Module 13 Quiz

Question 1

The multitenancy nature of cloud environments means conflicts in privacy laws can occur.

True

False

Answer 1

True

Question 2

A(n) CSA or cloud service agreement is a contract between a CSP and the customer that describes what services are being provided and at what level.

True

False

Answer 2

True

Question 3

What capabilities should a forensics tool have to acquire data from a cloud?

Examine virtual systems.

Expand and contract data storage capabilities as needed for service changes.

Identify and acquire data from the cloud.

All of the above

Answer 3

All of the above

Question 4

Which of the following cloud deployment methods typically offers no security?

Hybrid cloud

Community cloud

Public cloud

Private cloud

Answer 4

Private cloud

Question 5

A CSP’s incident response team typically consists of system administrators, network administrators, and legal advisors.

True

False

Answer 5

True

Question 6

What are the three levels of cloud services defined by NIST?

OpenStack, FROST, and management plane

SaaS, PaaS, and IaaS

Hybrid, private, and community clouds

CRC, DRAM, and IMAP

Answer 6

SaaS, PaaS, and IaaS

Question 7

Which of the following is a mechanism the ECPA describes for the government to get electronic information from a provider?

Search warrants

Subpoenas with prior notice

Court orders

All of the above

Answer 7

All of the above

Question 8

Updates to the EU Data Protection Rules will affect how data is moved during an investigation regardless of location.

True

False

Answer 8

True

Question 9

In which cloud service level can customers rent hardware and install whatever OSs and applications they need?

SaaS

HaaS

IaaS

PaaS

Answer 9

IaaS

Question 10

When should a temporary restraining order be requested for cloud environments?

When a search warrant requires seizing a CSP’s hardware and software used by other parties not involved in the case

When cloud customers need immediate access to their data

When anti-forensics techniques are suspected

To enforce a court order

Answer 10

When a search warrant requires seizing a CSP’s hardware and software used by other parties not involved in the case

Question 11

Amazon was an early provider of Web-based services that eventually developed into the cloud concept.

True

False

Answer 11

True

Question 12

The cloud services Dropbox, Google Drive, and OneDrive have Registry entries.

True

False

Answer 12

True

Question 13

Evidence of cloud access found on a smartphone usually means which cloud service level was in use?

HaaS

PaaS

SaaS

IaaS

Answer 13

SaaS

Question 14

Public cloud services such as Dropbox and OneDrive use Sophos SafeGuard and Sophos Mobile Control as their encryption applications

True

False

Answer 14

True

Question 15

NIST document SP 500-322 defines more than 75 cloud services, including which of the following?

Backup as a service

Security as a service

Drupal as a service

All of the above

Answer 15

All of the above

Question 16

To see Google Drive synchronization files, you need a SQL viewer.

True

False

Answer 16

True

Question 17

Commingled data isn’t a concern when acquiring cloud data.

True

False

Answer 17

False

Question 18

What are the two states of encrypted data in a secure cloud?

Homomorphic and AES

RC4 and RC5

Data in motion and data at rest

CRC-32 and UTF-16

Answer 18

Data in motion and data at rest