- web.groovymark@gmail.com
- November 28, 2024
Question 21
Which security control is designed to prevent unauthorized access to cloud services?
A. Firewalls
B. Multi-Factor Authentication (MFA)
C. Data Masking
D. Disk Encryption
Correct Answer: B. Multi-Factor Authentication (MFA)
Explanation: MFA is used to prevent unauthorized access by requiring multiple forms of verification. Firewalls protect network access, Data Masking obscures sensitive data, and Disk Encryption secures data at rest.
Question 22
What is the role of a load balancer in cloud computing?
A. Encrypting data in transit
B. Distributing traffic across multiple servers
C. Managing user identities
D. Configuring firewall rules
Correct Answer: B. Distributing traffic across multiple servers
Explanation: A load balancer distributes incoming traffic across multiple servers to optimize resource usage and ensure availability. Encryption, identity management, and firewall configuration are handled by other technologies.
Question 23
What does the principle of Data Breach Notification under GDPR require organizations to do?
A. Encrypt personal data
B. Minimize the data collected
C. Notify individuals in the event of a breach
D. Ensure data integrity
Correct Answer: C. Notify individuals in the event of a breach
Explanation: Data Breach Notification under GDPR requires organizations to inform individuals if their personal data is compromised. Other principles focus on data minimization, encryption, and integrity.
Question 24
Which audit report is designed to provide public assurance about a cloud provider’s internal controls?
A. SOC 1
B. SOC 2
C. SOC 3
D. PCI DSS
Correct Answer: C. SOC 3
Explanation: SOC 3 reports are designed for public assurance, while SOC 1 focuses on financial controls, SOC 2 audits security and privacy controls, and PCI DSS addresses credit card data security.
Question 25
What is the primary purpose of encryption?
A. Ensuring availability
B. Securing data from unauthorized access
C. Preventing system outages
D. Managing user identities
Correct Answer: B. Securing data from unauthorized access
Explanation: Encryption protects data by ensuring only authorized parties can access it. Availability, preventing outages, and identity management are handled by other security measures.
Question 26
Which operational activity in cloud computing focuses on restoring services after a disruption?
A. Incident Management
B. Problem Management
C. Disaster Recovery
D. Capacity Management
Correct Answer: C. Disaster Recovery
Explanation: Disaster Recovery focuses on restoring services quickly and effectively after a disruption. Incident Management addresses immediate issues, Problem Management prevents incidents, and Capacity Management ensures resources are available.
Question 27
What is the purpose of Risk Assessment in cloud security?
A. Encrypting sensitive data
B. Prioritizing risks based on their impact and likelihood
C. Ensuring user identities are verified
D. Isolating cloud tenants
Correct Answer: B. Prioritizing risks based on their impact and likelihood
Explanation: Risk Assessment identifies, analyzes, and prioritizes risks to determine their potential impact and likelihood. Other activities involve encryption, identity verification, and tenant isolation.
Question 28
Which security measure is used to isolate tenants in a multi-tenant cloud environment?
A. Firewalls
B. VLANs
C. Multi-Factor Authentication (MFA)
D. SSL/TLS
Correct Answer: B. VLANs
Explanation: VLANs isolate tenants in a multi-tenant environment, ensuring that data and resources are separated. Firewalls control network access, MFA prevents unauthorized access, and SSL/TLS protects data in transit.
Question 29
Which regulation requires U.S. financial institutions to develop information security plans to protect customer data?
A. HIPAA
B. GDPR
C. GLBA
D. SOX
Correct Answer: C. GLBA
Explanation: The Gramm-Leach-Bliley Act (GLBA) requires U.S. financial institutions to develop security plans for protecting customer data. HIPAA governs healthcare data, GDPR protects personal data in the EU, and SOX addresses corporate governance.
Question 30
What type of risk analysis uses numerical values to estimate the impact of risks?
A. Qualitative Risk Analysis
B. Quantitative Risk Analysis
C. Scenario Analysis
D. Risk Mitigation
Correct Answer: B. Quantitative Risk Analysis
Explanation: Quantitative Risk Analysis uses numerical values to estimate the impact of risks, while Qualitative Risk Analysis ranks risks based on severity. Scenario Analysis evaluates risk scenarios, and Risk Mitigation reduces risks.
Question 31
Which U.S. regulation focuses on corporate financial practices and transparency?
A. GDPR
B. HIPAA
C. SOX
D. PCI DSS
Correct Answer: C. SOX
Explanation: The Sarbanes-Oxley Act (SOX) focuses on corporate financial practices and transparency. HIPAA governs healthcare data, GDPR protects personal data in the EU, and PCI DSS secures payment card data.
Question 32
Which type of encryption is commonly used to protect sensitive data during transmission between applications?
A. Symmetric Encryption
B. Asymmetric Encryption
C. SSL/TLS
D. Homomorphic Encryption
Correct Answer: C. SSL/TLS
Explanation: SSL/TLS is commonly used to secure data in transit between applications. Symmetric and Asymmetric Encryption are general encryption methods, while Homomorphic Encryption is used for encrypted data processing.
Question 33
Which risk management strategy involves shifting the responsibility for managing a risk to another party?
A. Risk Acceptance
B. Risk Transference
C. Risk Mitigation
D. Risk Avoidance
Correct Answer: B. Risk Transference
Explanation: Risk Transference involves shifting the responsibility for managing a risk to another party, such as through outsourcing or insurance. Risk Acceptance tolerates the risk, Risk Mitigation reduces it, and Risk Avoidance eliminates it.
Question 34
What is the purpose of Data Integrity in cloud security?
A. Ensuring that only authorized users can access data
B. Preventing unauthorized changes to data
C. Protecting data from being intercepted during transmission
D. Encrypting data in the cloud
Correct Answer: B. Preventing unauthorized changes to data
Explanation: Data Integrity ensures that data is accurate and protected from unauthorized changes. Other options involve access control, transmission security, and encryption.
Question 35
Which type of testing is focused on identifying vulnerabilities in cloud services during the development stage?
A. Penetration Testing
B. Load Testing
C. Compliance Testing
D. Functional Testing
Correct Answer: A. Penetration Testing
Explanation: Penetration Testing identifies security vulnerabilities in cloud services during development. Load Testing evaluates system performance, Compliance Testing ensures adherence to regulations, and Functional Testing verifies if the service meets requirements.
Question 36
Which operational process in cloud computing focuses on ensuring that systems are configured correctly and consistently?
A. Incident Management
B. Configuration Management
C. Change Management
D. Problem Management
Correct Answer: B. Configuration Management
Explanation: Configuration Management ensures systems are configured consistently and correctly. Incident Management addresses issues after they occur, Change Management handles system modifications, and Problem Management identifies root causes of issues.
Question 37
Which regulation mandates that healthcare providers secure patient data in the U.S.?
A. GLBA
B. HIPAA
C. SOX
D. GDPR
Correct Answer: B. HIPAA
Explanation: HIPAA mandates that healthcare providers secure patient data in the U.S. GLBA covers financial data, SOX focuses on corporate governance, and GDPR governs personal data protection in the EU.
Question 38
Which operational activity involves identifying and documenting all assets and configurations in a cloud environment?
A. Asset Management
B. Configuration Management
C. Incident Management
D. Capacity Management
Correct Answer: A. Asset Management
Explanation: Asset Management involves identifying and documenting all assets and configurations in a cloud environment. Configuration Management ensures systems are configured correctly, Incident Management addresses issues, and Capacity Management ensures resource availability.
Question 39
What is the primary purpose of encrypting data in the cloud?
A. Securing data from unauthorized access
B. Ensuring availability
C. Managing user identities
D. Monitoring system performance
Correct Answer: A. Securing data from unauthorized access
Explanation: Encryption protects data by ensuring that only authorized users can access it. Availability, identity management, and performance monitoring are handled by other controls.
Question 40
Which cloud computing service model gives the customer the most control over the operating system and application deployment?
A. SaaS
B. PaaS
C. IaaS
D. Public Cloud
Correct Answer: C. IaaS
Explanation: IaaS (Infrastructure as a Service) gives the customer the most control over operating system and application deployment. SaaS and PaaS offer more managed services, while Public Cloud is a deployment model, not a service model.