Review 14 Flashcards
(15 cards)
Which cloud security tool offers end to end security and continuous assessment?
Question options:
Qualys Cloud Perform
BlazeMeter
LoadStorm
Nexpose
Qualys Cloud Perform
During which cloud computing attack does the hacker trick a user with an active computer session into visiting a malicious website?
Question options:
Service hijacking through network sniffing
Wrapping attack
Session hijacking through session riding
Domain snipping
Session hijacking through session riding
During which cloud computing attack is the attacker’s intent to discover and then use sensitive data such as passwords, session cookies, and other security configurations such as UDDI, SOAP, and WSDL?
Question options:
Session hijacking through session riding
Wrapping attack
Service hijacking through network sniffing
Domain snipping
Service hijacking through network sniffing
Which cloud security control layer involves all administrative tasks to promote continued, uninterrupted, and effective services?
Question options:
Management
Information
Trusted Computing
Application
Management
Which cloud security control layer involves putting in place policies that comply with industry standards such as Open Worldwide Application Security Project (OWASP)?
Question options:
Trusted Computing
Management
Information
Application
Application
Which of the following is NOT a way that cloud computing service providers reduce the risk of security breaches?
Question options:
Provide a way to reliably authenticate all users who access the service and allow users to access only the applications and data that they need.
Verify, test, and apply updates to the infrastructure.
Probe for security holes with a third-party service provider.
Disseminate each organization’s centrally stored data.
Disseminate each organization’s centrally stored data.
Which of the following cloud security controls makes the system more difficult to attack and, therefore, decreases attacks?
Question options:
Corrective
Preventive
Detective
Deterrent
Deterrent
Which cloud service model features non-multi-tenancy?
Question options:
Hybrid
Private
Public
Community
Private
Which of the following is NOT an advantage of Cloud Computing?
Question options:
Self-service provisioning of resources
Conformity
Metering of services
Ease of use
Conformity
Which cloud service allows for easier onboarding, offboarding?
Question options:
Desktop as a Service (DaaS)
Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Desktop as a Service (DaaS)
Which cloud service is by far the most used model?
Question options:
Infrastructure as a Service (IaaS)
Desktop as a Service (DaaS)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
During which cloud computing attack does the hacker trick a user with an active computer session into visiting a malicious website?
Question options:
Domain snipping
Service hijacking through network sniffing
Session hijacking through session riding
Wrapping attack
Session hijacking through session riding
The internet of things is a natural extension of __________.
Question options:
Cloud computing
Real-time networks
Trusted computing
SCADA
SCADA
Which cloud service is an integral part of cloud DevOps?
Question options:
Desktop as a Service (DaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Which cloud service is similar to hardware on premises?
Question options:
Software as a Service (SaaS)
Platform as a Service (PaaS)
Desktop as a Service (DaaS)
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS)
