Cloud Computing Multiple Choice Questions on “Security Data”.
1. Which of the following is a compliance standard?
a) PCI-DSS
b) HIPPA
c) GLBA
d) All of the mentioned
Answer: d
Clarification: A compliance standard can be any government regulatory framework.
2. Point out the correct statement.
a) The cloud service model you choose does not determine the variety of security features, compliance auditing, and other requirements
b) To determine the particular security mechanisms you need, you must perform a mapping of the particular cloud service model to the particular application you are deploying
c) A security control model includes the security that you normally use for your applications only
d) All of the mentioned
Answer: b
Clarification: These mechanisms must be supported by the various controls that are provided by your service provider, your organization, or a third party.
3. Which of the following is a key mechanism for protecting data?
a) Access control
b) Auditing
c) Authentication
d) All of the mentioned
Answer: d
Clarification: Whatever service model you choose should have mechanisms operating in all above mentioned areas that meet your security requirements.
4. How many security accounts per client is provided by Microsoft?
a) 1
b) 3
c) 5
d) 7
Answer: c
Clarification: On Amazon Web Service, you can create multiple keys and rotate those keys during different sessions.
5. Point out the wrong statement.
a) Securing data sent to, received from, and stored in the cloud is the single largest security concern
b) The problem with the data you store in the cloud is that it can be located anywhere in the cloud service provider’s system
c) One and only approach to isolating storage in the cloud from direct client access is to create layered access to the data
d) All of the mentioned
Answer: c
Clarification: The location of the proxy and the broker is not important.
6. Which of the following are a common means for losing encrypted data?
a) lose the keys
b) lose the encryption standard
c) lose the account
d) all of the mentioned
Answer: a
Clarification: Keys should have a defined life cycle.
7. Which of the following is the standard for interoperable cloud-based key management?
a) KMIP
b) PMIK
c) AIMK
d) None of the mentioned
Answer: a
Clarification: KMIP stands for Key Management Interoperability Protocol.
8. Which of the following was one of the weaker aspects of early cloud computing service offerings?
a) Logging
b) Integrity checking
c) Consistency checking
d) None of the mentioned
Answer: a
Clarification: Cloud service providers often have proprietary log formats.
9. Which of the following is one of the most actively developing and important areas of cloud computing technology?
a) Logging
b) Auditing
c) Regulatory compliance
d) None of the mentioned
Answer: c
Clarification: For any company with clients in multiple countries, the burden of regulatory compliance is onerous.
10. Amazon Web Services supports ________ Type II Audits.
a) SAS70
b) SAS20
c) SAS702
d) None of the mentioned
Answer: a
Clarification: Becoming a cloud service provider requires a large investment.