8

Question 1

A cloud deployment model consisting of two or more interlinked cloud infrastructures (private, community, or public) is referred to as a hybrid cloud.

Answer 1

True

Question 2

Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel?

Answer 2

** MSP **

A managed service provider (MSP) is a third-party company that remotely manages a customer’s information technology (IT) infrastructure and end-user systems

Question 3

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer)

Answer 3

** MSSP **

A managed security service provider (MSSP) offers network security services to an organization.

Question 4

The term “Fog computing” refers to a local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing.

Answer 4

** True **

Fog computing is a term for technology that extends cloud computing and services to the edge of an enterprise’s network. It allows data, applications, and other resources to be moved closer to, or even on top of, end users

Question 5

Which of the following solutions would be best suited for situations where response time in data processing is of critical importance?

Answer 5

** Edge computing **

Edge computing is a distributed computing framework that brings enterprise applications closer to data sources such as IoT devices or local edge servers. This proximity to data at its source can deliver strong business benefits, including faster insights, improved response times and better bandwidth availability.

Question 6

Which of the following devices best illustrates the concept of edge computing?

Answer 6

Smartwatch

Question 7

In client-server model, the term “Thin client” refers to a networked computer equipped with the minimum amount of hardware and software components. As opposed to thick client, which runs applications locally from its own hard drive, thin client relies on network resources provided by a remote server performing most of the data processing and storage functions.

Answer 7

True

Question 8

Which of the following terms refers to the concept of virtualization on an application level?

Answer 8

Containerization

Question 9

In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.

Answer 9

True

Question 10

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers)

Answer 10

** SDV **
Software-Defined Visibility is to a visibility infrastructure what Software- Defined Networking is to a network infrastructure. SDV combines the pervasive reach of visibility with an automation framework. In an SDN infrastructure, network switches and routers form the physical network or the Layer 2-3 data plane.

***  SDN  *** Software-defined networking technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, in a manner more akin to cloud computing than to traditional network management.

Question 11

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to:

Answer 11

** VPC **

A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider.

Question 12

The term “VM sprawl” is used to describe a situation in which large number of deployed virtual machines lack proper administrative controls.

Answer 12

** True **

Virtualization sprawl is a phenomenon that occurs when the number of virtual machines (VMs) on a network reaches a point where administrators can no longer manage them effectively

Question 13

The term “VM escape” refers to the process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

Answer 13

** True **

Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor

Question 14

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

Answer 14

Usage audit

Asset documentation

Question 15

What are the countermeasures against VM escape? (Select 2 answers)

Answer 15

Sandboxing

Patch management

Question 16

Which programming aspects are critical for secure application development process? (Select 2 answers)

Answer 16

Input validation
Error and exception handling

Question 17

The process of removing redundant entries from a database is known as:

Answer 17

Normalization

Question 18

What are the countermeasures against SQL injection attacks? (Select 2 answers)

Answer 18

Stored procedures

Input validation

Question 19

Code obfuscation techniques rely on encryption to protect the source code against unauthorized access.

Answer 19

** False **

Question 20

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Answer 20

Dead code

Question 21

In web application programming, the term “Backend” typically refers to the part of a computer system or application that is not directly accessed by the user (for example a web server). On the opposite side, “Frontend” means software that can be accessed by the user locally (an example of this would be user’s web browser). Code execution and input validation that take place in the backend are referred to as server-side operations, the frontend equivalent of this is known as client-side operations.

Answer 21

** True **

Question 22

A collection of commonly used programming functions designed to speed up software development process is known as:

Answer 22

Library

Question 23

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?

Answer 23

** SDK **

A software development kit is a collection of software development tools in one installable package. They facilitate the creation of applications by having a compiler, debugger and sometimes a software framework. They are normally specific to a hardware platform and operating system combination

Question 24

Which of the following terms refers to a nonprofit organization focused on software security?

Answer 24

** OWASP **

The Open Worldwide Application Security Project is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation.

Question 25

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into a binary executable file is referred to as

Answer 25

Compiled code