Siedel Chapter 4 Review Questions

Question 1

What is the term we use to describe the general ease and efficiency of moving data from one cloud provider to another cloud provider or down from the cloud?

A. Mobility
B. Elasticity
C. Obfuscation
D. Portability

Answer 1

D. Portability

Explanation:
Elasticity is the name for the benefit of cloud computing where resources can be apportioned as necessary to meet customer demand. Obfuscation is a technique to hide full raw datasets, either from personnel who do not have a need to know or for use in testing.

Question 2

The various models generally available for cloud BC/DR activities include all of the following except _______

A. Private architecture, cloud backup
B. Cloud provider, backup from the same provider
C. Cloud provider, backup from another cloud provider
D. Cloud provider, backup from private provider

Answer 2

D. Cloud provider, backup from private provider

Explanation:
This is not a normal configuration and would not likely provide genuine benefit

Question 3

Countermeasures for protecting cloud operations against external attackers include all of the following except ___________

A. Continual monitoring for anomalous activity
B. Detailed and extensive background checks
C. Hardened devices and systems, including servers, hosts, hypervisors and virtual machines
D. Regular and detailed configuration/change management activities

Answer 3

B. Detailed and extensive background checks

Explanation:
Background checks are controls for attenuating potential threats from internal actors; external threats arent likely to submit background check

Question 4

All of the following are techniques to enhance the portability of cloud data in order to minimize the potential of vendor lock in except __________

A. Avoiding proprietary data formats
B. Using IRM and DLP solutions widely throughout the cloud operation
C. Ensuring there are no physical limitations to moving
D. Ensuring favorable contract terms to support portability

Answer 4

B. Using IRM and DLP solutions widely throughout the cloud operation

Explanation:
IRM and DLP are used for increased authentication/access control and egress monitoring respectively, and would actually decrease portability instead of enhancing it

Question 5

Which of the following is a technique used to attenuate risks to the cloud environment, resulting in loss or theft of a device used for remote access?

A. Remote kill switch
B. Dual control
C. Muddling
D. Safe harbor

Answer 5

A. Remote kill switch

Explanation:
Dual control is not useful for remote access devices because we would have to assign two people for every device, which would decrease efficiency and productivity. Safe harbor is a policy provision that allows for compliance through an alternative method rather than the primary instruction

Question 6

Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except _________

A. The cloud providers suppliers
B. The cloud providers vendors
C. The cloud providers utilities
D. The cloud providers resellers

Answer 6

D. The cloud providers resellers

Explanation:
The cloud providers resellers are a marketing and sales mechanism, not an operational dependency that could affect the security of a cloud customer

Question 7

When reviewing the BIA after a cloud migration, the organization should take into account new factors related to data breach impacts. One of these new factors is ________

A. Legal liability
B. Many stated have data breach notification laws
C. Breaches can cause the loss of proprietary data
D. Breaches can cause the loss of intellectual property

Answer 7

A. Legal liability

Explanation:
State notification laws and the loss of proprietary data/intellectual property preexisted the cloud; only the lack of ability to transfer liability is new

Question 8

The cloud customer will have the most control of their data and systems and the cloud provider will have the least amount of responsibility in which cloud computing arrangement?

A. IaaS
B. PaaS
C. SaaS
D. Community Cloud

Answer 8

A. IaaS

Explanation:
IaaS entails the cloud customer installing and maintaining the OS, programs and data; PaaS has the customer installing programs and data; in SaaS, the customer only uploads data

Question 9

After a cloud migration, the BIA should be updated to include a review of the new risks and impacts associated with cloud operations; this review should include an analysis of the possibility of vendor lock in/lock out. Analysis of this risk may not have to be performed as a new effort because a lot of the material that would be included is already available from which of the following?

A. NIST
B. The cloud provider
C. The cost benefit analysis the organization conducted when deciding on cloud migration
D. Open source providers

Answer 9

C. The cost benefit analysis the organization conducted when deciding on cloud migration

Explanation:
NIST offers many informative guides and standards but nothing specific to any one organization. The cloud provider will not have prepared an analysis of lock out/lock in potential.

Question 10

A poorly negotiated cloud service contract could result in all the following detrimental effects except _______

A. Vendor lock in
B. Malware
C. Unfavorable terms
D. Lack of necessary services

Answer 10

B. Malware

Explanation:
Malware risks and threats are not affected by the terms of the cloud contract

Question 11

All of the following are cloud computing risks in a multitenant environment except ______

A. Risk of loss/disclosure due to legal seizures\
B. Information bleed
C. DDoS
D. Escalation of privilege

Answer 11

C. DDoS

Explanation:
DoS/DDoS threats and risks are not unique to the multitenant architecture

Question 12

Countermeasures for protecting cloud operations against internal threats include all of the following except _____

A. Aggressive background checks
B. Hardened perimeter devices
C. Skills and knowledge testing
D. Extensive and comprehensive training programs, including initial, recurring and refresher sessions

Answer 12

B. Hardened perimeter devices

Explanation:
Hardened perimeter devices are more useful at attenuating the risk of external attack

Question 13

Countermeasures for protecting cloud operations against internal threats include all of the following except ___________

A. Active physical surveillance and monitoring
B. Active electronic surveillance and monitoring
C. Redundant ISPs
D. Masking and obfuscation of data for all personnel without need to know for raw data

Answer 13

C. Redundant ISPs

Explanation:
ISP redundancy is a means to control the risk of externalities, not internal threats

Question 14

Countermeasures for protecting cloud operations against internal threats at the providers data center include all of the following except ___________

A. Broad contractual protections to make sure the provider is ensuring an extreme level of trust in its own personnel
B. Financial penalties for the cloud provider in the event of negligence or malice on the part of its own personnel
C. DLP Solutions
D. Scalability

Answer 14

D. Scalability

Explanation:
Scalability is a feature of cloud computing, allowing users to dictate an increase or decrease in service as needed, not a means to counter internal threats

Question 15

Countermeasures for protecting cloud operations against internal threats at the providers data center include all of the following except _______

A. Separation of duties
B. Least privilege
C. Conflict of interest
D. Mandatory vacations

Answer 15

C. Conflict of interest

Explanation:
Conflict of interest is a threat, not a control

Question 16

Benefits for addressing BC/DR offered by cloud operations include all of the following except ________

A. One time pads
B. Distributed, remote processing and storage of data
C. Fast replication
D. Regular backups offered by cloud providers

Answer 16

A. One time pads

Explanation:
A One time pads are a cryptographic tool/method; this has nothing to do with BC/DR. All the other options are benefits of using cloud computing for BCDR

Question 17

All of the following methods can be used to attenuate the harm caused by escalation of privilege except _______

A. Extensive access control and authentication tools and techniques
B. Analysis and review of all log data by trained, skilled personnel on a frequent basis
C. Periodic and effective use of cryptographic sanitization tools
D. The use of automated analysis tools such as SIM, SIEM, and SEM solutions

Answer 17

C. Periodic and effective use of cryptographic sanitization tools

Explanation:
Cryptographic sanitization is a means of reducing the risks from data remanence, not a way to minimize escalation of privilege

Question 18

What is the hypervisor malicious attacks would prefer to attack?

A. Type 1
B. Type 2
C. Type 3
D. Type 4

Answer 18

B. Type 2

Explanation:
Attackers prefer type 2 hypervisors because the OS offers more attack surface and potential vulnerabilities. There are no Type 3 or Type 4 hypervisors

Question 19

What is the term used to describe loss of access to data because the cloud provider has ceased operation?

A. Closing
B. Vendor lock out
C. Vendor lock in
D. Masking

Answer 19

B. Vendor lock out

Explanation:
Vendor lock in is the result of a lack of portability, for any number of reasons, Masking is a means to hide raw datasets from users who do not have a need to know. Closing is a nonsense term in this context

Question 20

Because PaaS implementations are so often used for software development, what is one of the vulnerabilities that should always be kept in mind?

A. Malware
B. Loss/theft of portable devices
C. Backdoors
D. DoS/DDoS

Answer 20

C. Backdoors

Explanation:
Software developers often install backdoors as a means to avoid performing entire work flows when adjusting the programs theyre working on; they often leave backdoors behind in production software, inadvertently or intentionally