Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ccsk > chapter4 > Flashcards

chapter4 Flashcards

1
Q

Within a hybrid deployment model, infrastructure is located:

A. on-premise
B. off-premise
C. either on-premise OR off-premise
D. both on-premise AND off-premise

A

D. both on-premise AND off-premise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Within a community deployment model, infrastructure is located:

A. on-premise
B. off-premise
C. either on-premise OR off-premise
D. both on-premise AND off-premise

A

C. either on-premise OR off-premise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Within a private deployment model, infrastructure is located:

A. on-premise
B. off-premise
C. either on-premise OR off-premise
D. both on-premise AND off-premise

A

C. either on-premise OR off-premise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Within a public deployment model, infrastructure is located:

A. on-premise
B. off-premise
C. either on-premise OR off-premise
D. both on-premise AND off-premise

A

B. off-premise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Within a public deployment model, infrastructure is owned by:

A. a third party provider
B. the organization itself
C. either the organization OR a third party provider
D. both the organization AND the third party provider

A

A. a third party provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Within a community deployment model, infrastructure that is managed by the organization. but located off-premise is owned by:

A. a third party provider
B. the organization itself
C. either the organization OR a third party provider
D. both the organization AND the third party provider

A

C. either the organization OR a third party provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Within a private deployment model, infrastructure that is managed by a third party provider, but located on-premise is owned by:

A. a third party provider
B. the organization itself
C. either the organization OR a third party provider
D. both the organization AND the third party provider

A

C. either the organization OR a third party provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Within a hybrid deployment model, infrastructure is owned by:

A. a third party provider
B. the organization itself
C. either the organization OR a third party provider
D. both the organization AND the third party provider

A

D. both the organization AND the third party provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The Cloud Cube Model was developed by:

A. the Cloud Security Alliance
B. OpenCrowd Cloud Solutions
C. the Jericho Forum
D. GoGrid

A

C. the Jericho Forum

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The Cloud Cube Model illustrates:

A. physical location of resources
B. deployment models
C. management and ownership
D. all of the above

A

D. all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The Cloud Cube Model is useful for comparing:

A. two criteria/dimensions
B. three criteria/dimensions
C. four criteria/dimensions
D. five or more criteria/dimensions

A

C. four criteria/dimensions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When considering compliance with accepted frameworks and standards, one should consider (in order):
A. cloud service classification; security architecture; cloud architecture
B. cloud service classification; cloud architecture; security architecture.
C. compliance architecture; cloud architecture; cloud service classification
D. security architecture; compliance architecture; cloud architecture

A

B. cloud service classification; cloud architecture; security architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

According to the CSA’s (Cloud Security Alliance’s) risk assessment framework, risks may be:

A. accepted
B. transferred
C. mitigated
D. all of the above

A

D. all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

With respect to an organization’s security posture, controls implemented in the facilities would be classified as:

A. physical security
B. network security
C. system security
D. application security

A

A. physical security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
. With respect to an organization's security posture, controls implemented in the IT systems would be classified as:
A. physical security
B. network security
C. system security
D. application security
A

C. system security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
16. Regarding Amazon's AWS EC2 service, the consumer is responsible for security controls relating to all of the following, EXCEPT:
A. the operating system
B. the data
C. the virtualization security
D. the applications
A

C. the virtualization security

17
Q 
Regarding Amazon's AWS EC2 service, the vendor is responsible for all of the following security controls, EXCEPT:
A. data security controls
B. virtualization security controls
C. physical security controls
D. environmental security controls
A

A. data security controls

18
Q

Regarding salesforce.com’s CRM SaaS (software as a service) offering, the consumer is responsible for:

A. data security controls
B. physical security controls
C. environmental security controls
D. none of the above

A

D. none of the above

19
Q

Which of the following statements is TRUE regarding service models and security?
A. At midpoint in the stack, the cloud service vendor and the consumer are equally responsible for security.
B. The lower down the stack the cloud provider stops, the more the vendor must be responsible for security.
C. The lower down the stack the cloud provider stops, the more the consumer must be responsible for security.
D. Both A and C are true.

A

C. The lower down the stack the cloud provider stops, the more the consumer must be responsible for security.

20
Q

The Cloud Security Alliance (CSA) Guidance is divided into a number of domains for cloud computing concern. In total, there are:

A. five domains
B. six domains
C. ten domains
D. twelve domains

A

D. twelve domains

21
Q

According to the Cloud Security Alliance (CSA) Guidance, the domains of concern are divided into two broad categories:

A. policy and practice
B. governance and oversight
C. operations and governance
D. oversight and compliance

A

C. operations and governance

22
Q 
According to the Cloud Security Alliance (CSA) Guidance, all of the following domains fall under the category of governance, EXCEPT:
A. portability and interoperability
B. compliance and audit
C. legal and electronic discovery
D. encryption and key management
A

D. encryption and key management

23
Q

According to the Cloud Security Alliance (CSA) Guidance, the domain of virtualization would
fall under which of the following categories?

A. governance
B. policy
C. operations
D. oversight

A

C. operations

24
Q

According to the Cloud Security Alliance (CSA) Guidance, all of the following domains fall under the category of operations, EXCEPT:

A. data center operations
B. identity and access management
C. enterprise risk management
D. incident response

A

C. enterprise risk management

25
Q

According to the Cloud Security Alliance (CSA) Guidance, which of the following domains would address risks associated with multi-tenancy and hypervisor vulnerabilities?

A. virtualization
B. information lifecycle management
C. traditional security, business continuity and disaster recovery
D. compliance and audit

A

A. virtualization

ccsk (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions