"Which phase of the cloud data lifecycle allows both read and process functions to be performed?
(A) Share
(B) Store
(C) Create
(D) Archive" -
... [Show More] answer Create
"Which phase of the cloud data security lifecycle typically occurs simultaneously with creation?
(A) Use
(B) Share
(C) Store
(D) Destroy" - answer Store
"Which phase of the cloud data life cycle uses content delivery networks?
(A) Share
(B) Create
(C) Destroy
(D) Archive" - answer Share
"Which phase of the cloud data life cycle is associated with crypto-shredding?
(A) Use
(B) Store
(C) Share
(D) Destroy" - answer Destroy
"Which cloud data storage architecture allows sensitive data to be replaced with unique identification symbols that retain all the essential information about the data without compromising its security?
(A) Obfuscation
(B) Tokenization
(C) Anonymization
(D) Randomization" - answer Tokenization
"Which methodology could cloud data storage utilize to encrypt all data associated in an infrastructure as a service (IaaS) deployment model?
(A) Sandbox encryption
(B) Client-side encryption
(C) Polymorphic encryption
(D) Whole-instance encryption" - answer Whole-instance encryption
"There is a threat to a banking cloud platform service. The developer needs to provide inclusion in a relational database that is seamless and readily searchable by search engine algorithms. Which platform as a service (PaaS) data type should be used?
(A) Structured
(B) Unstructured
(C) Long-term storage
(D) Short-term storage" - answer Structured
"Which platform as a service (PaaS) storage architecture should be used if an organization wants to store presentations, documents, and audio files?
(A) Block
(B) Object
(C) Distributed
(D) Relational database" - answer Object
"Which technique scrambles the content of data using a mathematical algorithm while keeping the structural arrangement of the data?
(A) Tokenization
(B) Dynamic masking
(C) Proxy-based encryption
(D) Format-preserving encryption" - answer Format-preserving encryption
"Which encryption technique connects the instance to the encryption instance that handles all crypto operations?
(A) Proxy
(B) Database
(C) Server-side
(D) Externally managed" - answer Proxy
"Which type of control should be used to implement custom controls that safeguard data?
(A) Application level
(B) Management plane
(C) Options for access
(D) Public and internal sharing" - answer Application level
"Which element is protected by an encryption system?
(A) Data
(B) Public key
(C) Ciphertext
(D) Management engine" - answer Data
"A cloud administrator recommends using tokenization as an alternative to protecting data without encryption. The administrator needs to make an authorized application request to access the data.
Which step should occur immediately before this action is taken?
(A) The application collects a token.
(B) The application stores the token.
(C) The tokenization server generates the token.
(D) The tokenization server returns the token to the application." - answer (B) The application stores the token
"A company has recently defined classification levels for its data. During which phase of the cloud data life cycle should this definition occur?
(A) Use
(B) Share
(C) Create
(D) Archive" - answer Create
"Which jurisdictional data protection includes dealing with the international transfer of data?
(A) Privacy regulation
(B) Financial modernization
(C) Sarbanes-Oxley act (SOX)
(D) Secure choice authorization (SCA)" - answer Privacy Regulation
"Which jurisdictional data protection controls the ways that Financial institutions deal with the private information of individuals? (A) Sarbanes-Oxley act (SOX)
(B) Gramm-Leach-Bliley act (GLBA)
(C) Stored communications act (SCA)
(D) Health insurance portability and accountability act (HIPAA)" - answer Gramm-Leach-Bliley act (GLBA)
"Which jurisdictional data protection safeguards protected health information (PHI)?
(A) Directive 95/46/EC
(B) Safe harbor regime
(C) Personal Data Protection Act of 2000
(D) Health Insurance Portability and Accountability Act (HIPAA)" - answer Health Insurance Portability and Accountability Act (HIPAA)
"How is the compliance of the cloud service provider's legal and regulatory requirements verified when securing personally identifiable information (PII) data in the cloud?
(A) E-discovery process
(B) Contractual agreements
(C) Researching data retention laws
(D) Third-party audits and attestations" - answer Third-party audits and attestations
"Which security strategy is associated with data rights management solutions?
(A) Static policy control
(B) Continuous auditing
(C) Unrestricted replication
(D) Limited documents type support" - answer Continuous auditing
"Who retains Final ownership for granting data access and permissions in a shared responsibility model?
(A) Analyst
(B) Manager
(C) Customer
(D) Developer" - answer Customer
"Which data retention solution should be applied to a file in order to reduce the data footprint by deleting fixed content and duplicate data?
(A) Saving
(B) Backup
(C) Caching
(D) Archiving" - answer Archiving
"Which data retention method is stored with a minimal amount of metadata storage with the content?
(A) File system
(B) Redundant array
(C) Block-based
(D) Object-based" - answer Block-based
"What is a key capability of security information and event management?
(A) Secure remote access
(B) Intrusion prevention capabilities
(C) Automatic remediation of issues
(D) Centralized collection of log data" - answer Centralized collection of log data
"Which data source provides auditability and traceability for event investigation as well as documentation?
(A) Storage files
(B) Packet capture
(C) Database tables
(D) Network interference" - answer Packet Capture
"Which data source provides auditability and traceability for event investigation as well as documentation?
(A) Database schema
(B) Ephemeral storage
(C) Network segmentation
(D) Virtualization platform logs" - answer Virtualization platform logs
"Which technology is used to manage identity access management by building trust relationships between organizations?
(A) Federation
(B) Single sign-on
(C) Biometric authentication
(D) Multifactor authentication" - answer Federation
"Which term describes the action of confirming identity access to an information system?
(A) Access
(B) Concept
(C) Coordination
(D) Authentication" - answer Authentication
"Which cloud computing tool is used to discover internal use of cloud services using various mechanisms such as network monitoring?
(A) Data loss prevention (DLP)
(B) Web application ?rewall (WAF)
(C) Content delivery network (CDN)
(D) Cloud access security broker (CASB)" - answer Cloud access security broker (CASB)
"Which cloud computing technology unlocks business value through digital and physical access to maps?
(A) Multitenancy
(B) Cloud application
(C) On-demand self-service
(D) Application programming interface" - answer Application Programming interface
"Which cloud computing tool may help detect data migrations to cloud services?
(A) Cloud data transfer
(B) Data loss prevention
(C) Cloud security gateways
(D) Uniform resource locator (URL) Filtering" - answer (B) Data loss prevention
"What is a key component of the infrastructure as a service (IaaS) cloud service model?
(A) High reliability and resilience
(B) Allows choice and reduces lock-in
(C) Ease of use and limited administration
(D) Supports multiple languages and frameworks" - answer High reliability and resilience
"What is a key capability of infrastructure as a service (IaaS)?
(A) Multiple hosting environments
(B) Hosted application management
(C) Converged network and IT capacity pool
(D) Leased application and software licensing" - answer Converged network and IT capacity pool
"Which option should an organization choose if there is a need to avoid software ownership?
(A) Software as a service (SaaS)
(B) Platform as a service (PaaS)
(C) Containers as a service (CaaS)
(D) Infrastructure as a service (IaaS)" - answer Software as a service (SaaS)
"Which cloud model offers access to a pool of fundamental IT resources such as computing, networking, or storage?
(A) Data
(B) Platform
(C) Application
(D) Infrastructure" - answer Infrastructure
"In which situation could cloud clients find it impossible to recover or access their own data if their cloud provider goes bankrupt?
(A) Multicloud
(B) Multitenant
(C) Vendor lock-in
(D) Vendor lock-out" - answer Vendor lock-out [Show Less]