LearnZapp Practice 8 Flashcards
Which of the following is the least challenging with regard to eDiscovery in the cloud?
A. Decentralization of data storage
B. Complexities of international law
C. Identifying roles such as data owner, controller and processor
D. Forensic analysis
D. Forensic analysis
Explanation:
Forensic analysis is the least challenging answer provided as it refers to the analysis of data once it is obtained
The difference between KPIs and KRIs is which of the following?
A. KPIs no longer exist, having been replaced by KRIs
B. KRIs no longer exist, having been replaced by KPIs
C. KRIs are looking forward while KPIs are backward looking
D. There is no different between KPIs and KRIs
C. KRIs are looking forward while KPIs are backward looking
Explanation:
Key risk indicators (KRIs) try to predict future risk, while key performance indicators (KPIs) examine eevents that have already happened.
Which of the following is not a typicaly physical access control mechanism in the cloud data center?
A. Cage locks
B. Video surveillance
C. Rack locks
D. Fire suppression
D. Fire suppression
Explanation:
Fire suppression systems are physical controls mechanisms commonly found in cloud data centers but are not an element of access control
Which of the following can enhance application portability?
A. Using the same cloud provider for the production environment and archiving
B. Conducting service trials in an alternate cloud provider environment
C. Providing cloud usage training for all users
D. Tuning WAFs to detect anomalous activity in inbound connections
B. Conducting service trials in an alternate cloud provider environment
Explanation:
Testing is a great way to enhance assurance that applications will work in the new environment. None of the other options are relevant to the issue of application portability
Each of the following are dependencies that must be considered when reviewing the Business Impact Analysis (BIA) after cloud migration except:
A. The cloud provider’s suppliers
B. The cloud provider’s vendors
C. The cloud provider’s utilities
D. The cloud provider’s resellers
D. The cloud provider’s resellers
Explanation:
The cloud provider’s resellers are a marketing and sales mechanism, not an operational dependency that could affect the security of a cloud customer
You are the data manager for a retail company; you anticipate a much higher volume of sales activity in the final quarter of each calendar year than the other quarters. In order to handle these increased transactions, and to accommodate the temporary sales personnel you will hire for only that period, you consider augmenting your internal, on premises production environment, with a cloud capability for a specific duration, and will return to operating fully on premises after the period of increased activity. Which deployment model best describes this type of arrangement?
A. Private cloud
B. Community cloud
C. Public cloud
D. Hybrid
D. Hybrid
Explanation:
This is an excellent description of the hybrid model, where the customer owns elements of the infrastructure and the cloud provider owns other parts
What kind of SSAE audit reviews controls dealing with the organizations controls for assuring the confidentiality, integrity and availability of data?
A. SOC 1
B. SOC 2
C. SOC 3
D. SOC 4
B. SOC 2
Explanation:
SOC 2 deals with the CIA triad. SOC 1 is for financial reporting. SOC 3 is only an attestation.
The physical layout of a cloud data center campus should include redundancies of all the following except:
A. Generators
B. HVAC Units
C. Generator fuel storage
D. Points of personnel ingress
D. Points of personnel ingress
Explanation:
People entering the facility can be vectored through a single security checkpoint as a means of enhancing access control; multiple lines of ingress are not necessary.
In deciding which cloud provider to use, one of the characteristics you may want to determine about the provider is their leevel of professionalism. Which of the following tools could be use d to determine the thoroughness, detail and repeatability of the processes and procedures offered by a cloud provider?
A. The Cloud Star Security Alliance (CSA) Security, Trust and Assurance Registry (STAR) and certification program
B. The Risk Management Framework (RMF)
C. The Capability Maturity Model (CMM)
D. The EuroCloud Star Audit Certification
C. The Capability Maturity Model (CMM)
Explanation:
The CMM is a way of determining a targets maturity in terms of process documentation and repeatability.
The CSA STAR and EuroCloud Star Pprograms are certifications based on applicable control sets and compliance with standards and regulations
If you use the cloud for BCDR purposes, even if you do not operate your production environment in the cloud, you can cut costs by eliminating your:
A. Security personnel
B. BCDR Policy
C. Old access credentials
D. Need for physical hotsite/warm site
D. Need for physical hotsite/warm site
Explanation:
Having your data backed up and accessible in the cloud eliminates any need for having a distinct hot site/warm site separate from your primary operating environment; instead, your personnel can recover operations from somewhere with a good broadband connection
Which of the following risks exists in the traditional environment but is dramatically increased by moving into the cloud?
A. Physical security breaches
B. Loss of utility power
C. Financial upheaval
D. Man in the middle attacks
D. Man in the middle attacks
Explanation:
Because all of cloud access is remote, the risks to the data in transit are dramaticallyt heightened in the cloud
According to the CSA, what is one reason the threat of insecure interfaces and APIs are so prevalent in cloud computing?
A. APIs are always used for administrative access
B. Customers perform many high value tasks via APIs
C. APIs are cursed
D. It is impossible to securely code APIs
B. Customers perform many high value tasks via APIs
Explanation:
APIs will be used for many8 tasks that could have a significant negative impact on the organization, so any vulnerabilities are of great concern
You are designing a Tier 4 data center for a large hospital. In order to plan for the possibility of losing utility power, in addition to having sufficient generators, you should plan to locate the data center ____________
A. In an urban setting
B. In a rural environment
C. Near a coast
D. At the border of different counties, regions or states
D. At the border of different counties, regions or states
Explanation:
Usually, different political regions are served by different utility providers; placing your data center on such a boundary may make it feasible to have redundant, overlapping power providers
Which of the following is not an enforceable governmental request?
A. Warrant
B. Subpoena
C. Court order
D. Affidavit
D. Affidavit
Explanation:
An affidavit is only a form of formal testimony presented to the court. All the other options are enforceable governmental requests
ISO 31000 is most similar to which of the following regulations