Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ccsk > chapter7 > Flashcards

chapter7 Flashcards

1
Q

Which of the following is NOT a recommendation for the “create” phase of the security lifecycle?
A. Identification of data labeling and classification capabilities.
B. User tagging to classify data.
C. Leveraging of content discovery tools
D. enterprise digital rights management

A

C. Leveraging of content discovery tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is NOT a recommendation for the “use” phase of the data security lifecycle?
A. Data loss prevention for content-based data protection.
B. Activity monitoring and enforcement.
C. Application logic.
D. Object level controls within DBMS solutions.

A

A. Data loss prevention for content-based data protection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
Which of the following is NOT a recommendation for the "archive" phase of the data security lifecycle?
A. Asset management.
B. Disk wiping.
C. Asset tracking.
D. Both A and B.
A

B. Disk wiping.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Degaussing of physical media is a recommendation for which of the following phases of the data security lifecycle?
A. destroy
B. use
C. share
D. archive
A

A. destroy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following would be an acceptable reason for an organization to switch cloud service providers?
A. Unacceptable increase in cost during contract renewal time.
B. A business dispute between customer and provider.
C. Closure of one or more services, without acceptable migration plans.
D. All of the above.

A

D. All of the above.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
When switching service providers,  reserving/enhancing the security functionality provided by the application is the focus in which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and B
A

A. software as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
When switching service providers, minimizing the amount of application rewriting is the focus in which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. none of the above
A

B. platform as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
Having the applications and the data migrate to and run at a new provider is the sole focus for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. all of the above
A

C. infrastructure as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
Application modification is necessary to achieve portability. This is the expectation for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and C
A

B. platform as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

According to the Cloud Security Alliance (CSA), substituting cloud service providers is, in almost all cases, a:
A. positive business transaction for at least one party.
B. negative business transaction for at least one party.
C. neither a positive nor negative business transaction for any party.
D. it is impossible to determine.

A

B. negative business transaction for at least one party.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
11. According to the Cloud Security Alliance (CSA), understanding how virtual machine images can be captured and ported to service providers is necessary for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and C
A

C. infrastructure as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
According to the Cloud Security Alliance (CSA), gaining access to system logs, traces and billing records is recommended for which of the following service
models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. all of the above
A

C. infrastructure as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
13. According to the Cloud Security Alliance (CSA), using platform components with a standard syntax is recommended for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. all of the above
A

B. platform as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

According to the Cloud Security Alliance (CSA), understanding how service/application testing will be completed before and after migration is
recommended for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both A and B

A

B. platform as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q 
According to the Cloud Security Alliance (CSA), understanding if metadata can be preserved and migrated is recommended for which of the following service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. none of the above
A

A. software as a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
According to the Cloud Security Alliance (CSA), understanding management, monitoring and reporting interfaces is recommended for which of the following
service models?
A. software as a service
B. platform as a service
C. infrastructure as a service
D. both B and C
A

A. software as a service

17
Q 
Centralization of data means risk of:
A. insider abuse.
B. decreased profit potential.
C. acts of damage.
D. consumer complaints.
A

A. insider abuse

18
Q 
Contracts between provider and client should include an authoritative taxonomy defining:
A. security
B. recovery
C. access to data
D. all of the above
A

D. all of the above

19
Q 
RTOs are:
A. random time objectives
B. recovery time objectives
C. risk technology obligations
D. resource tying obligations
A

B. recovery time objectives

20
Q 
The BS 25999 standard governs:
A. the data security lifecycle (DSL)
B. multi-tenancy models
C. business continuity management (BCM)
D. contractual security requirements
A

C. business continuity management (BCM)

21
Q 
VSP refers to:
A. vendor safety protocol
B. vendor security process
C. variable safety program
D. none of the above
A

B. vendor security process

22
Q 
Data center architectures have been historically:
A. oversized
B. undersized
C. adequate to meet demands
D. overworked
A

A. oversized

23
Q 
Cloud service providers look to:
A. gain competitive advantage
B. maximize operating profit margins
C. optimize human and technological resource usage
D. all of the above
A

D. all of the above

24
Q

Customers analyzing a service provider would look at which of the following areas LAST?
A. implementation of the five principle characteristics of cloud computing
B. resource democratization and dynamism
C. technology architecture and infrastructure
D. security controls

A

B. resource democratization and dynamism

25
Q

Customers analyzing a service provider would look at which of the following areas FIRST?
A. implementation of the five principle characteristics of cloud computing
B. resource democratization and dynamism
C. technology architecture and infrastructure
D. security controls

A

A. implementation of the five principle characteristics of cloud computing

ccsk (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions