- All Exams Instant Download
Which of the following would be the most appropriate action to take first?
You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers. Which of the following would be the most appropriate action to take first?A . Take a shapshot of the virtual machinesB . Escrow the encryption keysC . Copy the dataD ....
Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?
Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?A . IDSB . IPSC . FirewallD . WAFView AnswerAnswer: A Explanation: An intrusion detection system (IDS) is implemented to watch network traffic and...
Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?
Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?A . ReversibilityB . AvailabilityC . PortabilityD . InteroperabilityView AnswerAnswer: C Explanation: Portability is the ease with which a service or application can be moved between different cloud providers. Maintaining portability...
Which type of attack was the DNSSEC extension designed to mitigate?
DNSSEC was designed to add a layer of security to the DNS protocol. Which type of attack was the DNSSEC extension designed to mitigate?A . Account hijackingB . SnoopingC . SpoofingD . Data exposureView AnswerAnswer: C Explanation: DNSSEC is an extension to the regular DNS protocol that utilizes digital signing...
During which phase of the cloud data lifecycle is it possible for the classification of data to change?
During which phase of the cloud data lifecycle is it possible for the classification of data to change?A . UseB . ArchiveC . CreateD . ShareView AnswerAnswer: C Explanation: The create phase encompasses any time data is created, imported, or modified. With any change in the content or value of...
What technology would be useful for protecting data at this point?
The share phase of the cloud data lifecycle involves allowing data to leave the application, to be shared with external systems, services, or even other vendors/contractors. What technology would be useful for protecting data at this point?A . IDSB . DLPC . IPSD . WAFView AnswerAnswer: B Explanation: Data loss...
Which of the following audits are considered "restricted use" versus being for a more broad audience?
Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on. Which of the following audits are considered "restricted use" versus being for a more broad audience?A . SOC Type 2B . SOC Type 1C . SOC Type 3D . SAS-70View AnswerAnswer: B Explanation:...
Where is a DLP solution generally installed when utilized for monitoring data at rest?
Where is a DLP solution generally installed when utilized for monitoring data at rest?A . Network firewallB . Host systemC . Application serverD . Database serverView AnswerAnswer: B Explanation: To monitor data at rest appropriately, the DLP solution would be installed on the host system where the data resides. A...
Which of the following are the storage types associated with IaaS?
Which of the following are the storage types associated with IaaS?A . Volume and objectB . Volume and labelC . Volume and containerD . Object and targetView AnswerAnswer: A
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?A . GLBAB . HIPAAC . Safe HarborD . SOXView AnswerAnswer: C Explanation: Due to the lack of an adequate privacy law or protection at...
