Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CCSP > Domain 3: Cloud Platform and Infrastructure Security > Flashcards

Domain 3: Cloud Platform and Infrastructure Security Flashcards

1
Q

Barry is the CIO of an organization that recently suffered a serious operational issue that required activation of the disaster recovery plan. He would like to conduct a lessons learned session to review the incident. Who would be the best facilitator for this session?

A. Barry, as chief information officer (CIO)
B. Chief Information Security Officer (CISO)
C. Disaster recovery team leader (DRTL)
D. External consultant (EC)

A

Answer: D. External consultant (EC)

Barry should recruit an independent moderator to facilitate the session. Having a moderator who was not directly involved in the effort encourages honest and open feedback. While it is not necessary to use an external consultant, they may easily fill this role. It’s also possible
to find a qualified internal employee to fill this position, but it should not be someone who was involved in the incident response effort or who has a major stake in the plan, such as Barry, the CISO, or the DR team leader.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If the cloud is used for BC/DR purposes, the loss of ___________________ could gravely affect your organization’s RTO.

A. Any cloud administrator
B. A specific VM
C. Your policy and contract documentation
D. ISP connectivity

A

Answer: D. ISP connectivity

Without ISP connectivity, nobody will be able to use the internet and, thus, the cloud. Of course, realistically, without internet connectivity not much business will get done
anyway, for most organizations, regardless of whether they were operating in the cloud or on-premises.
Option A is incorrect because the loss of any single cloud administrator is unlikely to gravely affect your organization’s RTO. The loss of a specific VM will probably not gravely affect your organization’s RTO. VMs can
be reinstantiated with ease. Option B is incorrect.
The loss of your policy and contract documentation cannot gravely affect your organization’s RTO. Option C is untrue.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Brent is reviewing the controls that will protect his organization in the event of a sustained period of power loss at his on-premises datacenter. Which one of the following solutions would best meet his needs?

A. Redundant servers
B. Uninterruptible power supply (UPS)
C. Generator
D. RAID

A

Answer: C. Generator

Generators are capable of providing backup power for a sustained period of time in the event of a power loss, but they take time to activate. Uninterruptible power supplies (UPS) provide immediate, battery-driven power for a short period of time to cover momentary losses of power, which would not cover a sustained period of power loss. Redundant arrays of inexpensive disks (RAID) and redundant servers are high-availability controls but do not
cover power loss scenarios.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Carolyn is concerned that users on her network may be storing sensitive information, such as Social Security numbers, on their hard drives without proper authorization or security controls. What third-party security service can she implement to best detect this activity?

A. IDS
B. IPS
C. DLP
D. TLS

A

Answer: C. DLP
Data loss prevention (DLP) systems may identify sensitive information stored on endpoint systems or in transit over a network. This is their primary purpose. DLP systems are commonly available as a third-party managed service offering. Intrusion detection and prevention systems (IDSs/IPSs) may be used to identify some sensitive information using signatures built for that purpose, but this is not the primary role of those tools, and they would not be
as effective as DLP systems at this task. TLS is a network encryption protocol that may be used to protect sensitive information, but it does not have any ability to identify sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What individuals should have access to the management plane of a cloud datacenter?

A. Service provider engineers
B. Customer engineers
C. End users
D. Both A and B

A

Answer: A. Service provider engineers

The management plane of a cloud service provider’s datacenter should be reserved for use by that provider’s own engineers. Traffic on the management plane controls the operation of the infrastructure itself, and granting customers (even highly trained engineers) access to that
the network could jeopardize the security of other customers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Roland is a physical security specialist in an organization that has a large amount of expensive lab equipment that often moves around the facility. Which one of the following technologies would provide the most automation of an inventory control process in a cost-effective manner?

A. IPS
B. Wi-Fi
C. RFID
D. Ethernet

A

Answer: C. RFID

Radio frequency identification (RFID) technology is a cost-effective way to track items in a facility. While Wi- Fi could be used for the same purpose, it would be much more expensive to implement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Becka recently signed a contract with an alternate data processing facility that will provide her company with space in the event of a disaster. The facility includes HVAC, power, and communications circuits but no hardware. What type of facility is Becka using?

A. Cold site
B. Warm site
C. Hot site
D. Mobile site

A

Answer: A. Cold site

A cold site includes the basic capabilities required for datacenter operations— space, power, HVAC, and communications— but it does not include any of the hardware required to restore operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your organization has its production environment hosted in a cloud environment. You are considering using cloud backup services for your BC/DR purposes as well. What would probably be the best strategy for this approach, in terms of redundancy and resiliency?

A. Have your cloud provider also provide BC/DR backup.
B. Keep a BC/DR backup on the premises of your corporate headquarters.
C. Use another cloud provider for the BC/DR backup.
D. Move your production environment back into your corporate premises, and use your cloud provider to host your BC/DR backup.

A

Answer: C. Use another cloud provider for the BC/DR backup.

It’s best to have your backup at another cloud provider in case whatever causes an interruption in service occurs throughout your primary provider’s environment; this will be more complicated and expensive, but it provides the best redundancy and resiliency. Using the same provider for production and backup is not a bad option, but it entails the risk of the same contingency affecting both copies of your data. Having either the backup or the production environment localized does not provide the best protection, so neither option B nor option D is desirable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Philip is developing a new security tool that will be used by individuals in many different subsidiaries of his organization. He chooses to use Docker to deploy the tool to simplify configuration. What term best describes this approach?

A. Virtualization
B. Abstraction
C. Simplification
D. Containerization

A

Answer: D. Containerization

All of these terms accurately describe this use of technology. However, the use of Docker is best described as a containerization technology, so this is the best possible answer choice.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the most important asset to protect in cloud BC/DR activities?

A. Intellectual property
B. Hardware at the cloud datacenter
C. Personnel
D. Data on portable media

A

Answer: C. Personnel

Health and human safety is always paramount in all security activity. All of these assets require some type of protection; however, human safety must always be the highest priority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Carla is developing the design of a cloud infrastructure service offering that she will be reselling to a number of customers. What component of her stack is most directly responsible for performing tenant partitioning of the virtual machines belonging to different customers?

A. Access control lists
B. Network security group
C. Firewall
D. Hypervisor

A

Answer: D. Hypervisor

All of these technologies play some role in tenant partitioning. However, this question asked specifically about the partitioning of virtual machines belonging to different tenants. This is the responsibility of the hypervisor on a virtualization platform.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Carlos is planning a design for a datacenter that will be constructed within a new four-story corporate headquarters. The building consists of a basement and three above-ground floors. What is the best location for the datacenter?

A. Basement
B. First floor
C. Second floor
D. Third floor

A

Answer: C. Second floor

Datacenters should be located in the core of a building. Locating it in the basement makes it susceptible to flooding. The first floor is the normal point of entry to a building, making it more susceptible to physical break-ins. Locating it on the top floor makes it vulnerable to
wind and roof damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Chris is an information security professional for a major corporation, and, as he is walking into the building, he notices that the door to a secure area has been left ajar. Physical security does not fall under his responsibility, but he takes immediate action by closing the door and
informing the physical security team of his action. What principle is Chris demonstrating?

A. Due care
B. Due diligence
C. Separation of duties
D. Informed consent

A

Answer: A. Due care

The due care principle states that an individual should react in a situation using the same level of care that would be expected from any reasonable person. It is a very broad standard. The due diligence principle is a more specific component of due care that states that an individual assigned a responsibility should exercise due care to complete it accurately and in a timely manner.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Roger recently accepted a new position as a security professional at a company that runs its entire IT infrastructure within an IaaS environment. Which one of the following would most likely be the responsibility of Roger’s firm?

A. Configuring the network firewall
B. Applying hypervisor updates
C. Patching operating systems
D. Wiping drives prior to disposal

A

Answer: C. Patching operating systems.

In an infrastructure as a service environment, the vendor is responsible for hardware-related and network-related responsibilities. These include configuring network firewalls, maintaining the hypervisor, and managing physical equipment. The customer retains responsibility for patching operating systems on its virtual machine instances. The customer is responsible for managing network ingress and egress, but, does so by manipulating network security groups, rather than directly configuring the network firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In addition to the security controls implemented by the cloud provider, a cloud customer must consider the security controls implemented by ___________________.

A. The respective regulator
B. The end user(s)
C. Any vendor the cloud customer previously used in the on-premises environment
D. Any third parties the provider depends on

A

Answer: D. Any third parties the provider depends on

Because supply chain dependencies can affect service, the cloud customer will need assurance that any third-party reliance is secure.
Regulators and end users do not provide security to the enterprise, so options A and B are incorrect.
The vendors used for on-premises security will no longer affect the data, so option C is incorrect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Alyssa’s team recently implemented a new system that gathers information from a variety of log sources, analyzes that information, and then triggers automated playbooks in response to security events. What term best describes this technology?

A. SIEM
B. Log repositories
C. IPS
D. SOAR

A

Answer: D. SOAR

Security information and event management (SIEM) systems do correlate information from multiple sources and perform analysis, but they stop short of providing automated playbook responses. That is the realm of security orchestration, automation, and response
(SOAR) platforms. Intrusion prevention platforms have a more limited scope, allowing the blocking of traffic based on analysis performed by the IPS itself. Log repositories simply collect log information and do not perform analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Candace is designing a backup strategy for her organization’s file server. She would like to perform a backup every weekday that has the smallest possible storage footprint. What type of backup should she perform?

A. Incremental backup
B. Full backup
C. Differential backup
D. Transaction log backup

A

Answer: A. Incremental backup

Incremental backups provide the option that includes the smallest amount of data. In this case, that would be only the data modified since the most recent incremental backup. A differential backup would back up all data modified since the last full backup, which would
be a substantial amount. The full backup would include all information on the server. Transaction log backups are specifically designed to support database servers and would not be effective on a file server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Nick is evaluating options for his organization’s future datacenters. Which one of the following options normally incurs the largest up-front cost?

A. Colocation facilities
B. Cloud datacenters
C. On-premises datacenters
D. SaaS offerings

A

Answer: C. On-premises datacenters

This is a classic example of the “buy vs. build” decision. Any time an organization chooses to build out capital resources, such as an on-premises datacenter, it involves very high up-front investments. The other offerings here involve leveraging the capital investments made by others and will involve lower (or no) up-front costs, but will have higher recurring costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ben is an IT auditor and would like to ensure that the organization has mechanisms in place to create an appropriate audit trail for systems and applications. Which one of the following technologies aggregates and correlates log entries?

A. SIEM
B. IPS
C. EDR
D. CASB

A

Answer: A. SIEM

Security information and event management (SIEM) solutions aggregate log entries from many different sources and correlate them to create an interpretable audit trail. Intrusion prevention systems (IPSs) analyze and block suspicious network traffic. Endpoint detection and response (EDR) platforms monitor endpoints for malware and respond to malware infections. Cloud access security brokers (CASBs) enforce an organization’s security policies
across cloud providers. IPS, EDR, and CASB solutions are important components of an organization’s security program, but they do not aggregate and correlate log entries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Brittney is reviewing her organization’s disaster recovery process data and notes that the MTD for the business’s database server is 30 minutes. What does she know about the RTO for the server?

A. It needs to be less than 30 minutes.
B. It needs to be at least 30 minutes.
C. The MTD is too short and needs to be longer.
D. The RTO is too short and needs to be longer.

A

Answer: A. It needs to be less than 30 minutes.

When Brittney reviews the recovery time objective (RTO) data, she needs to ensure that the organization can recover from an outage in less than 30 minutes based on the maximum tolerable downtime (MTD) of 30 minutes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Cameron is worried about distributed denial-of-service (DDoS) attacks against his company’s primary web application. Which of the following options will provide the most resilience against large-scale DDoS attacks?

A. Implement a CDN.
B. Increase the number of servers in the web application server cluster.
C. Contract for DDoS mitigation services via the company’s ISP.
D. Increase the amount of bandwidth available from one or more ISPs.

A

Answer: A. Implement a CDN.

A content delivery network (CDN) run by a major provider can handle large-scale DDoS attacks more easily than any of the other solutions. Using DDoS mitigation techniques via an ISP is the next most useful capability, followed by both increases in bandwidth and increases in the number of servers in the web application cluster.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

John’s network begins to experience symptoms of slowness. He launches a packet capture tool and realizes that the network is being bombarded with TCP SYN packets and believes that his organization is the victim of a Denial-Of-Service (DOS) attack. What principle of information security is being violated?

A. Availability
B. Integrity
C. Confidentiality
D. Denial

A

Answer: A. Availability

A denial- of- service (DoS) attack is designed to overwhelm a system until it is unable to process legitimate requests.
The purpose of this attack is to deny legitimate users access to the system, which is a violation of the principle of availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Mike recently implemented an intrusion prevention system designed to block common network attacks from affecting his organization. What type of risk management strategy is
Mike pursuing?

A. Risk acceptance
B. Risk avoidance
C. Risk mitigation
D. Risk transference

A

Answer: C. Risk mitigation

Risk mitigation strategies attempt to lower the probability and/or impact of a risk occurring. Intrusion prevention systems attempt to reduce the probability of a successful attack and are, therefore, examples of risk mitigation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You are trying to determine the critical assets that your organization must protect in your BC/DR activities. Which one of the following artifacts would be most useful in your work?

A. Quantitative risk analysis
B. Qualitative risk analysis
C. Business impact analysis
D. Risk appetite

A

Answer: C. Business impact analysis

The business impact analysis (BIA) is designed for this purpose: to determine the critical path of assets/resources/data within the organization. It is a perfect tool to use in shaping the BC/DR plan.
The risk analyses options and the risk appetite option may provide input for the BIA, but they are not what is used to determine the critical assets necessary to protect in the BC/DR activity. So, options A, B, and D are incorrect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
A component failure in the primary HVAC system leads to a high temperature alarm in the datacenter that Kim manages. After resolving the issue, what should Kim consider to prevent future issues like this? A. A closed loop chiller B. Redundant cooling systems C. Swamp coolers D. Relocating the datacenter to a colder climate
**Answer: B. Redundant cooling systems** **A well-designed datacenter should have redundant systems and capabilities for each critical part of its infrastructure.** That means that power, cooling, and network connectivity should all be redundant. Kim should determine how to ensure that a single system failure cannot take her datacenter offline.
22
Michael is responsible for forensic investigations and is investigating a security incident that involved the defacement of a corporate website. The web server in question ran on a virtualization platform, and the marketing team would like to get the website up and running as quickly as possible. What would be the most reasonable next step for Michael to take? A. Keep the website offline until the investigation is complete. B. Take the virtualization platform offline as evidence. C. Take a snapshot of the compromised system and use that for the investigation. D. Ignore the incident and focus on quickly restoring the website.
**Answer: C. Take a snapshot of the compromised system and use that for the investigation.** Michael should conduct his investigation, but there is a pressing business need to bring the website back online. The most reasonable course of action would be to take a snapshot of the compromised system and use the snapshot for the investigation, restoring the website to operation as quickly as possible while using the results of the investigation to improve the security of the site.
22
Joe is the security administrator for a cloud-based ERP system. He is preparing to create accounts for several new employees. What default access should he give to all of the new employees as he creates the accounts? A. Read only B. Editor C. Administrator D. No access
**Answer: D. No access** **The principle of least privilege should guide Joe in this case. He should apply no access permissions by default and then give each user the necessary permissions to perform their job responsibilities.** Read only, editor, and administrator permissions may be necessary for one or more of these users, but those permissions should be assigned based on business need and not by default.
23
Which of the following is a device specially designed to handle the management of cryptographic keys? A. Key management box (KMB) B. Hardware security module (HSM) C. Ticket- granting ticket (TGT) D. Trusted computing base (TCB)
**Answer: B. Hardware security module (HSM)** The question describes an HSM. KMB is a nonsense term used as a distractor, so it is incorrect. TGT is a term associated with Kerberos single sign-on systems and is incorrect. The TCB includes the elements of hardware and software (usually in the operating system) that ensure that a system can only be controlled by those with the proper permissions (i.e., admins with root control), so it is also incorrect.
24
Jason operates a cloud datacenter and would like to improve the ability of administrators to interact programmatically with backend solutions on the management plane. What technology can he use to best allow this type of automation? A. CASB B. API C. Hypervisor D. Python
**Answer: B. API** **Application programming interfaces (APIs) allow for the programmatic interaction with services and platforms.** Jason can use APIs to tie together different technologies and interact with them programmatically. Python scripts may play a role in that automation but they do not, on their own, allow the automation to occur because the script must use the API to interact with services. Cloud access security brokers (CASBs) enforce customer security policies across a variety of services and are not a backend security solution. The hypervisor is a component of the management plane and would be a target of the automation, rather than a facilitator of it.
24
What type of IaaS storage is typically used to provide disk volumes that are mountable on virtual server instances? A. Dedicated disks B. Block C. Encrypted D. Object
**Answer: B. Block** **Block storage, also known as volume storage, provides disk volumes for use by servers.** Cloud environments generally do not provide dedicated disks because that approach would be highly inefficient. Object storage is used to store files as individual objects and cannot be used as a disk volume. Any type of storage may be encrypted or unencrypted, but the fact that storage is encrypted does not make it useful for disk volumes.
24
What individual in an organization bears ultimate responsibility for the success of the disaster recovery plan? A. End users B. BC/DR team leader C. CISO D. CEO
**Answer: D. CEO** The key to successfully answering this question is noticing that it asks who bears “ultimate responsibility.” The chief executive officer (CEO) bears ultimate responsibility for the success of the organization and, therefore, will be the one held accountable if the business fails. Of course, everyone in the organization has some accountability for their own roles in the program’s success.
24
Best practice for planning the physical resiliency for a cloud datacenter facility includes ___________________. A. Having one point of egress for personnel B. Ensuring that redundant cabling/connectivity enters the facility from different sides of the building/property C. Ensuring that all parking areas are near generators so that personnel in high-traffic areas are always illuminated by emergency lighting, even when utility power is not available D. Ensuring that the foundation of the facility is rated to withstand earthquake tremors
**Answer: B. Ensuring that redundant cabling/connectivity enters the facility from different sides of the building/property** **To avoid a situation where severing a given physical connection results in severing its backup as well (such as construction/landscaping, etc.), have redundant lines enter on different sides of the building.** For health and human safety, multiple egress points from each facility are preferred (and often required by law); option A is incorrect. Emergency lighting should receive power regardless of their proximity to the power source, and parking vehicles near generators is a bad idea from a safety perspective; option C is incorrect. Not all facilities need to withstand earthquakes; this may be true of datacenters in California, but not in Sydney, so it is not an industry-wide best practice. Option D is incorrect.
24
In a virtualized computing environment, what component is responsible for enforcing separation between guest machines? A. Guest operating system B. Hypervisor C. Kernel D. Protection manager
**Answer: B. Hypervisor** The hypervisor is responsible for coordinating access to physical hardware and enforcing isolation between different virtual machines running on the same physical platform.
24
Ursula is examining several virtual servers that her organization runs in an IaaS service. She discovers that the servers are all running a scheduling service that is no longer used by the organization. What action should she take? A. Ensure the service is fully patched. B. Remove the service. C. Leave the service alone unless it is causing issues. D. Contact the vendor for instructions.
**Answer: B. Remove the service.** Running unnecessary services on a server increases the attack surface and exposes an organization to unnecessary risk. Therefore, Ursula should work through the organization’s normal change management processes to remove the service.
24
Jen is designing a datacenter that will be used to offer cloud services to her organization’s customers. She is concerned about separating systems that process information that belongs to different customers from each other. What networking technology would best allow her to enforce this separation? A. BGP B. LAN C. VLAN D. VPN
**Answer: C. VLAN** **Virtual local area networks (VLANs) are used to create logical separation between systems in a datacenter and are the most cost-effective way to provide network segmentation.** Creating separate LANs would require redundant equipment and unnecessary expense. Virtual private networks (VPNs) are used to connect remote users and sites over an insecure network and are not relevant within a secure datacenter. Border Gateway Protocol (BGP) is used to route traffic between network sites and is not relevant to this scenario.
24
Risk should always be considered from a business perspective. When a risk is accepted, it should be balanced by a corresponding ___________________. A. Profit B. Performance C. Cost D. Opportunity
**Answer: D. Opportunity** **The only reason organizations accept any level of risk is because of the potential benefit also afforded by a risky activity.** Profit is not the hallmark of every opportunity (or every organization— many organizations are nonprofit or government-based), so option A is incorrect. Likewise, not all risky activities offer a chance to enhance performance, so option B is incorrect. Cost is not a benefit, so that doesn’t even make sense in the context of the question; option C is not correct and a distractor.
25
You are designing a cloud datacenter that is expected to meet Tier 2 status according to the Uptime Institute standards. What level of availability must you achieve to meet this standard? A. 99.422% B. 99.671% C. 99.741% D. 99.995%
**Answer: C. 99.741%** **Tier 2 datacenters are expected to achieve 99.741% availability.** Tier 1 datacenters are expected to achieve 99.671% availability. Tier 3 datacenters are expected to achieve 99.982% availability. Tier 4 datacenters are expected to achieve 99.995% availability.
25
When discussing the cloud, we often segregate the datacenter into the terms compute, storage, and networking. Compute is made up of ___________________ and ___________________. A. Routers; hosts B. Application programming interfaces (APIs); northbound interfaces (NBIs) C. Central processing units (CPUs); random access memory (RAM) D. Virtualized; actual hardware devices
**Answer: C. Central processing units (CPUs); random access memory (RAM)** The compute nodes of a cloud datacenter can be measured in terms of how many central processing units (CPUs) and how much random access memory (RAM) is available within the center.
26
Which one of the following statements about file storage security in the cloud is correct? A. File stores are always kept in plaintext in the cloud. B. There is no way to sanitize file storage space in the cloud. C. Virtualization prevents the use of application-based security controls. D. Virtual machines are stored as snapshotted files when not in use.
**Answer: D. Virtual machines are stored as snapshotted files when not in use.** **VMs are snapshotted and simply stored as files when they are not being used; an attacker who gains access to those file stores could ostensibly steal entire machines in highly portable, easily copied formats. Therefore, these cloud storage spaces must include a significant amount of controls.** It is possible to sanitize cloud file spaces by using crypto-shredding. Virtualization does not prevent the use of application-based security controls. Administrators are free to encrypt cloud-based file stores.
27
When considering cloud data backup strategies (i.e., whether you are making backups at the block, file, or database level), which element of your organization’s BC/DR plan will be most affected by your choice? A. Recovery time objective B. Recovery point objective C. Maximum allowable downtime D. Mean time to failure
**Answer: B. Recovery point objective (RPO) ** **The recovery point objective (RPO) is a measure of data that can be lost in an outage without irreparably damaging the organization**. Data replication strategies will most affect this metric, as the choice of strategy will determine how much recent data is available for recovery purposes. Recovery time objective (RTO) is a measure of how long an organization can endure an out-age without irreparable harm. This may be affected by the replication strategy, but not as much as the RPO. Option A is incorrect. The maximum allowable downtime (MAD) is how long an organization can suffer an outage before ceasing to be an organization. This is not dependent on the RPO, and the data replication strategy won’t have much effect on it at all. Option C is incorrect. The mean time to failure (MTTF) is a measure of how long an asset is expected to last (usually hardware), as determined by the manufacturer/vendor. The data replication strategy will have no bearing on this whatsoever. Option D is incorrect.
27
Javier is assisting with the implementation of a cloud-based SaaS solution. He is concerned about the ability of remote users to interact directly with the database supporting the application by exploiting a web application vulnerability. What type of vulnerability would permit this access? A. SQL injection B. Cross-site scripting C. Cross-site request forgery D. Server-side request forgery
**Answer: A. SQL injection** SQL injection vulnerabilities allow an attacker to send commands through a web application to the database supporting that application. Cross-site scripting attacks execute code on a remote user’s system. Cross-site request forgery and server-side request forgery attacks seek to exploit trust relationships by tricking systems into authorizing unauthorized activity.
28
Which of the following technologies is commonly implemented by websites to encrypt data being sent between the web server and an end user? A. VPN B. TLS C. VLANs D. IPsec
**Answer: B. TLS** Transport Layer Security (TLS) is the primary protocol used to implement the HTTPS standard for secure communication between servers and users. Virtual private networks (VPNs) will also encrypt web traffic, but they are a separate service normally provided by a user’s employer and not the remote website. Virtual local area networks (VLANs) are used for network segmentation and not for encryption. IPsec is a protocol used to implement VPNs.
29
“Return to normal operations” is a phase in BC/DR activity when the emergency is over and regular production can resume. Which of the following can sometimes be the result when the organization uses two different cloud providers for the production and BC/DR environments? A. Both providers are affected by the emergency, extending the time before return to normal can occur. B. The BC/DR provider becomes the new normal production environment. C. Regulators will find the organization in violation of compliance guidance. D. All data is lost irretrievably.
**Answer: B. The BC/DR provider becomes the new normal production environment** Theoretically, all the options are possibly true. However, option B is the most likely to occur; the cost and risk of moving operations from one environment/provider to another is sizable, so staying with the secondary provider (making them the new primary) is a good way to reduce some of the risk involved in returning to normal.
30
As Gary decides what access permissions he should grant to each user, what principle should guide his decisions about default permissions? A. Separation of duties B. Least privilege C. Aggregation D. Separation of privileges
**Answer: B. Least privilege** Gary should follow the least privilege principle and assign users only the permissions they need to perform their job responsibilities. Aggregation is a term used to describe the unintentional accumulation of privileges over time, also known as privilege creep. Separation of duties and separation of privileges are principles used to secure sensitive processes.
31
Gary is preparing to create an account for a new user in a federal government agency. He is working to assign privileges to the HR database. What two elements of information must Gary verify before granting this access? A. Credentials and need to know B. Clearance and need to know C. Password and clearance D. Password and biometric scan
**Answer: B. Clearance and need to know** **Before granting access, Gary should verify that the user has a valid security clearance and a business need to know the information.** Gary is performing an authorization task, so he does not have to verify the user’s credentials, such as a password or biometric scan.
31
As Gary designs the program, he uses the matrix shown here. What principle of information security does this matrix most directly help enforce? A. Separation of duties B. Aggregation C. Two-person control D. Defense in depth
**Answer: A. Separation of duties** The matrix shown in the figure is known as a separation of duties matrix. It is used to ensure that one person does not obtain two privileges that would create a potential conflict. Aggregation is a term used to describe the unintentional accumulation of privileges over time, also known as privilege creep. Two-person control is used when two people must work together to perform a sensitive action. Defense in depth is a general security principle used to describe a philosophy of overlapping security controls.
32
Gary is preparing to develop controls around access to root encryption keys and would like to apply a principle of security designed specifically for very sensitive operations. Which principle should he apply? A. Least privilege B. Defense in depth C. Security through obscurity D. Two-person control
**Answer: D. Two-person control** Gary should follow the principle of two-person control by requiring simultaneous action by two separate authorized individuals to gain access to the encryption keys. He should also apply the principles of least privilege and defense in depth, but these principles apply to all operations and are not specific to sensitive operations. Gary should avoid the security through obscurity principle, the reliance upon the secrecy of security mechanisms to provide security for a system or process. Two-person control: A security concept used to maintain high levels of safety and integrity by ensuring that two or more individuals are required to perform certain sensitive or high-risk tasks. This technique prevents a single individual from having sole authority or access and is often applied to prevent fraudulent activities or unauthorized actions.
33
How often should Gary and his team conduct a review of the privileged access that a user has to sensitive systems? (Select all that apply.) A. On a periodic basis B. When a user leaves the organization C. When a user changes roles D. On a daily basis
**Answer: A, B, C.** **Privileged access reviews are one of the most critical components of an organization’s security program because they ensure that only authorized users have access to perform the most sensitive operations. They should take place whenever a user with privileged access leaves the organization or changes roles as well as on a regular, recurring basis.** However, it is not reasonable to expect that these time-consuming reviews would take place on a daily basis.
34
Which one of the following hypervisor types is generally considered to offer the greatest level of security? A. Type 1 B. Type 2 C. Type 3 D. Type 4
**Answer: A. Type 1** **Type 1, or “bare-metal” hypervisors, run directly on top of hardware and provide a greater degree of security than Type 2 hypervisors.** This is because Type 2 hypervisors must run on top of another operating system, increasing the total attack surface. Types 3 and 4 hypervisors do not exist.
35
Yolanda is helping her organization decide whether to build their own datacenters or lease space from a colocation provider. What would be the major benefit of using a colocation provider? A. Reduced cost B. Increased security C. Reduced complexity D. Increased capability
**Answer: A. Reduced cost** **The major factor driving organizations to lease space in a colocation facility is a reduction in cost achieved through economies of scale.** Leased facilities are not necessarily more, less secure or complex than custom-built facilities, and they do not necessarily have greater capability.
36
Which one of the following components is not necessary in a Tier 1 datacenter? A. Uninterruptible power supplies B. Dual-power supplies in systems C. Backup generator D. Cooling
**Answer: B. Dual-power supplies in systems.** Tier 1 datacenters require dedicated space for IT systems, an uninterruptible power supply (UPS) system for line conditioning and backup purposes, sufficient cooling systems to serve all critical equipment, and a power generator for extended electrical outages, with at least 12 hours of fuel to run the generator at sufficient load to power the IT systems. Dual-power supplies are a requirement of a Tier 3 datacenter and are not required in Tier 1 datacenters.
37
Fred is working to design security controls for a cloud environment where remote systems will need to gain command-line access to Linux servers in an automated fashion. Which one of the following authentication approaches will provide the strongest security in this scenario? A. Multifactor authentication B. Digital certificates C. Biometric authentication D. Strong passwords
**Answer: B. Digital certificates** **The most important detail in this question is that the access must be automated. This means that systems will connect to each other without any human intervention.** Because of this requirement, biometric controls are not useful because they require that a person be involved in the authentication process. Using passwords would require storing that password on the remote server. This is possible, but not ideal from a security perspective. Since we don’t want to use passwords or biometrics, multifactor authentication is also not feasible. That leaves digital certificates as the most viable option for securing these connections.
38
In software-defined networking (SDN), the northbound interface (NBI) usually handles traffic between the ___________________ and the ___________________. A. Cloud customer; ISP B. SDN controllers; SDN applications C. Cloud provider; ISP D. Router; host
**Answer: ** **The NBI usually handles traffic between the SDN controllers and SDN applications.** Options A and C are incorrect because neither of those options lists any of the SDN infrastructure, be that the controllers or the applications. Option D may be arguably correct, as there might be an NBI handling that traffic between those nodes, but option B is more specific and always true for this definition, so it is the better choice.
39
A user signs on to a cloud-based social media platform. In another browser tab, the user finds an article worth posting to the social media platform. The user clicks on the platform’s icon listed on the article’s website, and the article is automatically posted to the user’s account on the social media platform. This is an example of what? A. Single sign-on B. Insecure direct identifiers C. Identity federation D. Cross-site scripting
**Answer: C. Identity federation** This is a very popular function of federated identity. Single sign-on (SSO) is similar to federation, but it is limited to a single organization; federation is basically SSO across multiple organizations. Option A is incorrect. Options B and D are threats listed in the Open Web Application Security Project (OWASP)Top 10; they are incorrect. Federated identity management (FIM) involves linking identities across multiple domains, allowing users to access resources using a single set of credentials. It's a key aspect of Identity and Access Management (IAM) in the cloud, enabling single sign-on (SSO) functionality across different organizations or systems.
40
Which of the following is a device specially purposed to handle the issuance, distribution, and storage of cryptographic keys? A. Key management box (KMB) B. Hardware security module (HSM) C. Ticket- granting ticket (TGT) D. Trusted computing base (TCB)
**Answer: B. Hardware security module (HSM)** Hardware security modules (HSMs) are security solutions designed to manage the processes surrounding cryptographic keys. Key management boxes (KMBs) provide for the management of physical keys. Ticket-granting tickets (TGTs) are a component of the Kerberos authentication process. The trusted computing base (TCB) provides a secure operating environment inside a computer system.
41
Sprawl is mainly a(n) ___________________ problem. A. Technical B. External C. Management D. Logical
**Answer: C. Management** Sprawl needs to be addressed from a managerial perspective because it is caused by allowed user actions (usually in a completely authorized capacity).
42
You are in charge of creating the business continuity, disaster recovery (BC/DR) plan, and procedures for your organization. You decide to have a tabletop test of the BC/DR activity. Which of the following will offer the best value during the test? A. Have all participants conduct their individual activities via remote meeting technology. B. Task a moderator well-versed in BC/DR actions to supervise and present scenarios to the participants, including randomized special events. C. Provide copies of the BC/DR policy to all participants. D. Allow all users in your organization to participate.
**Answer: B. Task a moderator well-versed in BC/DR actions to supervise and present scenarios to the participants, including randomized special events.** A trained and experienced moderator can guide the participants through the activity, enhancing their training and noting pitfalls and areas for improvement. Option A is not preferable because having the participants gathered together ensures their full attention and provides interaction that remote participation might not yield. Option C is a baseline; all participants should have copies of the policy as a matter of course. Option D is not useful in a tabletop exercise; only critical participants in the organization should take part in the tabletop.
43
What can be revealed by an audit of a baseline virtual image, used in a cloud environment? A. Adequate physical protections in the datacenter B. Potential criminal activity before it occurs C. Whether necessary security controls are in place and functioning properly D. Lack of user training and awareness
**Answer: C. Whether necessary security controls are in place and functioning properly.** The baseline will contain the suite of security controls applied uniformly throughout the environment. A VM image audit is unlikely to involve any form of physical security; A is incorrect. Baselines won’t predictively show malicious activity; B is incorrect. Baselines also do not have anything to do with user training and awareness; option D is incorrect
44
You are in charge of creating the business continuity, disaster recovery (BC/DR) plan, and procedures for your organization. Your organization has its production environment hosted by a cloud provider, and you have appropriate protections in place. Which of the following is a significant consideration for your BC/DR backup? A. Enough personnel at the BC/DR recovery site to ensure proper operations B. Good cryptographic key management C. Access to the servers where the BC/DR backup is stored D. Forensic analysis capabilities
**Answer: B. Good cryptographic key management** This is a difficult question that requires a great deal of thought. Option B is correct because appropriate cloud data security practices will require encrypting a great deal of the data, and having the keys will be necessary during contingency operations in order to access the backup; without the keys, you won’t be able to access your data. Option A is not correct because using the cloud for BC/DR will allow personnel to access the backup from anywhere they can get broadband connectivity, not specifically a recovery site. Option C is not correct because the customer will rarely have physical access to servers in the cloud environment. Option D is not correct because forensic analysis is not a significant consideration in BC/DR; it is much more important for incident response.
45
The minimum essential characteristics of a cloud datacenter are often referred to as “ping, power, pipe.” What does this term mean? A. Remote access for a customer to racked devices in the datacenter; electrical utilities; connectivity to an internet service provider (ISP)/the internet B. Application suitability; availability; connectivity C. Infrastructure as a service (IaaS); software as a service (SaaS); platform as a service (PaaS) D. Antimalware tools; controls against distributed Denial-Of-Service (DDoS) attacks; physical/environmental security controls, including fire suppression
**Answer: A. Remote access for a customer to racked devices in the datacenter; electrical utilities; connectivity to an internet service provider (ISP)/the internet** Ping is a term used to describe the ability of customers to access their systems remotely. Power is shorthand for electrical power to the systems. Pipe refers to the network connectivity that supports servers’ connections to the internet.
46
Which of the following poses a new risk in the cloud, not affecting the traditional, on-premises IT environment? A. Internal threats B. Multitenancy C. Natural disasters D. Distributed Denial-of-Service (DDoS) attacks
**Answer: B. Multitenancy** Sharing resources with other, unknown customers (some of whom may be competitors of or even hostile to the organization) is a risk not faced by organizations that maintain their own, on-premises datacenters. All the other answers are threats that exist in both environments and are therefore incorrect.
47
Software-Defined Networking (SDN) allows network administrators and architects to perform all the following functions except ___________________. A. Reroute traffic based on current customer demand. B. Create logical subnets without having to change any actual physical connections. C. Filter access to resources based on specific rules or settings. D. Deliver streaming media content in an efficient manner by placing it closer to the end user.
**Answer: D. Deliver streaming media content in an efficient manner by placing it closer to the end user.** **Software-Defined Networks (SDN) allow administrators to perform a variety of automated functions. These include rerouting traffic based on current customer demand, creating logical subnets without having to change any physical connections, and filtering access to resources based upon specific rules or settings.** Delivering streaming media content in an efficient manner by placing it closer to the end user is a function of content delivery networks (CDNs), not SDNs.
48
Mary is reviewing the availability controls for the system architecture shown here. What technology is shown that provides fault tolerance for the database servers? A. Failover cluster B. UPS C. Tape backup D. Cold site
**Answer: A. Failover cluster** **The illustration shows an example of a failover cluster, where DB1 and DB2 are both configured as database servers. At any given time, only one will function as the active database server, while the other remains ready to assume responsibility if the first one fails.** Although the environment may use UPS, tape backup, and cold sites as disaster recovery and business continuity controls, they are not shown in the diagram.
49
Using one cloud provider for your operational environment and another for your BC/DR backup will give you the additional benefit of ___________________. A. Allowing any custom VM builds you use to be instantly ported to another environment B. Avoiding vendor lock-in/lockout C. Increased performance D. Lower cost
**Answer: B. Avoiding vendor lock-in/lockout** **Having an additional backup with a different provider means that if your primary provider becomes unusable for any reason (including bankruptcy or unfavorable contract terms), your data is not held hostage or lost.** Custom VMs may or may not work in a new environment; this is actually a risk when porting data out of the production environment; Option A is incorrect. Performance probably will not increase if data is replicated to another cloud provider; in fact, you will probably lose some load-balancing capability you might have had if you kept the data and backups together. Option C is incorrect. Having two providers will always be more costly than a single provider; option D is incorrect.
50
The cloud customer will usually not have physical access to the cloud datacenter. This enhances security by ___________________. A. Reducing the need for qualified personnel B. Limiting access to sensitive information C. Reducing jurisdictional exposure D. Ensuring statutory compliance
**Answer: B. Limiting access to sensitive information** The “sensitive information,” in this case, is whatever knowledge of the datacenter’s security controls and processes might be gathered by physically visiting the datacenter. Even though a cloud customer cannot get access to the facility, this also means that other cloud customers (some of whom may be hostile to another customer’s interests) also will not have access, so none would have an advantage over the other(s). Option A is incorrect because qualified personnel are still required whether or not a cloud environment has limited access to their datacenter. In fact, security may be degraded by having unqualified personnel rather than qualified personnel working in the cloud datacenter. Option C is incorrect because reducing jurisdictional exposure does not enhance security. There may be a correlation between ensuring statutory compliance and enhancing security as it applies to limiting access to the cloud datacenter. However, option B is a better answer because it is certainly true. Therefore, option D is not the best answer to the question.
51
Which one of the following services would be least likely described as providing computing capability? A. Virtual server instances B. FaaS C. Object storage D. Containers
**Answer: C. Object storage** Virtual server instances and containers provide direct computing resources to cloud service users. **Function as a service provides a platform upon which computing may be performed. Object storage does not provide any compute capability, as it is solely a storage service.**
52
What is the main reason virtualization is used in the cloud? A. Virtual machines (VMs) are easier to administer. B. If a VM is infected with malware, it can be easily replaced. C. With VMs, the cloud provider does not have to deploy an entire hardware device for every new customer. D. VMs are easier to operate than actual devices.
**Answer: C. With VMs, the cloud provider does not have to deploy an entire hardware device for every new customer.** While options A and B are both also true, C is the most significant reason cloud datacenters use VMs. If the cloud provider had to purchase a new box for every user, the cost of cloud services would be as much as running a traditional environment (or likely cost even more), and there would be no reason for any organization to migrate to the cloud, especially considering the risks associated with disclosing data to a third party. Option D is simply untrue. VMs are not easier to operate than actual devices.
53
Which one of the following test types is most likely to have an impact on production operations? A. Full test B. Parallel test C. Walkthrough test D. Simulation test
**Answer: A. Full test** **Full tests, also known as full interruption tests, shut down the primary operating facility and shift operations to the backup facility.** These tests are very likely to have a serious impact on production operations. The parallel test activates the backup facility but does not move production responsibility to it. Walkthroughs and simulations do not activate the backup facility or impact production operations in any way.
54
Questions 69 and 70 refer to the following scenario: Brendan is analyzing the symptoms of a cloud attack that took place in his organization’s IaaS offering. In this attack, one customer was able to access resources on a virtual machine belonging to another customer by launching an attack from their own virtual machine. What term best describes this attack? A. Escape B. Overflow C. Injection D. Scripting
**Answer: A. Escape** This is an example of an escape attack because the attacker was able to leave the confines of their own virtual machine and access resources belonging to another customer. There is no indication in the scenario that the attack used any specific overflow, injection, or scripting vulnerability.
55
What component of Brendan’s service offering was most directly responsible for allowing this attack? A. Compute B. Hypervisor C. Management plane D. Storage
**Answer: B. Hypervisor** **Escape attacks always occur as the result of a vulnerability or malfunction in the hypervisor because the hypervisor is responsible for performing the separation that prevents one customer from accessing resources belonging to another customer.**
56
Melissa uses the snapshot capabilities of her cloud service provider to make backup copies of the disk volumes that support her virtual machines. What type of storage is most likely used to store these backups? A. Dedicated disks B. Block C. Encrypted D. Object
**Answer: D. Object** **Disk volumes used to support virtual machines are typically stored on block storage.** However, when snapshotting is used to create backups of those disks, the backups are commonly stored in less expensive object storage. Dedicated disks are not generally used in cloud environments. The backups may be encrypted while in object storage, but this is not a technical requirement.
57
If you use the cloud for BC/DR purposes, even if you don’t operate your production environment in the cloud, you can cut costs by eliminating your ___________________. A. Security personnel B. BC/DR policy C. Old access credentials D. Need for a physical hot site/warm site
**Answer: D. Need for a physical hot site/warm site** **Having your data backed up and accessible in the cloud eliminates any need for having a distinct hot site/warm site separate from your primary operating environment; instead, your personnel can recover operations from anywhere with a good broadband connection.** Cloud BC/DR capability does not remove the necessity of security personnel and appropriate policies; both options A and B are incorrect. Option C makes no sense as an answer to the question. It is unclear how you can cut costs by eliminating your old access credentials. In fact, it is difficult to imagine how that is a true statement. Therefore, option C is a poor choice, and option D is the best choice.
58
Using a virtual machine baseline image could be very useful for which of the following options? A. Physical security B. Auditing C. Training D. Customization
**Answer: B. Auditing** A specified configuration built to defined standards and with a controlled process can be used to demonstrate that all VMs within an environment include certain controls; this can greatly enhance the efficiency of an audit process. The VM’s image has very little to do with physical security or training; options A and C are incorrect. Baseline images are the opposite of customization; option D is incorrect.
59
Which one of the following audit mechanisms would be able to provide the most accurate reconstruction of user activity? A. Application logs B. Security logs C. Netflow records D. Packet capture
**Answer: D. Packet capture** Log entries do provide some insight into user activity but they generally do not provide the full context of user communication. Netflow records only provide the “telephone bill” level detail of communications and not the content. While those sources would be useful, full packet capture provides the most accurate reconstruction of user activity, but it is costly to implement due to data storage requirements.
60
You are in charge of creating the business continuity and disaster recovery (BC/DR) plan and procedures for your organization. Your organization has its production environment hosted in a cloud environment and no longer operates secure on-premises datacenters. You are considering using cloud backup services for your BC/DR purposes as well. What would probably be the best strategy for this approach, in terms of redundancy and resiliency? A. Have your cloud provider also provide BC/DR backup. B. Keep a BC/DR backup on the premises of your corporate headquarters. C. Use another cloud provider for the BC/DR backup. D. Move your production environment back into your corporate premises, and use your cloud provider to host your BC/DR backup.
**Answer: C. Use another cloud provider for the BC/DR backup.** **It’s best to have your backup at another cloud provider in case whatever causes an interruption in service occurs throughout your primary provider’s environment; this will be more complicated and expensive, but it provides the best redundancy and resiliency.** Using the same provider for production and backup is not a bad option, but it entails the risk of the same contingency affecting both copies of your data. Having either the backup or the production environment localized does not provide the best protection because you no longer operate secure cloud datacenters.
61
The BC/DR plan/policy should include all of the following except ___________________. A. Tasking for the office responsible for maintaining/enforcing the plan. B. Contact information for essential entities, including BC/DR personnel and emergency services agencies. C. Copies of the laws/regulations/standards governing specific elements of the plan. D. Checklists for BC/DR personnel to follow.
**Answer: C. Copies of the laws/regulations/standards governing specific elements of the plan.** This is not an easy question, because every plan/policy should include mention of the governance documents that drive the formation of the plan/policy; however, these can be included by reference only— you don’t need to include full copies of these governance documents. All the other options should be included in the BC/DR plan/policy.
62
A Security Assertion Markup Language (SAML) identity assertion token uses the ___________________ protocol. A. Extensible Markup Language (XML) B. Hypertext Transfer Protocol (HTTP) C. Hypertext Markup Language (HTML) D. American Standard Code for Information Interchange (ASCII)
**Answer: A. Extensible Markup Language (XML)** Security Assertion Markup Language (SAML) is based on XML. HTTP is used for port 80 web traffic; HTML is used to present web pages. ASCII is the universal alphanumeric character set.
63
Anita’s IaaS provider allows her to choose the region of the world where she will operate her primary server instances and a different region where she will operate her backup instances. Which one of the following is the most important concern that Anita should consider? A. Regulatory compliance. B. Physical security. C. Environmental factors such as humidity. D. It doesn’t matter. Data can be saved anywhere without consequence.
**Answer: A. Regulatory compliance.** **Depending on your industry and the nature of your data, moving information into another jurisdiction may affect or invalidate your regulatory compliance.** Cloud providers, wherever they are located, should compensate for environmental and physical security factors, so this should have no impact on your potential risk; options B and C are incorrect. Option D is incorrect because it is a blanket statement that is not always true. In fact, for some organizations, the physical location where their data is stored can have serious regulatory consequences.
64
There are many ways to handle risk. However, the usual methods for addressing risk are not all possible in the cloud because ___________________. A. Cloud data risks cannot be mitigated. B. Migrating into a cloud environment necessarily means you are accepting all risks. C. Some risks cannot be transferred to a cloud provider D. Cloud providers cannot avoid risk.
**Answer: C. Some risks cannot be transferred to a cloud provider** **Under current legal frameworks, some risks (such as legal liability for privacy data breaches) cannot be transferred to a contracted party, so the data owners (that is, cloud customers) will still retain those risks. It is important to note that customers are always responsible for managing risk in some way, even if risk is transferred to a cloud provider.** Option A is not correct; risks can and should be mitigated, even in the cloud. Option B is not correct; cloud migration will require some risk acceptance, but that is true for everything except avoided risk. Option D is incorrect; cloud providers can choose not to offer services or not to accept certain clients.
65
To support all aspects of the CIA triad (confidentiality, integrity, availability), all of the following aspects of a cloud datacenter need to be engineered with redundancies, except ___________________. A. Power supply B. HVAC C. Administrative offices D. Internet service provider (ISP)/connectivity lines
**Answer: C. Maximum allowable downtime** The administrative offices of a cloud datacenter rarely are part of the critical functions of the operation; a datacenter could likely endure the loss of the administrative offices for a considerable length of time, so redundancy here is probably not cost-effective.
65
You are reviewing the requirements for a new datacenter with leaders from functional teams. The discussions are centering on the amount of data that may be lost if an outage occurs. What metric is most directly related to this discussion? A. Recovery time objective B. Recovery point objective C. Maximum allowable downtime D. Mean time to failure
**Answer: B. Recovery point objective** **The recovery point objective (RPO) is a measure of data that can be lost in an outage without irreparably damaging the organization. Data replication strategies will most affect this metric, as the choice of strategy will determine how much recent data is available for recovery purposes.** Recovery time objective (RTO) is a measure of how long an organization can endure an outage without irreparable harm. This may be affected by the replication strategy, but not as much as the RPO. Option A is incorrect. The maximum allowable downtime (MAD) is how long an organization can suffer an outage before ceasing to be an organization. This is not dependent on the RPO, and the data replication strategy won’t have much effect on it at all. Option C is incorrect. The mean time to failure (MTTF) is a measure of how long an asset is expected to last (usually hardware), as determined by the manufacturer/vendor. The data replication strategy will have no bearing on this whatsoever. Option D is incorrect.
66
What term describes the process of granting users access to resources? A. Identification B. Authentication C. Authorization D. Federation
**Answer: ** **Authorization is the process of granting users and other security principals access to resources in an environment.** Identification and authentication are part of the overall identity and access management (IAM) process, as is authorization, but they do not specifically describe granting access to resources. Federation is a means of conducting IAM across organizations; authorization is a more specific answer, so federation is incorrect.
67
In which cloud service model does the customer lose the most control over the configuration of services? A. Infrastructure as a service (IaaS) B. Platform as a service (PaaS) C. Software as a service (SaaS) D. Function as a service (FaaS)
**Answer: B. Platform as a service (PaaS)** **When using two different cloud providers, a cloud customer runs the risk that data/software formats used in the operational environment can’t be readily adapted to the other provider’s service, thus causing delays during an actual failover.** Risks of physical intrusion are neither obviated nor enhanced by choosing to use two cloud providers; option A is incorrect. Using a different cloud provider for backup/archiving actually reduces the risks of outages due to vendor lock-in/lockout and natural disasters, so options C and D are not correct.
68
Which of the following risks is probably most significant when choosing to use one cloud provider for your operational environment and another for BC/DR backup/archive? A. Physical intrusion B. Proprietary formats/lack of interoperability C. Vendor lock-in/lockout D. Natural disasters
**Answer: C. Vendor lock-in/lockout** As the models increase in level of abstraction and service, the customer’s control over the environment decreases. Therefore, the customer has the most control over the configuration of IaaS services, a moderate degree of control over PaaS/FaaS services, and the least control over SaaS services.
69
Warren is working with a cloud service provider on the terms of a new service that his organization will depend on as a disaster recovery capability. Which one of the following actions will provide Warren with the best assurance that the service will function correctly? A. Audit all performance functions. B. Audit all security functions. C. Perform a full-scale test. D. Mandate this capability in the contract.
**Answer: C. Perform a full-scale test.** **Without a full test, Warren can’t be sure the BC/DR plan/process will work the way it is intended.** Audits are good, but they will not demonstrate actual performance the way a test will, so options A and B are incorrect. It is important that the BC/DR capacity and performance be included in the contract, but that will not truly ensure that the functionality exists; a test is required, so option D is incorrect.
69
Charles is the BC/DR program manager for a cloud service provider. He is assessing the risks facing his program. He believes that the organization has done adequate BC/DR planning but they have never actually activated the plan. Which of the following would most likely pose the most significant risk to the organization? A. Not having essential BC/DR personnel available during a contingency. B. Not including all BC/DR elements in the cloud contract. C. Returning to normal operations too soon. D. Telecommunications outages.
**Answer: C. Returning to normal operations too soon.** **A premature return to normal operations can jeopardize not only production, but personnel; if the contingency that caused the BC/DR action is not fully completed/addressed, there may still be danger remaining.** The BC/DR plan/process should take into account both the absence of essential personnel and telecommunications capabilities, so options A and D are incorrect. Option B does present a serious problem for the organization, but option C is still a greater risk, so B is incorrect.
70
What type of fire suppression system poses the greatest risk to datacenter equipment if it fails? A. Dry pipe B. Preaction C. Wet pipe D. Gas
**Answer: C. Wet pipe** **Systems that use water always pose a greater failure risk to electronic equipment than those that use gas because water can destroy equipment.** Of the systems listed, wet pipe systems pose the greatest risk because water is always present in the pipes.
71
Where is isolation failure probably least likely to pose a significant risk? A. Public cloud B. Private cloud C. PaaS environment D. SaaS environment
**Answer: B. Private cloud** **Guest escape (a malicious user leaving the confines of a VM and able to access other VMs on the same machine) is less likely to occur and to have a significant impact in an environment provisioned for and used by a single customer.** In a public cloud, this is more likely and would be more significant, so option A is incorrect. The service model doesn’t specifically dictate the likelihood of occurrence or impact (both PaaS and IaaS could be in a private or public cloud, which is the more important factor), so both options C and D are incorrect.
72
What can hamper the ability of a cloud customer to protect their assets in a managed services arrangement? A. Prohibitions on port scanning and penetration testing B. Geographical dispersion C. Rules against training users D. Laws that prevent them from doing so
**Answer: A. Prohibitions on port scanning and penetration testing ** **Many cloud providers restrict activities that are common for administrative and security purposes but can also be construed/used for hacking; this includes port scanning and penetration testing. These restrictions can reduce the customer’s ability to perform basic security functions. Customers should review these practices with service providers and confirm that they are allowed to conduct routine security activities.** While geographical dispersion of cloud assets might make securing those assets more difficult in the notional sense (customer administrators can’t physically visit the devices that host their data), remoteness does not necessarily inhibit good security practices, which can be performed at a remove. This is not as detrimental as rules against port scanning/pen testing, so option B is incorrect. There are no rules against user training or laws against securing your own assets, in the cloud or otherwise; options C and D are incorrect.
73
Which of the following terms describes a means to centralize logical control of all networked nodes in the environment, abstracted from the physical connections to each? A. Virtual private network (VPN) B. Software-defined network (SDN) C. Access control lists (ACLs) D. Role-based access control (RBAC)
**Answer: B. Software-defined network (SDN)** **The question describes a Software-Defined Network (SDN). A VPN is used for creating an encrypted communications tunnel over an untrusted medium, so option A is incorrect.** ACLs are used as centralized repositories for identification, authentication, and authorization purposes, so option C is incorrect. RBAC is an access control model used to assign permissions based on job functions within an organization, so option D is incorrect.
74
Of the following options, which is a reason cloud datacenter audits are often less easy to verify than traditional audits? A. Data in the cloud can’t be audited. B. Controls in the cloud can’t be audited. C. Getting physical access can be difficult. D. There are no regulators for cloud operations.
**Answer: C. Getting physical access can be difficult.** **Cloud providers may be reluctant to grant physical access, even to their customers, on the assumption that allowing access would disclose information about security controls.** In some cases, cloud customers won’t even know the location(s) of the datacenter(s) where their data is stored. The other options are all untrue. Data in the cloud and controls in the cloud can most certainly be audited. So, options A and B are incorrect. D is untrue; there are regulators for all industries, including those that operate in the cloud.
75
Which of these most directly determines the critical assets, recovery service level (RSL), recovery time objective (RTO), and recovery point objective (RPO) for BC/DR purposes? A. Business drivers B. User input C. Regulator mandate D. Industry standards
**Answer: A. Business drivers** The business requirements will determine the crucial aspects of BC/DR. All the other options may constitute some input that will influence the BC/DR, but they are not the prevailing factors, and so are incorrect.
76
A cloud provider will probably require all of the following except ___________________ before a customer conducts a penetration test. A. Notice B. Description of scope of the test C. Physical location of the launch point D. Test timeframe/duration
**Answer: C. Physical location of the launch point** **Because cloud access is remote access, pen tests will be remote tests; it doesn’t really matter what the physical origin of the simulated attack is.** Cloud providers will want notice before the customer launches the test, and that notice should include a description of the scope of the test, knowledge of the timeframe for the test, and the logical (not physical!) addresses of the testing systems.
77
Glenda would like to conduct a disaster recovery test and is seeking a test that will allow a review of the plan with no disruption to normal information system activities and as minimal a commitment of time as possible. What type of test should she choose? A. Tabletop exercise B. Parallel test C. Full interruption test D. Checklist review
**Answer: D. Checklist review** **The checklist review is the least disruptive type of disaster recovery test. During a checklist review, team members each review the contents of their disaster recovery checklists on their own and suggest any necessary changes.** During a tabletop exercise, team members come together and walk through a scenario without making any changes to information systems. During a parallel test, the team actually activates the disaster recovery site for testing, but the primary site remains operational. During a full interruption test, the team takes down the primary site and confirms that the disaster recovery site is capable of handling regular operations. The full interruption test is the most thorough test but also the most disruptive.
78
DDoS attacks do not affect ___________________ for cloud customers. A. Productivity B. Availability C. Connectivity D. Integrity
**Answer: D. Integrity** DDoS prevents all these things except for data integrity. DDoS only prevents communication; it does not usually result in modified data.
79
Which of the following controls would be useful to build into a virtual machine baseline image for a cloud environment? A. GPS tracking/locator B. Automated vulnerability scan on system startup C. Access control list (ACL) of authorized personnel D. Write protection
**Answer: C. Access control list (ACL) of authorized personnel** Health and human safety is a paramount goal of security; all facilities must have multiple emergency egress points. All the other options are distractors as they are included in option C.
79
Where should multiple emergency egress points be included? A. At the power distribution substation B. Within the datacenter C. In every building on the campus D. In the security operations center
**Answer: B. Within the datacenter** **Because VMs don’t take updates when they are not in use (snapshotted and saved as image files) and updates may be pushed while the VMs are saved, it’s important to ensure that they receive updates when they are next instantiated.** Systems may be configured to perform automatic updates. A physical tracking mechanism won’t be of much aid for virtual devices because they aren’t physically stolen like hardware boxes, so option A is incorrect. Having an ACL in the image baseline would create a situation where every user from every cloud customer could access every VM in the datacenter; option C is incorrect. Write protection is used in forensic analysis of machines (virtual or otherwise); it would not be useful in an operational baseline. Option D is incorrect.
80
Cloud providers will probably not allow ___________________ as part of a customer’s penetration test. A. Network mapping B. Vulnerability scanning C. Reconnaissance D. Social engineering
**Answer: ** **Performing live deception and trickery against employees of the cloud provider (or its suppliers/vendors) could be construed as unethical and possibly illegal, especially without their knowledge and/or consent. Social engineering probably won’t be involved in penetration tests run by customers.** All the other options are legitimate activities a customer might perform during a penetration test (with provider permission).
81
Having your BC/DR backup stored with the same cloud provider as your production environment can help you ___________________. A. Maintain regulatory compliance B. Spend less of your budget on traveling C. Train your users about security awareness D. Recover quickly from minor incidents
**Answer: D. Recover quickly from minor incidents** Having the backup within the same environment can allow easy rollback to a last known good state or to reinstantiate clean VM images after minor incidents (e.g., a malware infection in certain VMs). Ease of compliance will not be determined by the location of the backup, so option A is incorrect. Traveling should not be a major cost for cloud usage; option B is incorrect.
82
Virtual machine (VM) configuration management (CM) tools should require that managed systems perform ___________________. A. Biometric recognition B. Anti-tampering mechanisms C. Log file generation D. Hackback capabilities
**Answer: C. Log file generation** Event logging is essential for incident management and resolution; this can be set as an automated function of the CM tools. Not all systems need or can utilize biometrics; option A is incorrect. Usually, tampering refers to physical intrusion of a device; since the question is about VMs, it is probably not applicable. Option B is incorrect. Hackback is illegal in many jurisdictions; option D is incorrect.

CCSP (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions