Chapter 5 - Security In The Cloud Flashcards
What is the term we use to describe the general ease and efficiency of moving data from one cloud provider to another cloud provider or down from the cloud?
A. Mobility
B. Elasticity
C. Obfuscation
D. Portbability
D. Elasticity is the name for the benefit of cloud computing where resources can be apportioned as necessary to meet customer demand. Obfuscation is a technique used to hide full raw datasheets, either from personnel who do not have need to know or for use in testing. mobility is not a term pertinent to the CBK.
The various models generally available for cloud BC/DR activities include all of the following except:
A. Private architecture, cloud backup
B. Cloud provider, backup from same provider
C. Cloud provider, backup from another cloud provider
D. Cloud provider, backup from private provider
D. This is not a normal configuration and would not likely provide genuine benefit
Countermeasures for protecting cloud operations against external attackers include all of the following except:
A. Continual monitoring for anomalous activity
B. Detailed and extensive background checks
C. Hardened devices and systems, including servers, hosts, hypervisors, and virtual machines
D. Regular and detailed configuration/change management activities
B. Background checks are control for attenuating potential threats from internal actors; external threats aren’t likely to submit to background checks
All of the following are techniques to enhance the portability of cloud data, in order to minimize the potential of vendor lock-in except:
A. Avoid proprietary data formats
B. Use DRM and DLP solutions widely throughout the cloud operation
C. Ensure there are no physical limitations to moving
D. Ensure favorable contract terms to support portability
B. DRM and DLP are used for increased authentication/access control and egress monitoring, respectively, and would actually decrease portability instead of enhancing it.
Which of the following is a technique used to attenuate risks to the cloud environment, resulting loss of theft of a device used for remote access?
A. Remote kill switch
B. Dual control
C. Muddling
D. Safe harbor
A. Dual control is not useful for remote access devices, because we’d have to assign two people for every device, which would decrease efficiency and productivity. Muddling is a cocktail preparation technique that involve crushing ingredients. Safe harbor is a policy provision that allows for compliance through an alternate method than the primary instruction.
