- web.groovymark@gmail.com
- November 28, 2024
Question 21
Which operational process ensures that cloud services can quickly recover after a disruption?
A. Capacity Management
B. Incident Management
C. Disaster Recovery
D. Problem Management
Correct Answer: C. Disaster Recovery
Explanation: Disaster Recovery focuses on restoring cloud services after a disruption. Incident Management addresses immediate issues, while Capacity and Problem Management ensure resource optimization and root cause identification.
Question 22
What does the principle of Data Minimization under GDPR require organizations to do?
A. Encrypt all data
B. Collect only necessary personal data
C. Ensure data integrity
D. Notify individuals in case of a breach
Correct Answer: B. Collect only necessary personal data
Explanation: Data Minimization requires organizations to collect only the data necessary for specific purposes. Encryption, integrity, and breach notification are covered by other GDPR principles
Question 23
Which cloud operational activity involves documenting and approving changes to infrastructure?
A. Change Management
B. Incident Management
C. Problem Management
D. Capacity Management
Correct Answer: A. Change Management
Explanation: Change Management involves documenting, approving, and tracking changes to cloud infrastructure. Incident and Problem Management address specific issues, while Capacity Management optimizes resource use.
Question 24
Which encryption method allows data to be processed while it remains encrypted?
A. SSL/TLS
B. Homomorphic Encryption
C. Symmetric Encryption
D. Disk Encryption
Correct Answer: B. Homomorphic Encryption
Explanation: Homomorphic Encryption allows data to be processed without being decrypted, maintaining its security during use. SSL/TLS, Symmetric Encryption, and Disk Encryption secure data in other contexts.
Question 25
What is the primary function of a firewall in cloud security?
A. Managing user identities
B. Preventing unauthorized network traffic
C. Encrypting data in transit
D. Detecting security incidents
Correct Answer: B. Preventing unauthorized network traffic
Explanation: Firewalls prevent unauthorized network traffic from entering or leaving a cloud environment. Other tools handle encryption, identity management, and incident detection.
Question 26
What is the role of a SOC 2 report in cloud security?
A. Auditing financial controls
B. Verifying physical security
C. Ensuring security, availability, and privacy controls
D. Monitoring compliance with healthcare regulations
Correct Answer: C. Ensuring security, availability, and privacy controls
Explanation: SOC 2 reports audit the security, availability, confidentiality, and privacy of cloud services. SOC 1 focuses on financial controls, and healthcare regulations fall under HIPAA.
Question 27
Which type of risk assessment uses numerical values to estimate the likelihood and impact of risks?
A. Qualitative Risk Assessment
B. Quantitative Risk Assessment
C. Scenario Analysis
D. Business Impact Analysis
Correct Answer: B. Quantitative Risk Assessment
Explanation: Quantitative Risk Assessment uses numerical estimates to evaluate risks. Qualitative Risk Assessment uses subjective descriptions, and Scenario and Business Impact Analyses assess potential impacts.
Question 28
What is the primary function of Data Masking in cloud security?
A. Protecting data during transmission
B. Encrypting data at rest
C. Obscuring sensitive data to protect privacy
D. Managing user identities
Correct Answer: C. Obscuring sensitive data to protect privacy
Explanation: Data Masking obscures sensitive data, protecting privacy while maintaining functionality. Other tools handle encryption, transmission, and identity management.
Question 29
Which risk management strategy involves transferring the financial consequences of a risk to another party?
A. Risk Avoidance
B. Risk Mitigation
C. Risk Transference
D. Risk Acceptance
Correct Answer: C. Risk Transference
Explanation: Risk Transference involves shifting the financial consequences of a risk, such as by purchasing insurance, to another par
Question 30
Which technology is commonly used to secure APIs from unauthorized access in cloud environments?
A. SSL/TLS
B. API Gateway
C. Firewalls
D. Multi-Factor Authentication
Correct Answer: B. API Gateway
Explanation: An API Gateway secures APIs by managing and enforcing access controls, protecting against unauthorized access. SSL/TLS secures data transmission, firewalls control network traffic, and MFA secures user authentication.
Question 31
What is the primary purpose of an Intrusion Detection System (IDS) in a cloud environment?
A. Encrypting data at rest
B. Preventing unauthorized access
C. Detecting and alerting administrators to unauthorized access attempts
D. Managing user identities
Correct Answer: C. Detecting and alerting administrators to unauthorized access attempts
Explanation: IDS detects and alerts administrators to unauthorized access attempts. It does not directly prevent access or manage identities.
Question 32
Which operational process ensures cloud resources are allocated and used efficiently to meet demand?
A. Incident Management
B. Capacity Management
C. Problem Management
D. Disaster Recovery
Correct Answer: B. Capacity Management
Explanation: Capacity Management ensures that cloud resources are used efficiently to meet current and future demand.
Question 33
Which regulation requires organizations to notify individuals in the event of a data breach affecting their personal data?
A. HIPAA
B. PCI DSS
C. GDPR
D. SOX
Correct Answer: C. GDPR
Explanation: The GDPR requires organizations to notify individuals if their personal data is breached.
Question 34
What is the primary function of a sandbox in cloud security?
A. Encrypting data at rest
B. Isolating environments for testing and development
C. Preventing unauthorized access
D. Monitoring user activity
Correct Answer: B. Isolating environments for testing and development
Explanation: A sandbox is an isolated environment used for testing and development, protecting the production environment from security issues.
Question 35
Which security control is most effective for preventing unauthorized access to a cloud environment?
A. Data Masking
B. Firewalls
C. Multi-Factor Authentication (MFA)
D. SSL/TLS
Correct Answer: C. Multi-Factor Authentication (MFA)
Explanation: MFA provides strong protection against unauthorized access by requiring multiple forms of verification.
Question 36
Which operational process focuses on restoring services after a cloud disruption?
A. Problem Management
B. Disaster Recovery
C. Incident Management
D. Capacity Management
Correct Answer: B. Disaster Recovery
Explanation: Disaster Recovery focuses on restoring services after a disruption, ensuring business continuity.
Question 37
Which type of storage is best suited for large, unstructured data in cloud environments?
A. Block Storage
B. Object-Based Storage
C. File-Based Storage
D. Ephemeral Storage
Correct Answer: B. Object-Based Storage
Explanation: Object-Based Storage is ideal for large unstructured data and includes metadata for better data management.
Question 38
What is the role of Security Information and Event Management (SIEM) in cloud security?
A. Managing identities
B. Encrypting data
C. Monitoring security events and incidents
D. Isolating cloud tenants
Correct Answer: C. Monitoring security events and incidents
Explanation: SIEM continuously monitors and analyzes security events to detect and respond to incidents.
Question 39
Which encryption method is typically used to secure communication between cloud services and users?
A. Symmetric Encryption
B. SSL/TLS
C. Asymmetric Encryption
D. Hashing
Correct Answer: B. SSL/TLS
Explanation: SSL/TLS is commonly used to secure data during transmission between users and cloud services.
Question 40
What is the role of a Risk Register in risk management?
A. Prioritizing risks
B. Documenting all identified risks, including their potential impact and mitigation strategies
C. Shifting risks to a third party
D. Accepting risks without mitigation
Correct Answer: B. Documenting all identified risks, including their potential impact and mitigation strategies
Explanation: A Risk Register records all identified risks, their severity, potential impact, and the strategies for managing them.