Q1. What is the term that describes the mechanism that facilitates the interconnection between infrastructure and other supporting technologies, applications, and data?
Q1. What is the term that describes the mechanism that facilitates the interconnection between infrastructure and other supporting technologies, applications, and data?
A. Metastructure
B. Infostructure
C. Abstraction
D. Automation
A. MetastructureB. InfostructureC. AbstractionD. Automation
As explained, Metastructure is the layer that provides an interface between the infrastructure layer and the other layers.
As explained, Metastructure is the layer that provides an interface between the infrastructure layer and the other layers.
Correct Answer. A
Correct Answer. A
Q2. A workload can be described as a unit of processing in the cloud. Workloads consume memory and run on a processor somewhere in the cloud. Which among the following cannot be identified as a workload in the cloud?
Q2. A workload can be described as a unit of processing in the cloud. Workloads consume memory and run on a processor somewhere in the cloud. Which among the following cannot be identified as a workload in the cloud?
A. Logic procedures
B. Containers
C. Virtual Machines
D. Hyper V
A. Logic proceduresB. ContainersC. Virtual Machines D. Hyper V
Hyper V is a hardware virtualization product. It lets you run virtual machines on a computer. It is not a cloud workload.
Hyper V is a hardware virtualization product. It lets you run virtual machines on a computer. It is not a cloud workload.
Correct Answer. D
Correct Answer. D
Q3. An immutable workload in the cloud is something where changes cannot be made to the running workload. Which of the following is a security benefit of immutable workloads?
Q3. An immutable workload in the cloud is something where changes cannot be made to the running workload. Which of the following is a security benefit of immutable workloads?
A. Easy to patch
B. Much faster to roll out
updated versions of workloads
C. No need for security testing
as changes cannot be made
D. No need for managing a
service catalogue for images
A. Easy to patchB. Much faster to roll out updated versions of workloadsC. No need for security testing as changes cannot be madeD. No need for managing a service catalogue for images
Immutable workloads are much faster to roll out updated versions of workloads, as administrators need not worry about application inconsistencies, patching errors, etc.
Immutable workloads are much faster to roll out updated versions of workloads, as administrators need not worry about application inconsistencies, patching errors, etc.
Correct Answer. B
Correct Answer. B
Q4. You are the data security officer for a software company. You are creating the blueprint for protecting data in the cloud. Which of the following controls/processes can you skip in this blueprint?
Q4. You are the data security officer for a software company. You are creating the blueprint for protecting data in the cloud. Which of the following controls/processes can you skip in this blueprint?
A. Access Control
B. Data Loss Prevention
C. Breach Notification
D. Monitoring and alerting
A. Access ControlB. Data Loss PreventionC. Breach NotificationD. Monitoring and alerting
Breach notification is a part of the risk, governance, and compliance. Hence, this can be skipped from the data security blueprint but should include risk, governance, and compliance controls.
Breach notification is a part of the risk, governance, and compliance. Hence, this can be skipped from the data security blueprint but should include risk, governance, and compliance controls.
Correct Answer. C
Correct Answer. C
Q5. You are the data security officer for a software company. You are designing the controls for information lifecycle management in the cloud. Which of the following is a relevant control for this phase?
Q5. You are the data security officer for a software company. You are designing the controls for information lifecycle management in the cloud. Which of the following is a relevant control for this phase?
A. Encryption
B. Enterprise rights
management
C. Managing data location/
residency
D. Data backup
A. EncryptionB. Enterprise rights managementC. Managing data location/residencyD. Data backup
Managing data residency is part of information life cycle management. This includes creating provisions for storing data in different geographies as per local law and other regulatory requirements
Managing data residency is part of information life cycle management. This includes creating provisions for storing data in different geographies as per local law and other regulatory requirements
Correct Answer. C
Correct Answer. C
A6. You are the data security officer for a software company. You have to choose an encryption algorithm suitable for the long-term storage of data. Which of the following is the correct choice?
A6. You are the data security officer for a software company. You have to choose an encryption algorithm suitable for the long-term storage of data. Which of the following is the correct choice?
A. Homomorphic encryption
B. RSA Algorithm
C. AES 256
D. SHA 256
A. Homomorphic encryptionB. RSA AlgorithmC. AES 256D. SHA 256
AES 256 is the most suitable choice for encrypting data in long-term storage. It is faster and requires moderate memory to encrypt/decrypt data and provides excellent security.
AES 256 is the most suitable choice for encrypting data in long-term storage. It is faster and requires moderate memory to encrypt/decrypt data and provides excellent security.
Correct Answer. C
Correct Answer. C
Q7.Which of the following is a framework for Secure Software Development Lifecycle (SSDLC)?
Q7.Which of the following is a framework for Secure Software Development Lifecycle (SSDLC)?
A. NIST SP 800-218
B. ISO/IEC 15408
3C NIST 800-55
D. NIST SP 800-53