NEW QUESTION 1
What is the major difference between authentication/authorization? Response:

• A. Code verification/code implementation
• B. Identity validation/access permission
• C. Inverse incantation/obverse instantiation
• D. User access/privileged access

Answer: B

NEW QUESTION 2
In general, a cloud BCDR solution will be ______ than a physical solution. Response:

• A. Slower
• B. Less expensive
• C. Larger
• D. More difficult to engineer

Answer: B

NEW QUESTION 3
Which of the following is not a security concern related to archiving data for long-term storage? Response:

• A. Long-term storage of the related cryptographic keys
• B. Format of the data
• C. Media the data resides on
• D. Underground depth of the storage facility

Answer: D

NEW QUESTION 4
Which of the following is a method for apportioning resources that involves setting maximum usage amounts for all tenants/customers within the environment?
Response:

• A. Reservations
• B. Shares
• C. Cancellations
• D. Limits

Answer: D

NEW QUESTION 5
TLS provides ______ and ______ for communications. Response:

• A. Privacy, security
• B. Security, optimization
• C. Privacy, integrity
• D. Enhancement, privacy

Answer: C

NEW QUESTION 6
______ is perhaps the main external factor driving IAM efforts. Response:

• A. Regulation
• B. Business need
• C. The evolving threat landscape
• D. Monetary value

Answer: A

NEW QUESTION 7
During which stage of the SDLC process should security be consulted and begin its initial involvement?

• A. Testing
• B. Design
• C. Development
• D. Requirement gathering

Answer: D

NEW QUESTION 8
Which of the following is perhaps the best method for reducing the risk of a specific application not delivering the proper level of functionality and performance when it is moved from the legacy environment into the cloud?
Response:

• A. Remove the application from the organization’s production environment, and replace it with something else.
• B. Negotiate and conduct a trial run in the cloud environment for that application before permanently migrating.
• C. Make sure the application is fully updated and patched according to all vendor specifications.
• D. Run the application in an emulator.

Answer: B

NEW QUESTION 9
At which phase of the SDLC process should security begin participating?

• A. Requirements gathering
• B. Requirements analysis
• C. Design
• D. Testing

Answer: A

NEW QUESTION 10
Which of the following data sanitation methods would be the MOST effective if you needed to securely remove data as quickly as possible in a cloud environment?
Response:

• A. Zeroing
• B. Cryptographic erasure
• C. Overwriting
• D. Degaussing

Answer: B

NEW QUESTION 11
The cloud deployment model that features joint ownership of assets among an affinity group is known as: Response:

• A. Private
• B. Public
• C. Hybrid
• D. Community

Answer: D

NEW QUESTION 12
The Cloud Security Alliance’s (CSA’s) Cloud Controls Matrix (CCM) addresses all the following security architecture elements except ______.
Response:

• A. Physical security
• B. IaaS
• C. Application security
• D. Business drivers

Answer: D

NEW QUESTION 13
With data in transit, which of the following will be the MOST major concern in order for a DLP solution to properly work?
Response:

• A. Scalability
• B. Encryption
• C. Redundancy
• D. Integrity

Answer: B

NEW QUESTION 14
Which ISO standard refers to addressing security risks in a supply chain?

• A. ISO 27001
• B. ISO/IEC 28000:2007
• C. ISO 18799
• D. ISO 31000:2009

Answer: B

NEW QUESTION 15
Different types of cloud deployment models use different types of storage from traditional data centers, along with many new types of software platforms for deploying applications and configurations. Which of the following is NOT a storage type used within a cloud environment?

• A. Docker
• B. Object
• C. Structured
• D. Volume

Answer: A

NEW QUESTION 16
According to OWASP recommendations, active software security testing should include all of the following except ______ .
Response:

• A. Session initiation testing
• B. Input validation testing
• C. Testing for error handling
• D. Testing for weak cryptography

Answer: A

NEW QUESTION 17
When a data center is configured such that the backs of the devices face each other and the ambient temperature in the work area is cool, it is called ______.
Response:

• A. Hot aisle containment
• B. Cold aisle containment
• C. Thermo-optimized
• D. HVAC modulated

Answer: A