- All Exams Instant Download
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.A . Risk ImpactB . DomainC . Control SpecificationView AnswerAnswer: C
Big data includes high volume, high variety, and high velocity.
Big data includes high volume, high variety, and high velocity.A . FalseB . TrueView AnswerAnswer: B
Who is responsible for the security of the physical infrastructure and virtualization platform?
Who is responsible for the security of the physical infrastructure and virtualization platform?A . The cloud consumerB . The majority is covered by the consumerC . It depends on the agreementD . The responsibility is split equallyE . The cloud providerView AnswerAnswer: E
CCM: The following list of controls belong to which domain of the CCM?
CCM: The following list of controls belong to which domain of the CCM? GRM 06 C Policy GRM 07 C Policy Enforcement GRM 08 C Policy Impact on Risk Assessments GRM 09 C Policy Reviews GRM 10 C Risk Assessments GRM 11 C Risk Management FrameworkA . Governance and Retention...
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?A . An entitlement matrixB . A support tableC . An entry logD . A validation processE . An access...
Which attack surfaces, if any, does virtualization technology introduce?
Which attack surfaces, if any, does virtualization technology introduce?A . The hypervisorB . Virtualization management components apart from the hypervisorC . Configuration and VM sprawl issuesD . All of the aboveView AnswerAnswer: D
Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?
CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they...
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?A . The physical location of the data and how it is accessedB . The fragmentation and encryption algorithms employedC . The language of the data and how it affects the userD . The implications...
All cloud services utilize virtualization technologies.
All cloud services utilize virtualization technologies.A . FalseB . TrueView AnswerAnswer: B
If there are gaps in network logging data, what can you do?
If there are gaps in network logging data, what can you do?A . Nothing. There are simply limitations around the data that can be logged in the cloud.B . Ask the cloud provider to open more ports.C . You can instrument the technology stack with your own logging.D . Ask...
