API tools faq
paste
Advertisement
opexxx

CPE quiz3

opexxx
Dec 16th, 2015
195
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 3.95 KB | None | 0 0
raw download clone embed print report
  1. http://searchcloudsecurity.techtarget.com/quiz/Quiz-Cloud-application-security-best-practice
  2.  
  3. QUESTION 1
  4. Custom application development is generally done on which type of cloud service?
  5.  
  6.     a) Infrastructure-as-a-Service (IaaS)
  7.     b) Software-as-a-Service (SaaS)
  8.     c) Platform-as-a-Service (PaaS)
  9.     d) Development-as-a-Service (DaaS)
  10.  
  11.  
  12. YOUR ANSWER - c) Platform-as-a-Service (PaaS)
  13. CORRECT ANSWER - Correct answer: C � Platform-as-a-Service is the best cloud service with which to conduct custom application development because the lower levels of the stack are managed by the provider.
  14.  
  15. MORE INFORMATION:
  16. Learn whether a PaaS environment puts application data at risk.
  17.  
  18. QUESTION 2
  19. In general, which type of cloud service provides the most areas of accountability for the customer?
  20.  
  21.     a) Platform-as-a-Service (PaaS)
  22.     b) Security-as-a-Service
  23.     c) Infrastructure-as-a-Service (IaaS)
  24.     d) Software-as-a-Service (SaaS)
  25.  
  26.  
  27. YOUR ANSWER - c) Infrastructure-as-a-Service (IaaS)
  28. CORRECT ANSWER - Correct answer: C � IaaS offers the most accountability because the customer has control over the underlying operating systems/databases, etc. With PaaS, the provider manages those elements, and in SaaS the provider manages the OS and database, and, usually, the applications too.
  29.  
  30. MORE INFORMATION:
  31. Learn about testing IaaS security.
  32.  
  33. QUESTION 3
  34. Heroku, Azure, and BeanStalk are:
  35.  
  36.     a) Small, upstart cloud providers
  37.     b) Messaging hygiene providers
  38.     c) Platform-as-a-Service providers
  39.     d) Reputation-based cloud firewall providers
  40.  
  41.  
  42. YOUR ANSWER - c) Platform-as-a-Service providers
  43. CORRECT ANSWER - Correct answer: C - Heroku, Azure, and BeanStalk are examples of established Platform-as-a-Service providers.
  44.  
  45. MORE INFORMATION:
  46. Learn more about the security capabilities of PaaS providers.
  47.  
  48. QUESTION 4
  49. Which of the following is/are not a well-known list of cloud controls?
  50.  
  51.     a) SSAE 16 (formerly SAS 70)
  52.     b) CSA CCM
  53.     c) ISO 27001:2005
  54.     d) FedRAMP
  55.     e) A and C
  56.     f) B and D
  57.  
  58.  
  59. YOUR ANSWER - e) A and C
  60. CORRECT ANSWER - Correct answer: E � FedRAMP and the CSA CCM are listings of cloud-specific controls that can be used to assess cloud providers. Get reaction to the emerging FedRAMP cloud computing standards.
  61. QUESTION 5
  62. To find the best security-as-a-service offering for your organization:
  63.  
  64.     a) Ask the vendor what they recommend
  65.     b) Assess your requirements, do a risk assessment and a cost/benefit analysis of the options
  66.     c) Find the cheapest monthly option and use whatever is offered with that service
  67.     d) Ask your peers and do exactly what they're doing
  68.  
  69.  
  70. YOUR ANSWER - b) Assess your requirements, do a risk assessment and a cost/benefit analysis of the options
  71. CORRECT ANSWER - Correct answer: B - Although the other options can be used as input during the decision-making process, the most important considerations are your own requirements and risk analysis. Check out these guidelines for evaluating cloud computing risk.
  72. QUESTION 6
  73. Which of the following is not a common security-as-a-service offering?
  74.  
  75.    a) Mail hygiene
  76.    b) Vulnerability scanning
  77.    c) Streaming CDNs
  78.    d) Cloud storage/backup
  79.    e) Web hygiene
  80.    f) Log aggregation/SIM
  81.  
  82.  
  83. YOUR ANSWER - c) Streaming CDNs
  84. CORRECT ANSWER - Correct answer: C � Streaming CDNs are not a common security-as-a-service offering.
  85.  
  86. MORE INFORMATION:
  87. Learn why more companies are considering SIEM in the cloud.
  88.  
  89. QUESTION 7
  90. Using a cloud provider for security services is always:
  91.  
  92.    a) Cheaper than doing it on-premise
  93.    b) More secure than doing it on-premise
  94.    c) The right thing to do
  95.    d) A way to impress your boss
  96.    e) It depends
  97.  
  98.  
  99. YOUR ANSWER - e) It depends
  100. CORRECT ANSWER - Correct answer: E � The benefits of using cloud-based security services will vary from one organization to the next.
  101.  
  102. MORE INFORMATION:
  103. Learn about a study that showed cloud provider security is better than on-premise security.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!