Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

CCM: The Cloud Service Delivery Model Applicability column in the CCM indicates the applicability of the cloud security control to which of the following elements?

A.

Mappings to well-known standards and frameworks

B.

Service Provider or Tenant/Consumer

C.

Physical, Network, Compute, Storage, Application or Data

D.

SaaS, PaaS or IaaS

Full Access
Question # 5

CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in

their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?

A.

Policies and procedures shall be established for managing the risks associated with applying changes to business-critical or customer (tenant)-impacting (physical and virtual) applications and system-

system interface (API) designs and configurations, infrastructure network and systems components.

B.

Policies and procedures shall be established, and supporting business processes and technical measures implemented, to restrict the installation of unauthorized software on organizationally-owned or

managed user end-point devices (e.g. issued workstations, laptops, and mobile devices) and IT infrastructure network and systems components.

C.

All cloud-based services used by the company's mobile devices or BYOD shall be pre-approved for usage and the storage of company business data.

D.

None of the above

Full Access
Question # 6

Cloud services exhibit five essential characteristics that demonstrate their relation to, and differences from, traditional computing approaches. Which one of the five characteristics is described as: a consumer can unilaterally provision computing capabilities such as server time and network storage as needed.

A.

Rapid elasticity

B.

Resource pooling

C.

Broad network access

D.

Measured service

E.

On-demand self-service

Full Access
Question # 7

Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

A.

Platform-as-a-service (PaaS)

B.

Desktop-as-a-service (DaaS)

C.

Infrastructure-as-a-service (IaaS)

D.

Identity-as-a-service (IDaaS)

E.

Software-as-a-service (SaaS)

Full Access
Question # 8

What is true of searching data across cloud environments?

A.

You might not have the ability or administrative rights to search or access all hosted data.

B.

The cloud provider must conduct the search with the full administrative controls.

C.

All cloud-hosted email accounts are easily searchable.

D.

Search and discovery time is always factored into a contract between the consumer and provider.

E.

You can easily search across your environment using any E-Discovery tool.

Full Access
Question # 9

CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?

A.

Service Provider or Tenant/Consumer

B.

Physical, Network, Compute, Storage, Application or Data

C.

SaaS, PaaS or IaaS

Full Access
Question # 10

How can key management be leveraged to prevent cloud providers from inappropriately accessing customer data?

A.

Use strong multi-factor authentication

B.

Secure backup processes for key management systems

C.

Segregate keys from the provider hosting data

D.

Stipulate encryption in contract language

E.

Select cloud providers within the same country as customer

Full Access
Question # 11

Containers are highly portable code execution environments.

A.

False

B.

True

Full Access
Question # 12

Which governance domain deals with evaluating how cloud computing affects compliance with internal

security policies and various legal requirements, such as regulatory and legislative?

A.

Legal Issues: Contracts and Electronic Discovery

B.

Infrastructure Security

C.

Compliance and Audit Management

D.

Information Governance

E.

Governance and Enterprise Risk Management

Full Access
Question # 13

CCM: A company wants to use the IaaS offering of some CSP. Which of the following options for using CCM is NOT suitable for the company as a cloud customer?

A.

Submit the CCM on behalf of the CSP to CSA Security, Trust & Assurance Registry (STAR), a free, publicly accessible registry that documents the security controls provided by CSPs

B.

Use CCM to build a detailed list of requirements and controls that they want their CSP to implement

C.

Use CCM to help assess the risk associated with the CSP

D.

None of the above

Full Access
Question # 14

Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?

A.

Access control

B.

Federated Identity Management

C.

Authoritative source

D.

Entitlement

E.

Authentication

Full Access
Question # 15

What is the most significant security difference between traditional infrastructure and cloud computing?

A.

Management plane

B.

Intrusion detection options

C.

Secondary authentication factors

D.

Network access points

E.

Mobile security configuration options

Full Access
Question # 16

What is a potential concern of using Security-as-a-Service (SecaaS)?

A.

Lack of visibility

B.

Deployment flexibility

C.

Scaling and costs

D.

Intelligence sharing

E.

Insulation of clients

Full Access