FREE Certificate of Cloud Security Knowledge Fundamental Questions and Answers
For every multitenant network, the most important security control is:
Wrong!
The cloud provider is mostly responsible for creating secure network infrastructure and effectively configuring it. The absolute top security objective is network traffic segregation and isolation to prevent tenants from viewing each other’s traffic. This is the most basic level of security for any multi-tenant network.
Which of the following is a type of compliance inheritance in which the cloud provider’s infrastructure and services are audited under a compliance standard?
Wrong!
Many cloud providers are certified for different regulations and industry needs, such as PCI DSS, SOC1, SOC2, HIPAA, best practices/frameworks like CSA CCM, and global/regional regulations like the EU GDPR, which are frequently referred to as pass-through audits. A pass-through audit is a type of compliance inheritance. In this arrangement, all or portion of the cloud provider’s infrastructure and services are subjected to a compliance audit. The supplier is responsible for the fees and maintenance of these certifications.
Which of the following WAN virtualization technologies is used to establish networks that span numerous base networks?
Wrong!
Cloud overlay networks are a type of WAN virtualization technology that is used to create networks that span numerous “base” networks. An overlay network, for example, might cover physical and cloud locations or several cloud networks, possibly even on separate providers.
Consumers use which plane to launch virtual machines, configure virtual machines, or setup virtual networks?
Wrong!
In most situations, the APIs are both remotely accessible and wrapped in a web-based user experience. This combination is known as the cloud management plane because users use it to manage and configure cloud resources such as launching virtual machines (instances) or building virtual networks. From a security standpoint, it is both the most significant distinction from securing physical infrastructure (since physical access cannot be used as a control) and the top priority when building a cloud security program.
Which of the following best describes an individual’s request to have specific data removed so that third parties cannot trace them?
Wrong!
The right to be forgotten “reflects an individual’s claim to have certain data deleted so that third parties cannot trace them.”
Data Subjects’ Rights: Data subjects have the following rights regarding data processing: the right to object to certain uses of their personal data; the right to have their data corrected or erased; the right to be compensated for damages suffered as a result of unlawful processing; the right to be forgotten; and the right to data portability. These rights have a substantial impact on cloud service contracts.
Who is responsible for data collection and processing when a third party is entrusted to process data on its behalf?
Wrong!
When authorizing a third party (a data processor) to process data on its behalf, the data controller retains responsibility for the data’s collection and processing. The data controller is responsible for ensuring that such third parties implement suitable technological and organizational security measures to protect the data.
Which of the following cloud features enables clients to precisely match resource consumption with demand?
Wrong!
Rapid elasticity enables users to increase or decrease the resources they utilize from the pool (provisioning and de-provisioning), frequently fully automatically. This enables them to better match their resource consumption with demand (for example, adding virtual servers as demand rises and shutting them down as demand falls). (Alprazolam)