In volume storage, what method is often used to support resiliency and security?
In volume storage, what method is often used to support resiliency and security?A . proxy encryption B. data rights management C. hypervisor agents D. data dispersion E. random placementView AnswerAnswer: D
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?
Which of the following statements are NOT requirements of governance and enterprise risk management in a cloud environment?A . Inspect and account for risks inherited from other members of the cloud supply chain and take active measures to mitigate and contain risks through operational resiliency. B. Respect the interdependency of...
Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?
Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?A . The process of specifying and maintaining access policies B. Checking data storage to make sure it meets compliance requirements C. Giving a third party vendor permission to work on your cloud...
Which of the following is one of the five essential characteristics of cloud computing as defined by NIST?
Which of the following is one of the five essential characteristics of cloud computing as defined by NIST?A . Multi-tenancy B. Nation-state boundaries C. Measured service D. Unlimited bandwidth E. Hybrid cloudsView AnswerAnswer: C
ENISA: Which is a potential security benefit of cloud computing?
ENISA: Which is a potential security benefit of cloud computing?A . More efficient and timely system updates B. ISO 27001 certification C. Provider can obfuscate system O/S and versions D. Greater compatibility with customer IT infrastructure E. Lock-InView AnswerAnswer: A
All cloud services utilize virtualization technologies.
All cloud services utilize virtualization technologies.A . False B. TrueView AnswerAnswer: B
In the Software-as-a-service relationship, who is responsible for the majority of the security?
In the Software-as-a-service relationship, who is responsible for the majority of the security?A . Application Consumer B. Database Manager C. Application Developer D. Cloud Provider E. Web Application CISOView AnswerAnswer: D
Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?
Which governance domain focuses on proper and adequate incident detection, response, notification, and remediation?A . Data Security and Encryption B. Information Governance C. Incident Response, Notification and Remediation D. Compliance and Audit Management E. Infrastructure SecurityView AnswerAnswer: C
What is the newer application development methodology and philosophy focused on automation of application development and deployment?
What is the newer application development methodology and philosophy focused on automation of application development and deployment?A . Agile B. BusOps C. DevOps D. SecDevOps E. ScrumView AnswerAnswer: C
When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?
When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?A . The metrics defining the service level required to achieve regulatory objectives. B. The duration of time that a security violation can occur before...