Скачать книгу

unknown, unpatched assets from being used as back doors to the environmentEnsure that any lost devices are automatically entered into the acquisition system for repurchasing and replacementMaintain user morale by having their devices properly catalogued and annotatedEnsure that billing for all devices is handled by the appropriate departments

      106 Which of the following can enhance data portability?Interoperable export formatsEgress monitoring solutionsStrong physical protectionsAgile business intelligence

      107 Which of the following can enhance application portability?Using the same cloud provider for the production environment and archivingConducting service trials in an alternate cloud provider environmentProviding cloud-usage training for all usersTuning web application firewalls (WAFs) to detect anomalous activity in inbound communications

      108 What should the cloud customer do to ensure that disaster recovery activities don’t exceed the maximum allowable downtime (MAD)?Make sure any alternate provider can support the application needs of the organization.Ensure that contact information for all first responder agencies are correct and up-to-date at all times.Select an appropriate recovery time objective (RTO).Regularly review all regulatory directives for disaster response.

      109 Which of the following would probably best aid an organization in deciding whether to migrate from a traditional environment to a particular cloud provider?Rate sheets comparing a cloud provider to other cloud providersCloud provider offers to provide engineering assistance during the migrationThe cost/benefit measure of closing the organization’s relocation site (hot site/warm site) and using the cloud for disaster recovery insteadSLA satisfaction surveys from other (current and past) cloud customers

      110 A cloud provider will probably require all of the following except ___________________ before a customer conducts a penetration test.NoticeDescription of scope of the testPhysical location of the launch pointKnowledge of time frame/duration

      111 Cloud providers will probably not allow ___________________ as part of a customer’s penetration test.Network mappingVulnerability scanningReconnaissanceSocial engineering

      112 A cloud customer performing a penetration test without the provider’s permission is risking ___________________.Malware contaminationExcessive fees for SLA violationsLoss of market shareProsecution

      113 When a customer performs a penetration test in the cloud, why isn’t the test an optimum simulation of attack conditions?Attackers don’t use remote access for cloud activity.Advanced notice removes the element of surprise.When cloud customers use malware, it’s not the same as when attackers use malware.Regulator involvement changes the attack surface.

      114 Managed cloud services exist because the service is less expensive for each customer than creating the same services for themselves in a traditional environment. What is the technology that creates most of the cost savings in the cloud environment?EmulationSecure remote accessCrypto-shreddingVirtualization

      115 Managed cloud services exist because the service is less expensive for each customer than creating the same services for themselves in a traditional environment. From the customer perspective, most of the cost differential created between the traditional environment and the cloud through virtualization is achieved by removing ___________________.External risksInternal risksRegulatory complianceSunk capital investment

      116 Managed cloud services exist because the service is less expensive for each customer than creating the same services for themselves in a traditional environment. Using a managed service allows the customer to realize significant cost savings through the reduction of ___________________.RiskSecurity controlsPersonnelData

      117 Which of the following is a risk posed by the use of virtualization?Internal threats interrupting service through physical accidents (spilling drinks, tripping over cables, etc.)The ease of transporting stolen virtual machine imagesIncreased susceptibility of virtual systems to malwareElectromagnetic pulse

      118 The tasks performed by the hypervisor in the virtual environment can be most likened to the tasks of the ___________________ in the traditional environment.Central processing unit (CPU)Security teamOperating system (OS)Pretty Good Privacy (PGP)

      119 Mass storage in the cloud will most likely currently involve ___________________.Spinning plattersTape drivesMagnetic disksSolid-state drives (SSDs)

      120 What is the type of cloud storage arrangement that involves the use of associating metadata with the saved data?VolumeBlockObjectRedundant

      121 According to the NIST Cloud Computing Reference Architecture, which of the following is most likely a cloud carrier?Amazon Web ServicesNetflixVerizonNessus

      122 Resolving resource contentions in the cloud will most likely be the job of the ___________________.RouterEmulatorRegulatorHypervisor

      123 Security controls installed on a guest virtual machine operating system (VM OS) will not function when ___________________.The user is accessing the VM remotelyThe OS is not scanned for vulnerabilitiesThe OS is not subject to version controlThe VM is not active while in storage

      124 Typically, SSDs are ___________________.More expensive than spinning plattersLarger than tape backupHeavier than tape librariesMore subject to malware than legacy drives

      125 Typically, SSDs are ___________________.Harder to install than magnetic memoryFaster than magnetic drivesHarder to administer than tape librariesMore likely to fail than spinning platters

      126 Typically, SSDs are ___________________.Impossible to destroy physicallyNot vulnerable to degaussingSubject to a longer warrantyProtected by international trade laws

      127 Of the following control techniques/solutions, which can be combined to enhance the protections offered by each?Fences/firewallsAsset inventories/personnel trainingData dispersion/encryptionIntrusion prevention solutions/intrusion detection solutions

      128 Of the following control techniques/solutions, which can be combined to enhance the protections offered by each?Razor tape/background checksLeast privilege/generatorsDLP/DRMPersonnel badging/secure baselines

      129 Risk assessment is the responsibility of ___________________.Companies offering managed cloud servicesRegulatory bodiesEvery organizationLegislative entities

      130 Which entity can best aid the organization in avoiding vendor lock-in?Senior managementThe IT security officeGeneral counselThe cloud security representative

      131 Perhaps the best method for avoiding vendor lock-out is also a means for enhancing BC/DR capabilities. This is ___________________.Having a warm site within 250 miles of the primary production environmentUsing one cloud provider for primary production and another for backup purposesBuilding a data center above the flood plainCross-training all personnel

      132 ___________________ can often be the result of inadvertent activity.DDoSPhishingSprawlDisasters

      133 Of the following, which is probably the most significant risk in a managed cloud environment?DDoSManagement plane breachGuest escapePhysical attack on the utility service lines

      134 What is the optimal number of entrances to the cloud data center campus?OneTwoThreeFour

      135 The cloud data center campus physical access point should include all of the following except ___________________.Reception areaVideo surveillanceBadging procedureMantrap structures

      136 Where should multiple egress points be included?At the power distribution substationWithin the data centerIn every building on the campusIn the security operations center

      137 Which of the following is a risk in the cloud environment that does not exist or is not as prevalent in the traditional environment?DDoSIsolation failureExternal attackInternal attack

      138 All security controls necessarily ___________________.Are expensiveDegrade performanceRequire senior management approvalWill work in the cloud environment as well as they worked in the traditional environment

      139 Which of the following is a risk in the cloud environment that does not exist or is not as prevalent in the traditional environment?Legal liability in multiple jurisdictionsLoss of productivity due to DDoSAbility of users to gain access to their physical workplaceFire

      140 Which of the following is a risk in the cloud

Скачать книгу