Cyber Security Cloud Security 3

Question 1

What is container image scanning used to detect in DevSecOps?

Accepted Answer

Known vulnerabilities in OS packages and libraries within container images

Answer

Container image scanning identifies CVEs in base images and installed packages before containers are deployed to production.

Question 2

What does Zero Trust Architecture assume about network traffic?

Accepted Answer

No user or system is trusted by default, regardless of network location

Answer

Zero Trust assumes breach and requires continuous verification of every user and device, regardless of whether they are inside the network perimeter.

Question 3

What is a cloud workload protection platform (CWPP) designed to secure?

Accepted Answer

Servers, containers, and serverless functions running in cloud environments

Answer

CWPP provides runtime protection and vulnerability management for cloud workloads including VMs, containers, and serverless functions.

Question 4

What is the key benefit of encrypting data at rest in cloud storage?

Accepted Answer

It protects data from unauthorized access if storage media is compromised or misconfigured

Answer

Encrypting data at rest ensures that even if storage is improperly accessed, the data remains unreadable without the encryption key.

Question 5

What does a cloud DLP (Data Loss Prevention) tool help prevent?

Accepted Answer

Unauthorized exfiltration of sensitive data from cloud environments

Answer

Cloud DLP identifies and protects sensitive data by monitoring for and preventing unauthorized sharing or exfiltration.

Cyber Security Practice Test