Certificate of Cloud Security Knowledge v5 v1.0

Page:    1 / 8   
Exam contains 109 questions
Expand All

How does artificial intelligence pose both opportunities and risks in cloud security?

  • A. AI is only beneficial in data management, not security
  • B. AI enhances detection mechanisms but could be exploited for sophisticated attacks
  • C. AI mainly reduces manual work with no significant security impacts
  • D. AI enhances security without any adverse implications


Answer : B

Which Cloud Service Provider (CSP) security measure is primarily used to filter and monitor HTTP requests to protect against SQL injection and XSS attacks?

  • A. CSP firewall
  • B. Virtual Appliance
  • C. Web Application Firewall (WAF)
  • D. Intrusion Detection System (IDS)


Answer : C

In the context of cloud workload security, which feature directly contributes to enhanced performance and resource utilization without incurring excess costs?

  • A. Fixed resource allocations
  • B. Unlimited data storage capacity
  • C. Increased on-premise hardware
  • D. Elasticity of cloud resources


Answer : D

Why is consulting with stakeholders important for ensuring cloud security strategy alignment?

  • A. It simplifies the cloud platform selection process.
  • B. It reduces the overall cost of cloud services.
  • C. It ensures that the strategy meets diverse business requirements.
  • D. It ensures compliance with technical standards only.


Answer : C

Why is governance crucial in balancing the speed of adoption with risk control in cybersecurity initiatives?

  • A. Only involves senior management in decision-making
  • B. Speeds up project execution irrespective of and focuses on systemic risk
  • C. Ensures adequate risk management while allowing innovation
  • D. Ensures alignment between global compliance standards


Answer : C

Which of the following best describes the shift-left approach in software development?

  • A. Relies only on automated security testing tools
  • B. Emphasizes post-deployment security audits
  • C. Focuses on security only during the testing phase
  • D. Integrates security early in the development process


Answer : D

In the context of cloud security, what is the primary benefit of implementing Identity and Access Management (IAM) with attributes and user context for access decisions?

  • A. Simplifies regulatory compliance by using a single sign-on mechanism.
  • B. Reduces log analysis requirements
  • C. Enhances security by supporting authorizations based on the current context and status
  • D. These are required for proper implementation of RBAC


Answer : C

Which aspect of cloud architecture ensures that a system can handle growing amounts of work efficiently?

  • A. Scalability
  • B. Security
  • C. Reliability
  • D. Performance


Answer : A

What is the primary role of Identity and Access Management (IAM)?

  • A. To encrypt data at rest and in transit
  • B. Ensure only authorized entities access resources
  • C. To monitor and log all user activities and traffic
  • D. Ensure all users have the same level of access


Answer : B

Which Identity and Access Management (IAM) principle focuses on implementing multiple security layers to dilute access power, thereby averting a misuse or compromise?

  • A. Continuous Monitoring
  • B. Federation
  • C. Segregation of Duties
  • D. Principle of Least Privilege


Answer : C

What is the primary purpose of the CSA Security, Trust, Assurance and Risk (STAR) Registry?

  • A. To manage data residency and localization requirements
  • B. To document security and privacy controls of cloud offerings
  • C. To certify cloud services for regulatory compliance
  • D. To provide cloud service rate comparisons


Answer : B

What is a key characteristic of serverless functions in terms of execution environment?

  • A. They need continuous monitoring by the user
  • B. They run on dedicated long-running instances
  • C. They require pre-allocated server space
  • D. They are executed in isolated, ephemeral environments


Answer : D

What key activities are part of the preparation phase in incident response planning?

  • A. Implementing encryption and access controls
  • B. Establishing a response process, training, communication plans, and infrastructure evaluations
  • C. Creating incident reports and post-incident reviews
  • D. Developing malware analysis procedures and penetration testing


Answer : B

In a containerized environment, what is fundamental to ensuring runtime protection for deployed containers?

  • A. Deploying container-specific antivirus scanning
  • B. Full packet network monitoring
  • C. Using static code analysis tools in the pipeline
  • D. Implementing real-time visibility


Answer : D

Which concept focuses on maintaining the same configuration for all infrastructure components, ensuring they do not change once deployed?

  • A. Infrastructure as code
  • B. Application integration
  • C. Component credentials
  • D. Immutable infrastructure


Answer : D

Page:    1 / 8   
Exam contains 109 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy