What process is used within a cloud environment to maintain resource balancing and ensure that resources are available where and when needed?
What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?
Other than cost savings realized due to measured service, what is another facet of cloud computing that will typically save substantial costs in time and money for an organization in the event of a disaster?
What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?
Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?
Which of the following service categories entails the least amount of support needed on the part of the cloud customer?
Which of the following threat types can occur when an application does not properly validate input and can be leveraged to send users to malicious sites that appear to be legitimate?
If you're using iSCSI in a cloud environment, what must come from an external protocol or application?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
What type of masking strategy involves making a separate and distinct copy of data with masking in place?
Which of the following roles is responsible for obtaining new customers and securing contracts and agreements?
Which of the following attempts to establish an international standard for eDiscovery processes and best practices?
Which of the following is the optimal humidity level for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and Air Conditioning Engineers (ASHRAE)?
Which of the following APIs are most commonly used within a cloud environment?
Which of the following roles involves the connection and integration of existing systems and services to a cloud environment?
When is a virtual machine susceptible to attacks while a physical server in the same state would not be?
Which of the following roles is responsible for overseeing customer relationships and the processing of financial transactions?
What is the biggest negative to leasing space in a data center versus building or maintain your own?
Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?
Which of the following roles is responsible for gathering metrics on cloud services and managing cloud deployments and the deployment processes?
Which of the following roles involves the provisioning and delivery of cloud services?
What is an experimental technology that is intended to create the possibility of processing encrypted data without having to decrypt it first?
During the course of an audit, which of the following would NOT be an input into the control requirements used as part of a gap analysis.
Data masking can be used to provide all of the following functionality, except:
The different cloud service models have varying levels of responsibilities for functions and operations depending with the model's level of service.
In which of the following models would the responsibility for patching lie predominantly with the cloud customer?
When a system needs to be exposed to the public Internet, what type of secure system would be used to perform only the desired operations?
There are many situations when testing a BCDR plan is appropriate or mandated.
Which of the following would not be a necessary time to test a BCDR plan?
What is the intellectual property protection for the tangible expression of a creative idea?
Which component of ITIL involves the creation of an RFC ticket and obtaining official approvals for it?
Gathering business requirements can aid the organization in determining all of this information about organizational assets, except:
Cloud systems are increasingly used for BCDR solutions for organizations.
What aspect of cloud computing makes their use for BCDR the most attractive?
Which kind of SSAE audit report is most beneficial for a cloud customer, even though it’s unlikely the cloud provider will share it?
Which of the following types of data would fall under data rights management (DRM) rather than information rights management (IRM)?
What type of masking would you employ to produce a separate data set for testing purposes based on production data without any sensitive information?
In a federated identity arrangement using a trusted third-party model, who is the identity provider and who is the relying party?
Which of the following roles is responsible for creating cloud components and the testing and validation of services?
Key maintenance and security are paramount within a cloud environment due to the widespread use of encryption for both data and transmissions.
Which of the following key-management systems would provide the most robust control over and ownership of the key-management processes for the cloud customer?
On large distributed systems with pooled resources, cloud computing relies on extensive orchestration to maintain the environment and the constant provisioning of resources.
Which of the following is crucial to the orchestration and automation of networking resources within a cloud?
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?
Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?
Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?
Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?
Which of the cloud cross-cutting aspects relates to the requirements placed on the cloud provider by the cloud customer for minimum performance standards and requirements that must be met?
Which of the following service capabilities gives the cloud customer the most control over resources and configurations?
Which of the cloud deployment models offers the easiest initial setup and access for the cloud customer?
Different certifications and standards take different approaches to data center design and operations. Although many traditional approaches use a tiered methodology, which of the following utilizes a macro-level approach to data center design?
Which cloud storage type is typically used to house virtual machine images that are used throughout the environment?
Which of the following threat types can occur when baselines are not appropriately applied or when unauthorized changes are made?
Where is a DLP solution generally installed when utilized for monitoring data in transit?
Which cloud storage type resembles a virtual hard drive and can be utilized in the same manner and with the same type of features and capabilities?
Which of the following threat types involves leveraging a user's browser to send untrusted data to be executed with legitimate access via the user’s valid credentials?
Which of the following roles would be responsible for managing memberships in federations and the use and integration of federated services?
Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?
Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?
Which one of the following threat types to applications and services involves the sending of requests that are invalid and manipulated through a user's client to execute commands on the application under the user's own credentials?
Although the REST API supports a wide variety of data formats for communications and exchange, which data formats are the most commonly used?
With IaaS, what is responsible for handling the security and control over the volume storage space?
What is a serious complication an organization faces from the compliance perspective with international operations?
Which data state would be most likely to use TLS as a protection mechanism?
Data center and operations design traditionally takes a tiered, topological approach.
Which of the following standards is focused on that approach and is prevalently used throughout the industry?
If a company needed to guarantee through contract and SLAs that a cloud provider would always have available sufficient resources to start their services and provide a certain level of provisioning, what would the contract need to refer to?
During which phase of the cloud data lifecycle is it possible for the classification of data to change?
Which of the following is NOT one of the main intended goals of a DLP solution?