leak prevention, or some combination of these terms) require the organization to appropriately inventory and classify data assets so the tool knows what to protect. DLP does not aid in protections for DDoS or natural disasters, which affect availability, not confidentiality (DLP only enhances confidentiality efforts). Option C is not a benefit of implementing an egress monitoring solution.

Question 16

Q

Egress monitoring solutions usually include a function that _______________.

A. Arbitrates contract breaches
B. Performs personnel evaluation reviews
C. Discovers data assets according to classification/categorization
D. Applies another level of access control

Answer

A

C. Discovers data assets according to classification/categorization

Explanation:
Egress monitoring solutions (often referred to as DLP tools, where DLP stands for data loss protection or data leak prevention, or some combination of these terms) will often include a discovery function, which will locate data assets according to criteria defined by the organization. DLP solutions cannot arbitrate contract breaches or perform personnel evaluations. Usually, DLPs also do not apply additional access controls; that is typically a characteristic of a digital rights management (DRM) solution.

Question 17

Q

Egress monitoring solutions usually include a function that _______________.

A. Uses biometrics to scan users
B. Inspects incoming packets
C. Resides on client machines
D. Uses stateful inspection

Answer

A

C. Resides on client machines

Explanation:
Egress monitoring solutions (often referred to as DLP tools, where DLP stands for data loss protection or data leak prevention, or some combination of these terms) will often include an agent that resides on client devices in order to inspect data being shared/sent by end users. DLP tools do not inspect incoming packets, with or without stateful inspection; this is the job of firewalls. DLP solutions do not typically use biometrics in any way.

Question 18

Q

Digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM) can be used to protect all sorts of sensitive data but are usually particularly designed to secure ____________.

A. Personally identifiable information (PII)
B. Intellectual property
C. Plans and policies
D. Marketing material

Answer

A

B. Intellectual property

Explanation:
DRM is mainly designed to protect intellectual property. It can also sometimes be used for securing PII, but intellectual property is a better answer here. Plans and policies aren’t usually protected in this manner, and marketing material is usually meant to be disseminated, so it does not require protection.

Question 19

Q

Digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM) often protect unauthorized distribution of what type of intellectual property?

A. Patents
B. Trademarks
C. Personally identifiable information (PII)
D. Copyright

Answer

A

D. Copyright

Explanation:
DRM is often deployed to ensure that copyrighted material (frequently software) is only delivered to and used by licensed recipients. Patents are more complicated and not often distributed to a mass market, so DRM does not assist in that way. Trademarks are representations of a brand and meant to be distributed, so DRM does not protect them. PII is not typically a type of intellectual property.

Question 20

Q

Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?

A. Persistence
B. Influence
C. Resistance
D. Trepidation

Answer

A

A. Persistence

Explanation:
Persistence is the trait that allows DRM protection to follow protected files wherever they might be stored/copied. The other options are not characteristics associated with DRM solutions.

Question 21

Q

Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?

A. Automatic expiration
B. Multilevel aggregation
C. Enhanced detail
D. Broad spectrum

Answer

A

A. Automatic expiration

Explanation:
Automatic expiration is the trait that allows DRM tools to prevent access to objects when a license expires or to remove protections when intellectual property moves into the public domain. The other options are not characteristics associated with DRM solutions.

Question 22

Q

Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?

A. Transparent encryption modification
B. Bilateral enhancement
C.Continuous audit trail
D .Encompassing flow

Answer

A

C.Continuous audit trail

Explanation:
Continuous audit trail is the trait that allows DRM tools to log and exhibit all access to a given object. The other options are not characteristics associated with DRM solutions.

Question 23

Q

Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?

A. Mapping to existing access control lists (ACLs)
B. Delineating biometric catalogs
C. Preventing multifactor authentication
D. Prohibiting unauthorized transposition

Answer

A

A. Mapping to existing access control lists (ACLs)

Explanation:
Mapping to existing access control lists (ACLs) is the trait that allows DRM tools to provide additional access control protections for the organization’s assets. The other options are not characteristics associated with DRM solutions.

Question 24

Q

According to the (ISC)2 Cloud Secure Data Lifecycle, which phase comes soon after (or at the same time as) the Create phase?

A. Store
B. Use
C. Deploy
D.Archive

Answer

A

A. Store

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). Options B and D are phases of CSU-SAD but do not immediately follow Create. Option C is not a phase of CSU-SAD.

Question 25

Q

According to the (ISC)2 Cloud Secure Data Lifecycle, which phase comes immediately before the Share phase?

A. Create
B. Destroy
C. Use
D. Encrypt

Answer

A

C. Use

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). Options B and D are phases of CSU-SAD but do not immediately follow Create. Option C is not a phase of CSU-SAD.

Question 26

Q

Why is the term (ISC)2 Cloud Secure Data Lifecycle actually somewhat inaccurate?

A. The term is not used only by (ISC)2.
B. Not all phases are secure.
C. Not all phases take place in the cloud.
D. It’s not actually a cycle.

Answer

A

D. It’s not actually a cycle.

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). This is not truly a cycle because data does not continue after the destroy phase (that is to say, the same data or process does not go back to create after destroy).
Option A might be considered true because the CSU-SAD cycle is not unique to (ISC)2, but this is not the best answer; option D is preferable because it is not truly a cycle. Options B and C are incorrect because activity in each of the phases involves security aspects and all phases relate to how data is involved in the cloud.

Question 27

Q

According to the (ISC)2 Cloud Secure Data Lifecycle, in which phase should the process of categorization/classification of data occur?

A. Create
B. Store
C. Define
D. Use

Answer

A

A. Create

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). The best practice for categorizing/classifying data is to do so when it is first created/collected so that the proper security controls can be applied to it throughout the rest of the cycle. Options B and D are phases of the CSU-SAD but are not the proper times to be applying classification/categorization; that would be too late in the cycle. Option C is not a phase of CSU-SAD.

Question 28

Q

Which of the following should occur during the final phase of the Cloud Secure Data Lifecycle?

A. Data dispersion
B. Crypto-shredding
C. Cryptoparsing
D .Cryptosporidium

Answer

A

B. Crypto-shredding

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). Crypto-shredding (also called cryptographic erasure) is the preferred method of data sanitization for a cloud environment; this should take place in the final phase of the cycle, destroy. Option A is incorrect because data dispersion is a means of making data more resilient and secure; in the final phase of the cycle, we want to get rid of the data, not make it resistant to loss. Option C is incorrect because cryptoparsing is a made-up term and used here as a distractor. Option D is incorrect because cryptosporidium is a microorganism and is not associated with InfoSec.

Question 29

Q

At what phase of the Cloud Secure Data Lifecycle does data enter long-term storage?

A. The first
B. The second
C. The fourth
D. The fifth

Answer

A

D. The fifth

Explanation:
The Cloud Secure Data Lifecycle phases are, in order, Create, Store, Use, Share, Archive, Destroy (a good mnemonic might be CSU-SAD). Archiving (the fifth phase) is the process of moving data out of the production environment and into long-term storage. The other phases in the options are create, store, and share and are therefore incorrect.

Question 30

Q

What is a form of cloud storage where data is stored as objects, arranged in a hierarchal structure, like a file tree?

A. Volume storage
B. Databases
C. Content delivery network (CDN)
D .Object storage

Answer

A

D .Object storage

Explanation:
Object storage stores data as objects (hence the name), often arranged in a hierarchical structure. Volume storage is not a hierarchal cloud storage structure and is therefore an incorrect answer for this question. Option B is incorrect because databases are applications in both traditional and cloud computing. A CDN is a geographically distributed network of proxy servers and their data centers. Option C is incorrect because it is not a form of cloud storage.

Question 31

Q

What is a form of cloud storage where data is stored in a logical storage area assigned to the user but not necessarily physically attached or even geographically proximate to the compute node the user is utilizing?

A. Volume storage
B. Databases
C. Content delivery network (CDN)
D. Object storage

Answer

A

A. Volume storage

Explanation:
In volume storage, the user is assigned a logical drive space into which anything (such as raw data, objects, or applications) may be saved or installed, similar to a mounted drive on a traditional network. Databases store data in an arrangement of characteristics and values, not in an unstructured drive space, so option B is incorrect.
CDNs are for distributing data with less chance of quality loss, so option C is incorrect. Object storage arranges data as objects in a structured hierarchy, so option D is incorrect.

Question 32

Q

What is a form of cloud storage often used for streaming multimedia data to users?

A. Volume storage
B. Databases
C. Content delivery network (CDN)
D. Neutral storage

Answer

A

C. Content delivery network (CDN)

Explanation:
CDNs are often used to place large stores of multimedia data in a location geographically near to the end users who will consume that data; this approach is designed mostly to accomplish a reduction in data degradation due to distance between resource and user. Volume storage assigns a logical, unstructured drive space to the user, so option A is incorrect. Databases store data in an arrangement of characteristics and values, so option B is incorrect. Neutral storage is not a form of cloud storage, so option D is incorrect.

Question 33

Q

What type of data storage is often used in platform as a service (PaaS) arrangements?

A. Ephemeral
B. Database
C. Long-term
D. Nefarious

Answer

A

B. Database

Explanation:
The PaaS model allows the cloud customer to install and run applications in the cloud environment. With a database, the cloud customer can store data in a database administered by the cloud provider but can then tailor applications and services for reaching into and manipulating that database. Ephemeral and long-term storage take place in the software as a service (SaaS) model, and there is no such thing as “nefarious data storage,” so the other options are incorrect.

Question 34

Q

What is a form of cloud data protection where data is spread across multiple storage devices/locations, similar to RAID in the legacy environment?

A. Infringing
B. Data dispersion
C. Voiding
D. Crypto-shredding

Answer

A

B. Data dispersion

Explanation:
Data dispersion is the cloud version of using RAID arrays, protecting data by spreading it across multiple volumes/devices. Options A and C are terms that have no meaning in this context. Crypto-shredding is a form of device/media sanitization utilizing cryptography and has nothing to do with RAID, so option D is incorrect.

Question 35

Q

Erasure coding, in the cloud, is similar to what element of RAID implementations in a traditional IT environment?

A. Deltas
B. Inversion
C. Parity bits
D. Transposition

Answer

A

C. Parity bits

Explanation:
Similar to parity bits in RAID, erasure coding is used in cloud data dispersion implementations to create a situation where data can still be recovered even if a segment or portion of the dispersed data is lost (due to drive failure, disaster, etc.). Options A and B have no meaning in this context.
Transposition is a cryptographic technique and does not relate to RAID in any way, so option D is also incorrect.

Question 36

Q

DLP (data loss prevention or data leak protection) solutions are implemented in the hopes of securing _______________.

A. Sensitive data that may leave the organization’s control
B. All data within the organization’s control
C. Data being processed by the organization’s users
D. Data that could be intercepted while out of the organization’s control

Answer

A

A. Sensitive data that may leave the organization’s control

Explanation:
DLP, also referred to as egress monitoring, is used to detect and prevent sensitive data from leaving the organization’s control without proper approval. Because it is designed to prevent the egress of only certain data sets, options B and C are not correct. Controlling data outside the reach of the organization is difficult at best. While there are some mechanisms that might accomplish this, DLP is not specifically designed for that purpose, so option D is incorrect.

Question 37

Q

Which of the following will DLP (data loss prevention or data leak protection) solutions most likely not inspect?

A. Email content
B. FTP traffic
C. Material saved to portable media
D. Voice over Internet Protocol (VoIP) conversations

Answer

A

D. Voice over Internet Protocol (VoIP) conversations

Explanation:
Commercial DLP products that monitor speech in real time and censor conversations are not yet widely available. A proper DLP solution will monitor all the technologies in the other options, so those are incorrect.

Question 38

Q

DLP (data loss prevention or data leak protection) solutions may use all of the following techniques to identify sensitive data except _______________.

A. Pattern matching
B. Inference
C. Keyword identification
D. Metadata tags

Answer

A

B. Inference

Explanation:
Inference is an attack technique that derives sensitive material from an aggregation of innocuous data; DLP tools, thus far, do not have this capability. All the other techniques listed may be used by DLP solutions to detect sensitive data before it leaves the control of the owner.

Question 39

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In which of the following cases would you not have to get permission from the cloud provider to install and implement the tool?

A. If it’s hardware-based and your production environment is in an infrastructure as a service (IaaS) model
B. If you purchased it from a vendor other than the cloud provider
C. If it’s software-based and your production environment is in a platform as a service (PaaS) model
D. If it affects all guest instances on any given host device

Answer

A

C. If it’s software-based and your production environment is in a platform as a service (PaaS) model

Explanation:
A cloud customer can install applications on a PaaS environment, usually as they see fit and without prior coordination with the provider. If you are introducing hardware into the cloud environment, you will need permission from your cloud provider, regardless of the deployment model you use. Therefore, option A is incorrect (and unlikely to occur, as permission is probably not going to be granted). Although the provider may offer an egress monitoring function as an add-on service, which would be permissible for you to use, the use of an outside vendor’s product may have to be reviewed by the provider before implementation, based on a number of other variables (such as the other possible answers). Option C is preferable, so option B is incorrect. Affecting all images on a host may impact other customers in a multitenant environment, so option D is not the correct answer.

Question 40

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Before implementing the solution, what should you explain to senior management?

A. The additional risks of external attack associated with using the tool
B. The production impact it will have on the environment
C. What the price of the tool was
D. How the solution works

Answer

A

B. The production impact it will have on the environment

Explanation:
All security functions come with an attendant negative productivity effect: the most secure environment will be the least productive, and the most productive will be the least secure. Egress monitoring tools will have an overhead cost in terms of production impact and loss of efficiency and speed. This may affect the cost savings that were realized in a cloud migration from the legacy environment, and senior management needs to understand this trade-off. Implementing an egress monitoring solution should not incur any additional risks of external attack, so option A is incorrect. Because the tool has already been purchased, explaining the purchase price is irrelevant at this point, so option C is incorrect. If it was germane (and it was likely not), you should have explained how the tool works before purchasing it; explaining at this point might be interesting but is not as important as option B, so option D is incorrect.

Question 41

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. Which of these activities should you perform before deploying the tool?

A. Survey your company’s departments about the data under their control.
B. Reconstruct your firewalls.
C. Harden all your routers.
D. Adjust the hypervisors.

Answer

A

A. Survey your company’s departments about the data under their control.

Explanation:
In order to “train” the egress monitoring solution properly, you’ll need to inform it as to which data in your organization is sensitive…and, in order to do that, you’ll need to determine what information your data owners deem sensitive; a survey is a way to do that. A proper egress monitoring solution should not affect or be affected by the firewalls, routers, or hypervisors, so options B, C, and D are incorrect.

Question 42

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you expect immediately following the implementation of the tool?

A. Immediate decrease in lost data
B. A series of false-positive indications
C. Increase in morale across the organization
D. Increase in gross revenue

Answer

A

B. A series of false-positive indications

Explanation:
It will take a while for the tool to “learn” the particulars of your environment and to be conditioned properly. A significant number of false-positive indications will be expected in the near term, until you can hone the responses to properly meet your organization’s needs. The tool will not work optimally immediately upon implementation, so option A is incorrect.
Egress monitoring tools do not affect morale or revenues, so options C and D are incorrect.

Question 43

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. What should you not expect the tool to address?

A. Sensitive data sent inadvertently in user emails
B. Sensitive data captured by screenshots
C. Sensitive data moved to external devices
D. Sensitive data in the contents of files sent via File Transfer Protocol (FTP)

Answer

A

B. Sensitive data captured by screenshots

Explanation:
It’s unlikely that any egress monitoring tools will be able to detect sensitive data captured, stored, and/or sent as graphic image files, which is the usual form of screenshots.
A proper egress monitoring tool should be able to detect all the other types of activity, so the other options are incorrect.

Question 44

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to get truly holistic coverage of your environment, you should be sure to include ____________ as a step in the deployment process.

A. Getting signed user agreements from all users
B. Installation of the solution on all assets in the cloud data center
C. Adoption of the tool in all routers between your users and the cloud provider
D. Ensuring that all your customers install the tool

Answer

A

A. Getting signed user agreements from all users

Explanation:
This is a tricky question. In the cloud environment, we know that all users will be entering the environment through remote access; in many cases, this will include the use of their personal devices. In order for egress monitoring solutions to function properly, all devices accessing the production environment must have local agents installed, and that requires signed user agreements. It would be unnecessary (and intrusive, and cumbersome) to install agents on all assets in the cloud data center, which includes not only your organization’s assets but also those of all the other cloud tenants in that data center. This might even be illegal. Option B is incorrect. Assuming you could install (or even know) all the routers between your users and the cloud data center is ridiculous; option C is incorrect. Getting your customer to install an egress monitoring client would be nice, in theory…but also pointless. Your customers don’t work for you; they are outside your organization. Egress monitoring tools are used to prevent sensitive data from leaving your environment; by the time it has reached a customer, sensitive information is far outside your control and the egress monitoring tool would be of no use. Option D is therefore incorrect.

Question 45

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. In order to increase the security value of the tool, you should consider combining it with _______________.

A. Digital rights management (DRM) and security event and incident management (SIEM) tools
B. An investment in upgraded project management software
C. Digital insurance policies
D. The Uptime Institute’s Tier certification

Answer

A

A. Digital rights management (DRM) and security event and incident management (SIEM) tools

Explanation:
Egress monitoring tools combined with DRM and SIEM enhance the security value of each because you create in-depth/layered defense. Project management software does not really have anything to do with security, so option B is incorrect.
Insurance is a risk transfer mechanism and does not aid in risk mitigation efforts; egress monitoring is for risk mitigation, so option C is incorrect. The Tier certification program is for the cloud provider and is not used by the cloud customer, so option D is incorrect.

Question 46

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You are interested in fielding the solution as an awareness tool to optimize security for your organization through conditioning user behavior. You decide to set the solution to _______________.

A. Suspend user accounts and notify the security office when it detects possible sensitive data egress attempted by a user
B. Halt the transaction and notify the user’s supervisor when the user attempts to transfer sensitive data
C. Query the user as to whether they intend to send sensitive data upon detection of an attempted transfer
D. Sever remote connections upon detection of a possible sensitive data transfer

Answer

A

C. Query the user as to whether they intend to send sensitive data upon detection of an attempted transfer

Explanation:
These are all possible settings for a modern egress monitoring solution. However, the best option, in light of the question, is to query the user as to their intent; this aids the user in understanding and knowing when sensitive data might be leaving the organization accidentally, through a mistake on the user’s part. The other options are more severe and restrictive; these will enhance security but reduce productivity and are management and technological controls instead of awareness tools, so they are incorrect answers for this question.

Question 47

Q

You are the security manager of a small firm that has just purchased an egress monitoring solution to implement in your cloud-based production environment. You understand that all of the following aspects of cloud computing may make proper deployment of the tool difficult or costly except _______________.

A. Data will not remain in one place or form in the cloud
B. The cloud environment will include redundant and resilient architecture
C. There will be a deleterious impact on production upon installing the tool
D. You might not have sufficient proper administrative rights in the cloud infrastructure

Answer

A

B. The cloud environment will include redundant and resilient architecture

Explanation:
The fact that cloud data centers are designed with multiple redundancies of all systems and components won’t really have any bearing on your decision and implementation of your egress monitoring solution.
Because data will move across nodes in the data center and will take different forms (such as live data in a virtualized instance or snapshotted data saved in a file store when a virtual machine is not being used at a specific moment), you will have to determine how the tool will function in that environment, and whether it was designed for cloud usage. Option A is incorrect. Option C is true for any environment, not just the cloud; all security functions necessarily negatively impact operations and production. Option B is a better answer. Option D is also correct; without administrative privileges to the underlying hardware (which customers should not have), the customer may not be able to install monitoring agents everywhere necessary for those tools to work properly.

Question 48

Q

Egress monitoring solutions can aid all of the following security-related efforts except _______________.

A. Access control
B. Data exfiltration
C. E-discovery/forensics
D. Data categorization/classification

Answer

A

A. Access control

Explanation:
Egress monitoring solutions do not facilitate access control efforts in any way. Egress monitoring tools do, however, provide all the functions listed in the other options, so those are incorrect.

Question 49

Q

The cloud security professional should be aware that encryption would most likely be necessary in all the following aspects of a cloud deployment except _______________.

A. Data at rest
B. Data in motion
C. Data in use
D. Data of relief

Answer

A

D. Data of relief

Explanation:
The term data of relief doesn’t really mean anything and is therefore the correct answer for this question. Encryption is used in all other aspects of cloud data.

Question 50

Q

As with the traditional IT environment, cloud data encryption includes all the following elements except _______________.

A. The user
B. The data itself
C. The encryption engine
D. The encryption keys

Answer

A

A. The user

Explanation:
The user is not really an aspect of an encryption deployment, although it may be argued that the user will need to refrain from disclosing their own key(s) to anyone else. The other three options are the components of an encryption deployment.

Question 51

Q

Volume storage encryption in an infrastructure as a service (IaaS) arrangement will protect against data loss due to all of the following activities except _______________.

A. Physical loss or theft of a device
B. Disgruntled users
C. Malicious cloud administrators accessing the data
D. Virtual machine snapshots stolen from storage

Answer

A

B. Disgruntled users

Explanation:
An authorized user will still be able to access and decrypt the data for which they’ve been granted permissions, so encryption will not offer any protections for that threat. Volume storage encryption will, however, protect against all the other threats, because any outsider (that is, a person who does not have access to the volume operating system) will be able to steal only encrypted data, which they should not be able to decrypt in a timely fashion. Therefore, all the other options are incorrect.

Question 52

Q

In an infrastructure as a service (IaaS) arrangement, all of the following are examples of object storage encryption except _______________.

A. File-level encryption
B. Digital rights management (DRM)
C. Application-level encryption
D .Transport Layer Security (TLS)

Answer

A

D .Transport Layer Security (TLS)

Explanation:
TLS is encryption used in a communication session, not a storage volume. All the other options are examples of object storage encryption options, so they are incorrect.

Question 53

Q

All of the following are database encryption options that could be used in a platform as a service (PaaS) implementation except _______________.

A. File-level encryption
B. Secure Sockets Layer (SSL)
C. Transparent encryption
D .Application-level encryption

Answer

A

B. Secure Sockets Layer (SSL)

Explanation:
SSL is encryption used in a communication session, not a storage volume. All the other options are examples of database encryption options, so they are incorrect.

Question 54

Q

In application-level encryption, where does the encryption engine reside?

A. In the application accessing the database
B. In the operating system on which the application is run
C. Within the database accessed by the application
D. In the volume where the database resides

Answer

A

A. In the application accessing the database

Explanation:
The application contains the encryption engine used in application-level encryption. The operating system is responsible for providing the resources an application needs and for running the applications. The operating system does not do application-level encryption, so option B is incorrect. Option C is incorrect because application-level encryption is performed by the application that interfaces with the database.
The application-level encryption engine may or may not reside in the same volume as the database engine, so option D is incorrect.

Question 55

Q

Which of the following database encryption techniques can be used to encrypt specific tables within the database?

A. File-level encryption
B. Transparent encryption
C. Application-level encryption
D. Object-level encryption

Answer

A

B. Transparent encryption

Explanation:
Encrypting specific tables within the database is one of the options of transparent encryption; this is not true of the other options, so they are incorrect.

Question 56

Q

Which of the following database encryption techniques makes it difficult to perform database functions (searches, indexing, etc.)?

A. File-level encryption
B. Transparent encryption
C. Application-level encryption
D. Volume encryption

Answer

A

C. Application-level encryption

Explanation:
Application-level encryption involves encrypting the data before it enters the fields of the database; it is much more difficult to search and review data that has been encrypted, so this reduces the functionality of the database. All the other options are incorrect because they are not database encryption techniques.

Question 57

Q

According to (ISC)2, where should the cloud customer’s encryption keys be stored?

A. With the cloud customer
B. With a third-party provider
C. At the cloud provider data center
D. Anywhere but with the cloud provider

Answer

A

D. Anywhere but with the cloud provider

Explanation:
Best practice is to not keep the encryption keys alongside the data they’ve been used to encrypt. Options A and B are both viable but not as good as option D, which is more general and includes them both. Option C is clearly incorrect because it is counter to the best practice advice offered by (ISC)2

Question 58

Q

Which of the following is not used to determine data retention requirements?

A. Legislation
B. Business needs
C. Average media longevity
D .Contracts

Answer

A

C. Average media longevity

Explanation:
Data retention periods should be established in policy regardless of the projected lifetime of the media the data resides on. All the other options do/should influence data retention periods.

Question 59

Q

Event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) can aid in which of the following efforts?

A. External hacking detection
B. Prediction of physical device theft
C. Data classification/categorization issues
D. Social Engineering Attacks

Answer

A

A. External hacking detection

Explanation:
Event monitoring tools can help detect external hacking efforts by tracking and reporting on common hack-related activity, such as repeated failed login attempts and scanning. It is unlikely that these tools could predict physical device theft; they could, of course, report on a device that is no longer connected to the environment after it has been removed by noting a lack of event activity, but that’s not quite the same thing. Event monitoring tools don’t aid in data classification/categorization; egress monitoring and digital rights management tools might provide that function, though. Social engineering attacks are mostly transparent to the majority of logical tools (the exception being social engineering efforts combined with IT traffic, such as phishing, which might be detected by email filters and sophisticated firewalls).

Question 60

Q

Event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) can aid in which of the following efforts?

A. Detecting untrained personnel
B. Predicting system outages
C. Sending alerts for conflicts of interest
D. Enforcing mandatory vacation

Answer

A

B. Predicting system outages

Explanation:
Event monitoring tools can be used to predict system outages by noting decreases in performance; repeated performance issues can be an indicator a device is failing. While an event monitoring tool might be able to detect a user who continually conducts unproductive activity or fails to complete certain functions, it is impossible to determine if the source of the problem is lack of training. These tools in no way serve to detect conflict of interest or enforce mandatory vacation, which are managerial/administrative controls.

Question 61

Q

Event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) can aid in which of the following efforts?

A. Reducing workload for production personnel
B. Decreasing size of log files
C. Optimizing performance
D. Ensuring adequate lighting of workspaces

Answer

A

C. Optimizing performance

Explanation:
Event monitoring tools can detect repeated performance issues, which can be used by administrators and architects to enhance performance/productivity. These tools don’t aid in the managerial function of noting individual workload, nor do they reduce log file sizes (indeed, they might add to the size of log files) or have anything to do with lighting.

Question 62

Q

Event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) can aid in which of the following efforts?

A. Detecting ambient heating, ventilation, and air-conditioning (HVAC) problems
B. Ensuring proper cloud migration
C. Deciding risk parameters
D. Protecting all physical entry points against the threat of fire

Answer

A

A. Detecting ambient heating, ventilation, and air-conditioning (HVAC) problems

Explanation:
Event monitoring tools can detect repeated performance issues, which can be indicative of improper temperature settings in the data center; also, some system monitoring metrics, such as CPU temperature, can directly indicate inadequate HVAC performance. These tools do not aid in cloud migration (which is the task of architects and administrators) nor in risk decisions (which is the task of senior management); they also don’t provide any kind of assistance with fire.

Question 63

Q

In addition to predictive capabilities, event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM]) are instrumental in what other security function?

A. Personnel safety
B. Vehicle tracking
C. Incident evidence
D. Acoustic dampening

Answer

A

C. Incident evidence

Explanation:
Event logs are used to reconstruct a narrative of activity; they tell the story of what happened, how it happened, and so forth. This is crucial for evidentiary purposes. Event logging tools do not aid in any of the other options (especially acoustic dampening, which is gibberish in this context).

Question 64

Q

Which of the following is one of the benefits of event monitoring tools (security information and event management [SIEM]/security information management [SIM]/security event management [SEM])?

A. Greater physical security
B. Psychological deterrence
C. Cost savings
D. More logs can be reviewed, at faster speeds

Answer

A

D. More logs can be reviewed, at faster speeds

Explanation:
The manual element of log review is tedious and necessarily slow because it requires a trained, knowledgeable person to perform the task; these tools can greatly increase the amount of log data that can be reviewed, in a much shorter amount of time. These tools do not, however, aid in any of the other options.

Answer 65

A

B. Public keys should never be shared with anyone.

Explanation:
Public keys have to be shared in order for asymmetric cryptography to function properly; that is their purpose. Private keys, on the other hand, must remain secret, known only to the individuals to whom they are assigned.
Seeding key generation processes with pseudorandom numbers makes decryption that much more difficult and is a desired practice, so option A is incorrect. Losing keys to encrypted data means that the data stays encrypted, which is a way of applying a denial-of-service attack on yourself, so option C is incorrect. Symmetric keys, known as shared secrets, ought to be transmitted to recipients over a different medium than the mode of communication intended for the encrypted traffic. If the users intend to use encrypted email, for instance, they should pass the keys via telephone. Option D is therefore incorrect.

Answer 66

A

B. The customer service department should get only a masked version of the customer’s Social Security (SS) number.

Explanation:
The customer service representative may need to see a partial version of the customer’s SS number to verify that the customer is who they claim to be, but that representative does not need to see the full number, which would create an unnecessary risk. The shipping department definitely needs the customer’s address in order to send things to the customer, so option A is not correct.
The billing department needs the customer’s full credit card number to process payments, so option C is incorrect. HR needs the employee’s full license number in order to verify and validate the employee’s identity, so option D is not correct.

Answer 67

A

D. Conflation

Explanation:
Conflation is not a masking technique and is meaningless in this context. All the others are suggested as possible masking techniques.

Answer 68

A

C. Deletion

Explanation:
While deletion is a very good way to avoid the possibility of inadvertently disclosing production data in a test environment, it also eliminates the usefulness of the data set as a plausible approximation of the production environment, greatly reducing the quality of the testing. The other options modify the raw production data into something that approximates the real environment without disclosing real data, to a greater or lesser extent; some are better than the others, but they are all better than deletion for testing purposes.

Answer 69

A

A. Creating a test environment for a new application

Explanation:
Static masking involves modification of an entire data set, all at once. This would be a good method to create a sample data set for testing purposes. Static testing for customer service use would be overkill; replicating all the customer accounts at once so that the fraction of customers who contact customer service may receive assistance is inefficient and cumbersome, and customer account information is likely to change between static updates, making it less useful. Therefore, option B is incorrect. Neither regulators nor shareholders need to see masked data, so both options C and D are incorrect.

Answer 70

A

B. Allowing a customer service representative limited access to account data

Explanation:
Dynamically masking a user’s account information each time a customer service representative accesses that data is an efficient, secure means of masking data as necessary. Trying to mask each data element as it is called by an application in a test environment would be unwieldy and not likely to provide accurate test data, so option A is incorrect.
Neither incident response nor BC/DR purposes need masked data, so both options C and D are incorrect.

Answer 71

A

C. Algorithms are two-way operations.

Explanation:
Using an algorithm to mask data suggests that the same algorithm, if learned or reverse-engineered by an aggressor, could be used on the masked data to reveal the production data. Algorithmic masking causes no more risk to production data than the other masking methods, so option A is incorrect. Accidental disclosure might be interpreted as the same thing as determining the original data from the masked set, so option B might be considered accurate, but option C is a better way of stating the risk, so B is incorrect. Option D is about the use of the deletion technique for masking, not algorithmic, so it is incorrect. This is not an easy question, and it involves some abstract thought to arrive at the correct answer.

Answer 72

A

B. User’s name; user’s age

Explanation:
The user’s name is a direct identifier, explicitly stating who that person is. The user’s age is not a direct identifier because it doesn’t specify a certain person, but it is a piece of demographic information that could be used to narrow down the user’s identity from a group of users of different ages, so it is an indirect identifier. Username and password are identity assertions and authentication credentials, not identifiers. The username might be a direct identifier, but the password is neither a direct nor an indirect identifier (especially if it is kept secret, as it should be). Option A is thus incorrect. Option C is incorrect because both elements could be considered direct identifiers (depending on the jurisdiction) if the user’s machine is considered a legal representation of the user. Option D is incorrect because both elements are indirect identifiers.

Answer 73

A

D. Identifying information

Explanation:
Anonymization is the process of removing identifiers from data sets so that data analysis tools and techniques cannot be used by malicious entities to divine personal or sensitive data from nonsensitive aggregated data sets.
All the other answers are incorrect because they are not part of the anonymization process.

Answer 74

A

B. Payment Card Industry (PCI)

Explanation:
PCI requires that credit card numbers and other cardholder data be obscured when stored for any length of time. Encryption is one approved method; tokenization is another. GLBA, COPA, and SOX do not specifically require obscuring stored data, so those options are incorrect.

Answer 75

A

B. Two

Explanation:
Tokenization will require, at a minimum, a database for the tokens and another for the stored sensitive data. One database will not suffice; a single database holding both the tokens and the sensitive data they represent would not be in compliance with any standard requiring data to be obscured. Option A is thus incorrect. Option C might be an answer some readers choose; it is easy to overthink this question. You might consider that the data requires two databases (one for tokens, one for sensitive data), and that access control would require a third database (for authentication credentials); however, the tokenization methodology does not strictly require that access be controlled through an authentication server. Option C is therefore incorrect. Be sure not to read more into the question than appears at face value. Option D is incorrect; that’s just too many databases.

Answer 76

A

B. Inference

Explanation:
Inference is an attack strategy, not a reason for implementing tokenization. All the other options are good reasons to implement tokenization, and they are therefore not correct.

Answer 77

A

A. RAID

Explanation:
In the traditional environment, a RAID array is a set of disks/drives on which data  is spread to enhance the availability, security, and resiliency of the data. In the cloud,  bit-splitting/data dispersion performs this same function in much the same way. All the other options have nothing to do with spreading data across multiple storage areas.

Answer 78

A

B. Ensuring that an unauthorized user only gets a useless fragment of data

Explanation:”
Bit-splitting involves chopping data sets up into segments and storing those segments in multiple places/devices. An attacker getting access to one segment won’t be gaining anything of value because one segment of the data set would most likely make no sense out of context. Bit-splitting may or may not function as an access control method; option B is preferable to A. Bit-splitting may or may not move data across jurisdictions, which may or may not be useful to the data owner; option B is preferable to C. Bit-splitting does not, in itself, provide access logs; option D is incorrect.

Answer 79

A

A. By making seizure of data by law enforcement more difficult

Explanation:
When law enforcement entities wish to seize assets (including data), they must cooperate with other law enforcement agencies in other jurisdictions if the data is not contained fully within their own. This may aid a data owner who is concerned about the risk of losing their data in a multitenant environment if another tenant conducts illicit activity and law enforcement seizes an entire data storage device as part of an investigation, accidentally collecting data belonging to innocent parties. Attackers are jurisdiction-agnostic; they don’t care where data is stored or what laws apply. Option B is thus incorrect. Authorized users can access bit-split data regardless of the location and can disclose information worldwide; option C is incorrect. Bit-splitting does not pertain to types of access roles; option D is incorrect.

Answer 80

A

C. Significantly greater processing overhead

Explanation:
Bit-splitting, as with many security methods/technologies, carries a significantly greater overhead than data sets that don’t use this method. Bit-splitting, in particular, takes an extensive amount of processing to perform. Bit-splitting should make a data set more secure and decrease the chance of unauthorized access, so options A and B are incorrect.
It is unlikely that bit-splitting would violate regulatory standards; even if that were to be the case, it is always true that bit-splitting carries greater overhead, so option C is preferable to D.

Answer 81

A

A. It may require trust in additional third parties beyond the primary cloud service provider.

Explanation:
This is not a simple question and requires the reader to think through the situation suggested by each answer. Option A is correct because the data owner may opt to perform bit-splitting across multiple cloud services to enhance security (not all the “eggs” will be in one “basket”). When this is the case, the data owner will have additional dependencies: all the vendors involved in storing the various data elements. There should be no additional management concern; if bit-splitting is not compliant with the data owner’s policy, it won’t be adopted. Option B is incorrect. Bit-splitting implementations should be transparent to users; option C is incorrect. There are plenty of vendors offering bit-splitting solutions; option D is incorrect.,

Answer 82

A

C. Some risk to availability, depending on the implementation

Explanation:
Ironically, data dispersion can lead to some additional risk of loss of availability, depending on the method/breadth of the dispersion. If the data is spread across multiple cloud providers, there is a possibility that an outage at one provider will make the data set unavailable to users, regardless of location. However, there are methods for attenuating this threat, and bit-splitting usually provides greater availability of data over traditional storage without dispersion. Data dispersion should have no effect on physical theft risks and would actually serve to minimize the opportunity for an attacker to acquire useful sensitive data as the data would be on several geographically disparate devices. Option A is incorrect. Bit-splitting should have no effect on public image whatsoever; option B is incorrect. Bit-splitting does not have an attendant fire risk; option D is incorrect.

Answer 83

A

B. Homomorphic encryption

Explanation:
This is the definition of homomorphic encryption.
All the other answers are incorrect.

Answer 84

A

B. Real-time analytics

Explanation:
Real-time analytics allows for reactive and predictive operations (such as recommending other, related products) based on customers’ current and past shopping behavior. All the other answers are data discovery approaches but not used for this particular application (options C and D are two names for the same thing).

Answer 85

A

D. Agile analytics/business intelligence

Explanation:
The Agile approach to data analysis offers greater insight and capabilities than previous generations of analytical technologies. Options B and C are other data discovery technologies, but neither is the correct answer. Option A is incorrect because obverse polyglotism is just a made up term that does not have any relevance as an answer to the question.

Answer 86

A

D. Data hover

Explanation:
Data hover is a made up term which is not a data discovery technique. All the other answers are actual data discovery techniques.

Answer 87

A

A. Metadata

Explanation:
This is the definition of metadata: data about data, usually created by systems (hardware and/or software) when the data is captured/collected. Options B and C are also data discovery techniques, but not involving metadata. Data hover is a made up term and is therefore, not a data discovery technique, so option D is incorrect.

Answer 88

A

C. Data owners

Explanation:
The data owners, presumably the personnel closest to and most familiar with the data, should be the ones labeling it. The other answers are incorrect because they are not the data owners.

Answer 89

A

C. At collection/creation

Explanation:
For the most efficient classification/categorization process, and to streamline the application of proper controls, data labeling should be performed when the data is first being collected/created.
Options A and B are incorrect because they are not part of a data labeling process. Option D is incorrect because the discovery tools need to have the data labeled to work properly.

Answer 90

A

A. Egress monitoring solutions

Explanation:
Egress monitoring tools (often referred to as DLP) are specifically designed to seek out and identify data sets based on content; this is part of how they operate. They can be used for or in conjunction with content-based data discovery efforts. Digital rights management (DRM) is an additional access control solution for objects, so option B is incorrect. Internet Small Computer System Interface (iSCSI) allows storage controller commands to be sent over a Transmission Control Protocol (TCP) network and has nothing to do with data discovery; thus, option C is incorrect. Fibre Channel over Ethernet (FCoE) is a standard for approaching fiber-media speeds of data transfer on an Ethernet network; it has nothing to do with data discovery, so option D is incorrect.

Answer 91

A

D. Inheritance

Explanation:
Inheritance has nothing to do with content analysis; it is usually referring to object-oriented traits derived from originating objects. All the other answers are characteristics of content that can be used in content-analysis methods of data discovery.

Answer 92

A

B. Flawed management decisions based on edited displays

Explanation:
Because dashboards are often used for management purposes (graphical representations of technical data), management pressures often result in skewed data dashboarding (“no red!”), which can lead to the “data” being used for fallacious decisions. All the other answers are not affected by dashboarding at all and are incorrect.

Answer 93

A

D. Inaccurate or incomplete data

Explanation:
A data discovery effort can only be as effective as the veracity and quality of the data it addresses. Bad data will result in ineffective data discovery.
All the other answers do not impact data discovery efforts and are only distractors. (Poor bandwidth might slow down data discovery, but it won’t have true negative impact, so option D is still better.)

Answer 94

A

C. Assigning labels

Explanation:

Label assignment is a task of the data owner—the cloud customer, not the provider. All the other answers are requirements for the cloud provider to meet the data discovery needs of the customer and should be negotiated before migration.

Answer 95

A

D. The managed services contract and SLA

Explanation:
The cloud customer will have to determine which levels of performance/responsibilities on the part of the provider will be necessary to meet the customer’s needs for data discovery. These should be codified in the contract/service-level agreement (SLA). The other answers are general regulations and standards; they will not contain specific guidance for every customer’s needs and are only distractors.

Answer 96

A

D. The cloud customer

Explanation:
This is a difficult question and requires insight on the practice of classifying data and a good understanding of the material. While the determination of what sorts of data need to be protected may come from external sources (laws, standards, regulations, etc.), the classification of data for each data owner/cloud customer will be specific to that entity. Therefore, the cloud customer will have to impose data classification schema on itself and its own data. The other answers represent external entities, some of whom might require that certain information be handled with a certain duty or care (such as Payment Card Industry [PCI] mandates for cardholder information). However, these entities will not impose a classification scheme on the data owner or cloud customer; that responsibility falls on the data owner or cloud customer to do for itself and the data under its control.

Answer 97

A

D. Whatever the data owner decides

Explanation:
This is a difficult, and somewhat tricky, question. Each organization has to decide, for itself, how to classify its own data. With that said, many factors bear on this determination: external regulations and drivers, the type of industry in which the organization operates, and so forth. But the kinds of data the organization uses, and how that data is sorted, will differ for every organization, and each must make its own determination on how to best sort that data.
All the other answers are factors that an organization might consider when creating a classification scheme, but they are not mandatory for every organization. Option D is still the best answer for this question.

Answer 98

A

B. Labeling

Explanation:
This is another difficult question. Classification of data is an element of labeling, insofar as labeling is the grouping of data into discrete categories and types. Labels must be affixed to objects and data sets in accordance with an overall policy that lists objective criteria to guide the data owner(s) in assigning the appropriate label; this is a form of classification. Option A might be considered apt, as labeling and classification fall generally under the auspices of “security,” but option B is more specific and therefore correct. Classification is not considered a facet of data control or data markup. Therefore, options C and D are incorrect.

Answer 99

A

B. Automatic or manual

Explanation:
An organization could implement an automated tool that assigns labels based on certain criteria (location of the source of the data, time, creator, content, etc.), much like metadata, or the organization could require that data creators/collectors assign labels when the data is first created/collected, according to a policy that includes discrete, objective classification guidance. Option A is incorrect because even though the word pair may seem pretty technical, together they are meaningless with respect to data classification. It may be true that data classification can be correct or incorrect, however, option C is not as good of an answer as option B. The goal for the data owner is to correctly classify the data and not to incorrectly classify the data. So, option C is incorrect. It is difficult to imagine data classification that only takes place at a certain time of day. Therefore, it is not likely to be the correct answer and certainly option D is not as good an answer as option B.

Answer 100

A

A. Color change

Explanation:
Color is unlikely to be a characteristic for which data is classified, much less reclassified. Although some exceptions might exist (motion picture production, satellite imagery, paint vendors, etc.), those would be far from the norm, and the other answers are much more general cases and would apply to many more organizations. Therefore, color is the correct answer (in the negative), and the rest are incorrect (because they are true).

Answer 101

A

C. Security controls

Explanation:
The purposes of classifying/categorizing data is to create proper associated control sets for each data type and aid the efficiency and cost-effectiveness of applying those controls to that data. While dollar value may be a good metric for assessing data type in many organizations, it is not the only such trait, and not for all organizations; option C is still a better answer, so A is wrong. Metadata may or may not be used in a classification/categorization scheme; option B is incorrect. Policies are not assigned to data types; a policy will dictate how data classifications/categories are assigned to data. Option D is incorrect.

Answer 102

A

B. Virtualization

Explanation:
Data transforming from raw objects to virtualized instances to snapshotted images back into virtualized instances and then back out to users in the form of raw data may affect the organization’s current classification methodology; classification techniques and tools that were suitable for the traditional IT environment might not withstand the standard cloud environment. This should be a factor of how the organization considers and perceives the risk of cloud migration. Multitenancy should be a consideration of cloud migration for the potential risks of data leakage and disclosure but not because of data transformation. Option A is not correct. Remote access and physical distance should not include aspects of data transformation that are not already considered in the traditional IT environment, so options C and D are incorrect.

Answer 103

A

D. The cloud customer

Explanation:
The cloud customer, as the PII data owner, is ultimately legally responsible for all losses of PII data. The customer may be able to recoup some of the costs of damages related to the breach by placing financial liability on the provider through the use of strong contract terms and conditions, but all legal responsibility falls on the customer, in all cases. The other options are parties that may have some partial or contributory responsibility for the breach (especially, in this case, the provider, who was negligent), but the ultimate responsibility lies with the customer.

Answer 104

A

D. The individual

Explanation:
The subject is the human being to whom the PII applies.
The other answers are not data subjects, and are therefore incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 238). Wiley. Kindle Edition.

Answer 105

A

B. The cloud provider

Explanation:
B. In a PII context, the processor is any entity that processes data on behalf or at the behest of the data owner. In the case of most managed cloud service arrangements, that will be the cloud service provider. (The cloud customer may also process its own data, but the customer is the data owner/controller.) Options A, C, and D are all incorrect. The cloud customer provides the subject’s PII to the cloud provider for processing. The regulator ensures that the PII is protected properly and the individual is the data subject. So, options A, C, and D are incorrect answers.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 238). Wiley. Kindle Edition.

Answer 106

A

A. The cloud customer

Explanation:
In a PII context, the controller is the entity that creates/collects, owns, or manages the data—that is, the data owner. In a managed cloud service arrangement, that would be the cloud customer. Options B, C, and D are all incorrect. The cloud provider is the entity that processes the PII data. The regulator ensures that the PII is protected properly and the individual is the data subject.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 239). Wiley. Kindle Edition.

Answer 107

A

B. Viewing

Explanation:
This is not a simple question, and it requires a bit of insight into uses of data. The most suitable answer here is “viewing,” as it is entirely passive; the viewer is not performing any action on the data. “Processing,” in a PII context, is any manipulation of the data, to include securing or destroying it, in electronic or hard-copy form. In a “viewing” action, the processor would be displaying the data to the viewer, while the viewer is only receiving it, not storing it or using it. Note that the answer did not involve “using,” which definitely would be a processing action. All the other answers are examples of processing and therefore not correct.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 239). Wiley. Kindle Edition.

Answer 108

A

B. The United States

Explanation:
The United States has some federal PII laws that apply to specific sectors (the government itself [Privacy Act], medical providers [Health Information Portability and Accountability Act], financial and insurance vendors [Gramm-Leach-Bliley Act], etc.), but not a single, overarching federal law that addresses PII in a uniform, nationwide manner.
All the other options list countries that have such laws, and those options are therefore incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 239). Wiley. Kindle Edition.

Answer 109

A

A. Opt in

Explanation:
Under HIPAA, the subject must opt in to information sharing—that is, the subject (the patient) must explicitly state, in writing and with a signature, who the vendor is allowed to share personal information with, such as family members, spouses, parents, and children. (Under HIPAA, this personal information is referred to as electronic private health information [ePHI].) The vendor is prohibited from sharing the patient’s data with anyone else. Under HIPAA, the patient does not have to opt out of information sharing; the default situation is to not share patient data. Option B is incorrect. HIPAA does not require any kind of screening or template, so Options C and D are incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 239). Wiley. Kindle Edition.

Answer 110

A

B. Opt out

Explanation:
B. Under GLBA, financial and insurance vendors are allowed to share account holders’ personal data with other entities (including other businesses owned by the same vendor) unless the account holder explicitly states, in writing, that the vendor is not allowed to do so. The vendor is required to provide a form for opting out of data sharing when the account holder creates the account and annually every subsequent year. Option A is incorrect; under GLBA, the default situation allows banks and insurance providers (owned by the same entity) to share customer data—the customer must opt out of this arrangement if the customer doesn’t want information shared. Options C and D are incorrect because they do not relate to the sharing of PII data by a bank or insurer.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 239). Wiley. Kindle Edition.

Answer 111

A

B.A human right

Explanation:
The EU is probably at the forefront of global efforts to sanctify and enshrine personal privacy; the current statutes and precedents based on court decisions have clearly denoted Europe’s intent to treat individual privacy as a human right. Options A and D are simply incorrect. It is very possible to consider option C as correct because European businesses are held to strict standards regarding the privacy data under their control. However, option B has more significance and is more general, so it is the proper selection among this list.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 112

A

B. The United States

Explanation:
The EU regulations associated with personally identifiable information (PII) belonging to EU citizens prohibit that data to be utilized in any way in any country that does not have a national privacy law commensurate with the EU regulations. Of this list, only the United States has no such law. Indeed, the EU regulations might very well be taken to be aimed directly at the United States, and probably for good reason; the United States has not proven to be a good steward of or even recognize the importance of personal privacy.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 113

A

C.Forgotten

Explanation:
The right to be forgotten is the EU’s codification of an individual’s right to have any data store containing their own personal data purged of all personally identifiable information (PII). There are, of course, some obvious exceptions (such as law enforcement databases). The other answers are not as accurate; “the right to be forgotten” is a very well-known and important aspect of the GDPR.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 114

A

B. A PLA would force the provider to accept more liability.

Explanation:
Under current laws and regulations, ultimate liability for the security of privacy data rests on the data controller—that is, the cloud customer. A PLA would require the cloud provider to document expectations for the cloud customer’s data security, which would be an explicit admission of liability. There is little motivation for cloud providers to take on this additional liability (and the costs associated with it) with no mandate or market force pushing them to do so. Option A is wrong because the provider’s liability is already limited under current legal schemes; the PLA would not enhance that limitation. Options C and D are wrong because agreements (as contracts) are both binding and enforceable, and even if they were not, those are not reasons.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 115

A

C. The Capability Maturity Model (CMM)

Explanation:
The CMM is not included in the CSA CCM and, indeed, is not even a security framework. All the other options are included in the CSA CCM and are therefore not correct answers for this question.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 116

A

D. Digital Millennium Copyright Act (DMCA)

Explanation:
The DMCA deals with intellectual property and not specifically with personal privacy. It is not included in the CSA CCM. All the other answers are laws that are included in the CSA CCM and are therefore not correct answers for this question.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 117

A

A. A trusted device

Explanation:
A. DRM solutions are mainly designed to protect intellectual property assets (and mainly those covered by copyright, hence the name), but they can also be used to provide enhanced protection to other electronic information. All the other options are forms of electronic information, while option A is a piece of hardware; DRM does not enhance hardware security, so this is the correct answer.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 240). Wiley. Kindle Edition.

Answer 118

A

A. User consent and action

Explanation:
Deploying DRM usually requires installing a local agent on each device intended for use in that environment; with BYOD, that means getting all users to agree and install that agent because they own the devices. DRM is an enhanced security protocol, so option B is incorrect. The cloud is not specifically necessary for DRM implementations, even in BYOD environments, so option C is incorrect. Any DRM solution involving a BYOD environment must be suitable for all devices, not just a certain selection, because the organization can’t easily mandate which devices are used (otherwise, it’s not BYOD). Option D is incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 119

A

B. Platform-agnostic solutions

Explanation:
In a BYOD environment, users might bring any number of devices/operating systems to the network, and any DRM solution selected for the purpose must interact well with all of them. The organization cannot dictate specific packages in a BYOD environment—otherwise it is not BYOD—so option A is incorrect. Turnstiles are for physical access control and have no bearing on BYOD or DRM, so option C is incorrect. BYOD and DRM should have no effect on BC/DR vendors (or the numbers thereof), and vice versa, so option D is incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 120

A

D. Business drivers

Explanation:
The CSA CCM does not deal with whether security controls are feasible or correct from a business perspective, only whether they are applicable to an organization under certain regulations. All the other answers are incorrect because they are too specific and not required by any regulation/legislation. Therefore, options A, C, and D are poor choices and also incorrect answers.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 121

A

B. An access policy

Explanation:
For DRM to work properly, each resource needs to be outfitted with an access policy so that only authorized entities may make use of that resource. All the other answers are distractors.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 122

A

B. Egress monitoring solutions (DLP)

Explanation:
DRM and DLP work well to address complementary security issues—namely, asset classification/categorization and discovery, along with access and dissemination of those assets.
RIS is a made-up term, so option A is not correct. Adjusting BIOS settings is not particularly relevant to DRM in any way, so option C is incorrect. TEMPEST is a program for harvesting data from electromagnetic emanations, so option D is not correct.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 123

A

C. Persistence

Explanation:
Access rights following the object in whatever form or location it might be or move to is the definition of persistence, one of the required traits for a DRM solution of any quality. All the other answers are traits that should be included in DRM solutions but do not match the definition in the question, so they are incorrect.

Malisow, Ben. (ISC)2 CCSP Certified Cloud Security Professional Official Practice Tests (p. 241). Wiley. Kindle Edition.

Answer 124

A

A. Continuous audit trail

Explanation:
Capturing all relevant system events is the definition of a continuous audit trail, one of the required traits for a DRM solution of any quality. All the other answers are traits that should be included in DRM solutions but do not match the definition in the question, so they are incorrect.