_____ drive security decisions.
business requirements
All of these are reasons because of which an organization may want to consider cloud
... [Show More] migration, except:
Elimination of risks
The generally accepted definition of cloud computing includes all of the following characteristics except:
negating the need for backups
When a cloud customer uploads PII to a cloud provider, who becomes ultimately responsible for the security of that PII?
cloud customer
We use which of the following to determine the critical paths, processes, and assets of an organization?
BIA
If a service or solution does not meet all of the specified key characteristics listed below, it is said to be not true cloud computing. Please select the valid cloud computing characteristics out of the terms identified below.
Each correct answer represents a complete solution. Choose all that apply.
On-demand self-service
Broad network access
Resource pooling
measured service
All of these technologies have made cloud service viable except:
smart hubs
The cloud deployment model that features organizational ownership of the hardware and infrastructure, and usage only by members of that organization, is known as:
private
The cloud deployment model that features ownership by a cloud provider, with services offered to anyone who wants to subscribe, is known as:
Public
The cloud deployment model that features joint ownership of assets among an affinity group is known as:
Community
If a cloud customer wants a secure, isolated sandbox in order to conduct software development and testing, which cloud service model would probably be best?
PaaS
If a cloud customer wants a fully-operational environment with very little maintenance or administration necessary, which cloud service model would probably be best?
SaaS
If a cloud customer wants a bare-bones environment in which to replicate their own enterprise for BC/DR purposes, which cloud service model would probably be best?
IaaS
Which of the following is not a common cloud service model?
Programming as a Service
Cloud Access Security Brokers (CASBs) might offer all the following services EXCEPT:
BC / DR / COOP
If a cloud customer cannot get access to the cloud provider, this affects what portion of the CIA triad?
Availability
All of the following can result in vendor lock-in except:
Statutory compliance
The risk that a cloud provider might go out of business and the cloud customer might not be able to recover data is known as:
vendor lock-out
All of these are features of cloud computing except:
Reversed charging configuration
Cloud vendors are held to contractual obligations with specified metrics by:
SLAs
Gathering business requirements can aid the organization in determining all of this information about organizational assets, except:
Usefulness
The BIA can be used to provide information about all of the following, except:
Secure Acquisition
Risk appetite for an organization is determined by which of the following?
Senior management
What is the risk left over after controls and countermeasures are put in place?
Residual
All the following are ways of addressing risk, except:
Reversal
Which of the following best describes risk?
The likelihood that a threat will exploit a vulnerability
In which cloud service model is the customer required to maintain the OS?
IaaS
In which cloud service model is the customer required to maintain and update only the applications?
PaaS
In which cloud service model is the customer only responsible for the data?
SaaS
The cloud customer and provider negotiate their respective responsibilities and rights regarding the capabilities and data of the cloud service. Where is the eventual agreement codified?
Contract
In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type?
All of These
(Technological, Physical, Administrative) [Show Less]