Skip to main content

IS5503 Cloud Computing Solutions

 

Week-1 Pre Assessment

1) You are working as a cloud architect at Congruence crop. Management he asked you to implement an vitualized infrastructure to provide the company’s  employees with on-demand storage which should be accessible through a web interface over the public internet. Which of the following cloud deployment models will you use to implement this ?

Private

2) Which of the following storage solutions saves space by eliminating files or blocks that have redundant data?

Deduplication

3) You are as a cloud administrator at BigCo. Management he asked you to move the company’s on-premises data to the cloud. You have received a request from the network administration team while migrating. They want to manage both the Linux- and Windows-based servers efficiently. What should you implement to accomplish this task?

Secure Shell

Remote Desktop Protocol

4) Ron, a security analyst, found an unkwon design flaw in a product. He notices that correcting the flaw would be cost-prohibitive and would only affect a vey small number of customers. Rather than recalling the product, he decides to simply the product as it is. This is best describe as what type of risk response technique?

Acceptance

 

5) Which of the following risks should be considered during and after the migration process while performing the right migration steps?

A)Security risks

Complexity Creep

 

6) Jack is Working as a network administration at NilCo. Management has asked him to create a demilitarized zone (DMZ) in the cloud to enhance the security of the company’s cloud network. What will he use to accomplish this task?

Firewall

 

7) Which of the following cloud assessment techniques determine the difference between where a company is now in business and technical readiness versus where it needs to be?

Gap analysis

 

8) Joe is working as a product manager at NilCo.  He is planning to make sure that an upcoming company promotion suring a major sporting event does not overwhelm his company’s cloud-based e-commerce site. For this, he need to add capacity to the company’s web server so it can process the anticipated additional workload dynamically. What should he use?

Horizontal scaling

Vertical scaling

 

9) What Is the first step of searching the right cloud vendor?

Request for information

 

10) What storage type is used for the OS boot partition of an instance running in the cloud?

Block

 

11. A company has purchsed a new systm, but secrity pesonnel is spending a lot of time on systm maintenancce . A new third pary vendor has been selected for maintaning the company’s system. Which of the following documents should be created before assigning the job to the vensor?

A).Service level agreement

 

12. Which of the following is a final step that you will perform in the cloud assessement process?

A). Create documentation and diagrams.

 

13. what are the four cloud deployment models?

A). public, private, hybrid, and community

 

14. Will si testing his vackup disaster recovery site. He wants to verfy that the database in the disaster recovery facility is updated in real-time and ramains current with the production rerplica in the primary data center, which of the following should he use in his primary data denter servers?

A). Synchronous replication

15. Stella, a cloud+ stident, is learning the process of evaluating current sresources used in on-premeses data cetemine the resources required in the cloud. What is she learning about?

A). Right-sizing

 

16. which of the follwing international Organization for Standardization (ISO) standards is specific to CSPs and details information security?

A) 27017

17. which of the following is the process of obfuscatinf ddata such that only authrized individuals can read the data?

A).Encryption

 

18. which of the following porvides high-levvel guidence dictated by business goals and objectives?

A). policy

 

 

19. which of the following are exmples of an operating expenditure?

A).1. propertu taxes and insutance

2. Licences fees

20.which of the following makes networks more agile and fiexible by separatring the fowarding of network packets (the infrastructure layer) from the logical decision-making process (the control layer)?

A). Software-defined networking

 

21)  Which of the following is an item or collection of items that has a qualitative value to a company?

A:  Asset

 

22)  which of the following statements are correct regarding synchronous replication?

Each correct answer represents a complete solution. Choose all that apply

A:  It is limited the distance between the locations

It writes data to multiple locations in real-time

 

23)  Tom is working as a cloud administrator at BigCo. Management has asked him to increase the security of the companys cloud resources so that no unauthorized can access the resources.

A:  Multifactor authentication

 

24) Erika, a project manager, identifies a project risk that harm  the team members. So she hires a professional vendor to complete the critical part of the project.  What type of risk response is she using for handling the potential risk

A:  Transference

25)   Which of the following allows clients to remotely connect to virtual Linux machine, securely, and act as if the user were sitting at the virtual computer?

A:  Secure shell

26)  Who is responsible not only for an organization’s asset but also for the risk response to any identified threat to the said asset?

A:  Risk owner

Asset owner

 

27)  Bob is a cloud + architecture for BigCo Inc. He is using a clous service that provides computing hardware, but the operating system is not included . Which of the following cloud service is he using?

A:  Infrastructure as a service

 

28)  Which of the following documents includes the defined steps that an individual or an organization takes once an event occurs?

A:  Standard operating procedure

29)  Roman is the network administrator for a company. The company is currently managing an  on-premises network using cloud serviceor running some combination of two

A:  Baseline

 

30)  Which storage offerings will have a cost associated with the amount of data stored even if resource using the storage is powered off?

A:  Block storage

File storage

Object storage

 31. Which of the following laws reforms the financial services industry and specifically addressed concerns about protecting consumer privacy?

A) Gramm-Leach-Billey Act

32. David is working as cloud administrator at NilCo. He is performing a cloud assessment for the company’s new applications. Management has asked him to determine the capabilities that can be offloaded to the cloud and the level of support services needed. What will he use to accomplish this task?

A) Feasibility study

  

33. Which of the following cloud characteristics explains that a cloud provides services to serve multiple clients according to their priority?

A) Resource pooling

 

34. Which of the following security policies defines behaviors and activities that are acceptable in an organization?

A) Advisory


35. Jancie manages the MySQL database thar runs on multi-CPU instance that has reached 100 percent utilization. The database can run on only a single server. What would she used to support the requirements of this database?

A) Vertical scaling

 36. Which cloud computing model provides only low-level server resources to host applications for organizations?

A) Infrastructure as a service

37. A company hires contractors for six months to work on projects. After six months, a new team of contractors will be brought in. Which type of software licensing allows the license to be transferred from the first group to the second group?

A) Bring your own license

38. What refers to the ability of a client to acquire additional cloud resources without supplier intervention?

A) Self-service

39. Patrick is working  as a cloud administrator at BigCo. He is looking at business requirements that specify the data available at the disaster recovery site must not be more than 48 hours old. Which of the following metrics relates to these requirements?

A) Recovery point objective

 

40. In dealing with risks, which response is accomplished when an organization purchases insurance to protect the income when a disaster or threat is realized?

A) Transference

41) Which of the following standard is concerned with HIPAA, GLBA, PCi DSS, and FINRA ?

A) Industry-based

42) You are negotiating cloud services with a CSP. You need to ensure that your organization can get more storage space without CSP intervention. Which service do you need?

A) Capacity on demand

43) Frank, the CEO of an organization, has set up a team to periodically evaluate regulatory compliance alone with associated documentation. His team implmented a policy that focuses on protecting the information that uniquely recognizes a person, either on its own or in conjunction with other information. Which of the following types of regulated information is this?

A) Personally identifiable information

44) Which of the following international Organization for standardization (ISO) standards covers the following topics?

> Removal and return of cloud service customer assets upon contract termination

> Protection and separation of a customer’s virtual enviroment

> virtual machine hardening requiredments to meet business needs

A) 27017

45) Which of the following helps to determine the compliance, security, and privacy guidefine during cloud assessment?

A) Feasibility study


46) Which of the following services do managed service providers (MSPs) deliver?

Each correct answer epresents a complete solution. Choose all that apply.

A)

1. Backup and recovery

2. Performance testing

 

47) Which of the following is an act locating weaknesses and vulnerablities of information systems by copying the intent and actions of malicious hackers?

A) Penetration testing


48) Which of the following cloud storage types allows an operating system to modify one portion one of a file without opening the entire file?

A) Block


49) Which cloud concept makes networks more agile by separating the forwarding of network packets for the logical decission-making process?

A) Software -define networking


50) Which of the following is defined by the health insurance portability and Accountability Act (HIPAA) and must be protected by an organization the jurisdiction of HIPAA?

A) Protected health information

51. Bob, a user, enters a username and password at the beginning of a session and accesses multiple applications. He does not need to re-authenticate for accessing each application each application. Which of the following authentication processes is he using?

A) Single sign-on

 

52. Harold is a software developer for NiCo inc. Management has asked him to migrate the company’s database application to the cloud. The company only wants to be responsible for the application and would prefer that the public cloud company manage all underlying infrastructure and servers that are required to support the application. Which of the following cloud service models will he use to accomplish this task?

A) platform as a service

 

53.  which of the following is the process of assigning costs of cloud resources to either individuals or departments that are responsible for the resources?

A)  Chargeback

 

 

54.  Which of the following are benefits of using an open- source cloud solution?

Each correct answer represents a complete solution. Choose two.

A)

1. Flexibility in development

2. Faster updates

 

55. George is a senior cloud architect at BIgCo. He is working on a project to                             interconnect his company’s private data center to cloud company that offers e-mail and other    services that can provide burstable compute capacity. What type of cloud deployment model is he creating

A)  Hybrid

 

56.  which of the following are example of the free-for–use software license?

Each correct answer represents a complete solution. Choose all that apply

Linux

Apache

 

57. How many classification levels are there in the risk classification system?

A)  Five

 

58. You are working as a cloud engineer at Congruence Corp. Management has asked you to run a small cloud evaluation in the production environment to see if there any application compatibility issues. What will you use to accomplish this task?

A) Pilot

 

59. what are the benefits of using digital marketing?

A)  Campaign automation and integration

Real-time results, monitoring and optimization

 

60. John works as a security analyst at XYZ. His organization uses Telnet for remote

Management. To ensure more secure client-server connections. He recognizes a

Necessity to replace Telnet with an encrypted network protocol. What should

He use to accomplish this task?

A)Secure shell

61. Which of the following is a short-term process designed to have employees develop skills or obtain knowledge to perform their jobs?

A) Training

62. You are working as a software engineer at XYZ. You just received an email reporting suspicious activity from the CEO’s account. The email provides a link to review the suspicious activity and immediately lock the account. You want review the suspicious activity before manually looking the CEO’s account, so you click the first link. Which data security principle did you just violate?

A) Integrity


63. You are working as a cloud engineer at Congruence Corp. Management has asked you to move the company’s extensive on-premises IT infrastructure to the cloud. Because of the cost involved, you have decided to move some services the fiscal year and move the rest of the services next fiscal year. Which migration approach will you use?

A) Phased

 

64. After conducting a qualitative risk assessment of her organization, Sally recommends purchasing cybersecurity breach insurance. Which type of risk response behavior is she recommending?

A) Transference

 

65. Which of the following processes strives to make automation efficient and manageable

A) Orchestration


66) In the shared security model of the cloud, who is responsible for securing access management and firewell configurations?

A) Clint

67) Which of the following is an agreement between parties to engage in some specified activity. Usually for mutual benfit?

A) Contract

 

68.  You are working as a cloud administrator at BigCo. The company uses a financial transaction database that updates frequently. If a natural disaster occurred any data backup older than one hour would not be useful to the company. Which of the following should you include in the disaster recovery plan to ensure that backups are always up to date?

A)   Recovery point objective

 

 

69. which of the following laws requires publicity traded companies to have proper inte3rnal control structures in place to validate that their financial statements accurately reflect their financial results?

A) Sarbanes-Oxley Act

 

70.  what refers to a semi-public intermediary network located between two firewalls?

A) Demilitarized zone

 

 


 Week-2 Quiz

1)Which feature of cloud design is measured in terms of nines?

A) High availability

 

 

2) Microsoft Azure is an example of which type of cloud deployment model?

A) Public

 

 

3) Which cloud service model provides hardware capacities, such as compute, storage, or networking, to a client?

A) Infrastructure as a service

 

 

 

4) In the shared responsibility model, what is the client responsible for?

A) Security in the cloud

 

 

5) Which cloud characteristic states that iOS, Android, and Windows users should all be able to use cloud resources?

A) Broad network access

 

 

 

6) Which cloud characteristic allows clients to access additional resources without requiring intervention from the service provider?

A) Self-service

 

 

7) Which cloud service model supports Gmail?

A) Software as a service

 

 

8) In cloud disaster recovery, what defines the maximum age of files that must be recovered from backups?

A) Recovery point objective

 

 

9) Which of the following defines the maximum amount of time a system can be offline in the event of a disaster?

A) Recovery time objective

 

 

10) Which term refers to having a device or system that can take over in the event of a failure?

A) Redundancy


Week-3 Quiz

1. Which cloud access type is used to securely connect to an online Windows instance?

A). Remote Desktop Protocol

2. ___________ is used by a web browser such as Google Chrome, Microsoft Edge, or Apple Safari to connect to a URL for the cloud resource.

A). Hypertext Transfer Protocol Secure

3. What refers to a security device that protects computers or networks from malicious network traffic?

A). Firewall

4. Which storage feature works by looking for repeated information within a file and then replacing that information with a shorter string?

A). Compression

5. Which cloud-based service resolves hostnames (or URLs) to IP addresses?

A). Domain Name System

6. Which of the following distributes work between multiple servers to speed up network performance?

A). Load balancer

7. Which storage type is best for unstructured data such as pictures and videos?

A). Object

8.A _____________ speeds up access to web resources for users in geographically distributed locations.

A). content delivery network

9. What storage type is best suited for databases and large scale, frequently accessed storage solutions?

A). Block

10. A _________ is a semi-public intermediary network located between two firewalls.

A). demilitarized zone


Week-4 Quiz

 

1. Which of the following is not one of the three key components of reporting in cloud assessments?

A). Blockchain

 

2. Which of the following identifies policies or regulations that are not being met with the current migration plan?

A). Gap analysis

 

3. A ___________ is a standard of performance or point of reference for comparison.

A). benchmark

 

4. What refers to the ability of a client to acquire additional cloud resources without supplier intervention?

A). Self-service

 

5. Which of the following breaks down a monolith program into smaller components that are independently coded and managed?

A). Microservice

6. Which cloud service is an open and distributed ledger that can securely record transactions between two parties in a verifiable and permanent way?
A). Blockchain

7. Which of the following services allows users to authenticate once across multiple security domains?
A). Federation

8. Which of the following is a way to store all the components needed to execute a microservice in the same package?
A). Containerization

9.  The __________ is a network of devices that are able to communicate with each other and exchange data.
A). Internet of Things

10. Which of the following are examples of digital marketing services offered within cloud environments?
A).
1. Email campaigns
2. Social media posts



Week-5 Quiz


1.  ____________ instances are responsible for renting reserved instances that are not currently being used.

 A). Spot

 

2. _________________ is the continuous execution of the first three steps (dev, build, and test) in the application development life cycle.

A). Continuous integration

 

3. Which type of scaling refers to adding servers for handling system load?

A). Horizontal

 

4. Which of the following is the process of taking a VM and performing post-deployment actions to customize the VM to the required configuration?

A). Bootstrapping

 

5. Which of the following storage types stores individual files like a normal file system, but there is no hierarchy as there is in a file system?

A). Object

 

6. Which testing validates that new features and bug fixes don't have a negative impact on the production code?

A). Regression

 

7. The four steps of the continuous integration and continuous delivery (CI/CD) pipeline are:

A). Dev > Build > Test > Release

 

8. What refers to the glue or the coordination between automation tasks?

A). Orchestration

 

9. Which testing can be performed in both the user acceptance (UA) and dev/test environments?

A). Regression

 

10. ____________ instances are instances with the capacity of CPU and RAM that users are willing to pay even if the instances or capacity are not used or even powered on.

A). Reserved


Week-7 Quiz

1. Which of the following analyses is dependent on the monetary value of an asset?

A). Quantitative

 

2. An organization purchases insurance for company vehicles. What kind of risk response is this?

A). Transfer

 

3. Identifying all the assets of an organization and documenting any risk and the response to the risk refers to a(n):

A). risk register

 

4. __________ is the process of storing data in multiple locations to provide other means of data availability if one location is no longer available.

A). Replication

 

5. Which license is free to use in a CSP's infrastructure?

A). Open-source

 

6. Which of the following risk responses attempts to reduce or eliminate risk entirely through utilizing resources or changing the probability of threats?

A). Avoidance

 

7. In how many ways can you classify risk in the risk classification system?

A). Five

 

8. Risk is the probability of the occurrence of a ________.

A). threat

 

9. What refers to the difficulty of extracting data from one CSP and importing it to on-premises?

A). Data portability

 

10. Which control type returns assets to a normal operating state after a security event occurs?

A). Corrective


WEEK-8 Quiz

1. Which of the following properties ensures the privacy of an asset?

A) Confidentiality

2. Which of the following properties validates that an asset has not been altered or modified?

A) Integrity

3. Which of the following properties ensures the timely and uninterrupted access to an asset?

A) Availability

4. Which of the following laws requires publicly traded companies to have proper internal control structures in place to validate that their financial statements accurately reflect their financial results?

A) Sarbanes-Oxley Act

5. What refers to logs or records of actions that occurred on an asset or actions that are performed by an asset?

A) Audit

6. Security assessments that scan and review the source code for bugs and defects is an example of:

A) application scanning

7. A __________ is a threat that has not been mitigated.

A) vulnerability

8. Which of the following is the process of looking at threats against assets and past events to determine a plan of action that will improve the security posture of an organization?

A) Hardening

9. Which of the following International Organization for Standardization (ISO) establishes the criteria for a quality management system?

A) 9001

10. Which of the following properties is designed to prevent assets from unauthorized access by other assets?

A) Confidentiality



week-8 post assessment

  1. Which of the following cloud service models best supports a software development team to work efficiently with members working from different geographical locations?

A: Platform as a service

  1. You are working as a cloud administrator at BigCo. The company CIO asks you to ensure that the new cloud solution provides fault tolerance. Which aspect of cloud design does this refer to?

A: Redundancy

  1. You are working as a cloud administrator at BigCo. You are buying new cloud services for the company. The internal network administration team needs assurance regarding cloud access from different OSs, such as Windows, macOS, and Android. What should you tell them to provide assurance?

A: Resources will be available to all client OSs via broad network 

access.

  1. Tony works as a security analyst in an organization. He purchases virtual machines from Microsoft Azure and uses them exclusively for services such as analytics, virtual computing, storage, networking, and much more. Which of the following model of cloud computing is referred to in the given scenario?

A: Public

  1. Which cloud deployment model offers the best scalability and cost-effectiveness?

A: Public

  1. Which of the following best describes the purpose of the shared responsibility model?

A: The CSP and client share responsibility for cloud security.

  1. Your CSP makes daily backups of important files and hourly backups of an essential database, which will be used to restore the data if needed. Which aspect of cloud design is your CSP implementing?

A: Disaster recovery

  1. When shopping for public cloud services, the CSP tells you that if your company needs more or fewer resources, the CSP can instantly accommodate that. What cloud characteristic is the CSP referring to?

A: Elasticity

  1. Which of the following provides the maximum downtime per day as 4.32 seconds in the cloud?

A: Four nines five

  1. Which of the following are examples of infrastructure as a service (IaaS) that a cloud provider might offer?

A: 1. Compute

2. Storage

  1. What will you use to speed up access to web resources for users in geographically distributed locations?

A: Content delivery network

  1. Which of the following is a secure point-to-point tunneled connection over the Internet?

A: Virtual private network

  1. Which solution should you use to handle spikes in network traffic while migrating to the cloud?

A: Load balancer

  1. A network administrator needs to remotely log into a cloud-based Linux server to perform some administrative tasks. Which cloud access type should the network administrator use?

A: Secure Shell

  1. Which of the following is used in conjunction with a web browser to securely access cloud storage?

A: Hypertext Transfer Protocol Secure

  1. Which of the following services will help users to locate a web server on the Internet?

A: Domain Name System

  1. Which of the following abstracts the storage hardware from logical storage volumes?

A: Software-defined storage

  1. Which of the following cloud storage types is designed to provide the fastest access to data and is more expensive per gigabyte?

A: Hot

  1. Which type of storage is best for uploading a large, offline backup archive to the new cloud service?

A: Object

  1. What will you use to reduce the needed cloud storage space and cost?

A: Compression


Deduplication

  1. A network administrator who is part of the cloud assessment team mentions that the average server CPU utilization is at 40 percent. What will the network administrator use to determine if this is acceptable performance?

A: Benchmark

  1. Which of the following is not the feature of a gap analysis?

A: Determining key stakeholder feedback about the migration plan

  1. Which of the following is the appropriate order for conducting cloud assessment tasks?

A: Contact key stakeholders, run a baseline, perform a gap analysis, and create documentation.

  1. A small company needs to set up a security surveillance system to protect its building. Which cloud-based technology will the company most likely take advantage of?

A: Internet of Things

  1. Which of the following best describes a blockchain in cloud computing?

A: It's a secure, open, and distributed ledger.

  1. You are working as a cloud administrator at BigCo. A user has reported an issue that he can connect to all the web services individually, but each requires a different password. He wants to access web services securely with a unique password by eliminating the overhead of entering the different passwords for different services. Which of the following should you configure?

A: Single sign-on

  1. Which of the following is not an implication of implementing VDI?

A: Higher costs

  1. Company A has a software development team with members located in Geneva and others in Chicago. Which cloud service will best help the team members to manage the project that all of them are working on?

A: Collaboration

  1. Which of the following captures performance data for a system during cloud assessment?

A: Baseline

  1. Which of the following allows users to authenticate once across multiple security domains?

A: Federation

  1. Which of the following are examples of capital expenditure?

A: 1. Furniture and fixtures

     2. Building expansion

  1. Which of the following is not the benefit of using the subscription licensing model?

A; Users are required to pay for the software only once.

  1. Which of the following migration approaches requires the applications to be completely redesigned from scratch, during migration, using only cloud-native components?

A: Rip and replace

  1. Sue, an IT employee, tells her manager that she wants to create a five-year plan to fulfill some career goals. Which of the following is she referring to?

A: Professional development

  1. Which licensing model has the following benefits:

A: Subscription

  1. Which of the following documents is designed to collect written information about a CSP's capabilities?

A: Request for information 

  1. Which of the following is a follow-up to a request for information (RFI) that requests pricing information on a specific set of standard services or products?

A: Request for quotation 

  1. Which document includes the following sections:

A: Contract

  1. You are working as a cloud administrator at NilCo. Management has asked you to migrate an on-premises data slot to the public cloud. This on-premises data slot has multiple commercial applications that can't be refactored. Which of the following migration approaches will you use?

A: Rehosting

  1. Which of the following principles should be considered while constructing a request for information (RFI)?

A: 1 .Be clear on the project objectives.

     2. Make it as easy as possible for the vendor to complete.

  1. What refers to the ability to deploy the application code to production at any given time, but with control in place for final approval?

A: Continuous delivery

  1. Joe is working as a product manager at NilCo. Management has asked him to deploy some new infrastructure with the updates and changes without implementing them directly on the production server. The deployment should occur in a procedural and repeatable fashion. Which of the following will he use to accomplish this task?

A: 1. Bootstrapping

    2. Golden image

  1. You are working as a cloud administrator at Congruence Crop. The company has several branch offices and each branch has a different cloud model. Management has asked you to keep track of the cloud resources used by each department such that the branches pay only for the resources they are using. What will you use to accomplish this task?

A; Resource tagging

  1. You are working as a network administrator at Congruence Crop. Management has asked you to create a clone of two different servers and place them in a new network environment isolated from the production network to validate the functionality of the servers. Which of the following will you use?

A: Sandbox

  1. Jack is working as a product manager at NilCo. Management has asked him to design the infrastructure for an e-commerce website that plans on selling sporting apparel for football (soccer) clubs around the globe. The website should offer the lowest latency and best performance for the shoppers. What should he use to accomplish this task?

A: Content delivery network

  1. Which testing is intended to uncover new bugs introduced by patches or configuration changes?

A: Regression

  1. What are the steps involved in the continuous integration (CI) of the application development life cycle?

A: Dev, build, and test

  1. Hazel is working as a cloud administrator at NilCo. Management has asked her to perform an analysis of on-premises resources and provide the correctly sized resources in the cloud such that the company pays only for the resources they are using. What points should she consider to accomplish this task?

A: 1 .Focus on recent data.

     2. Separate the environments for development, testing, and production.

  1. Which of the following includes the addition of servers to a pool for handling system load?

A; Horizontal scaling 

  1. Which of the following is primarily used when doing upgrades and patching on production infrastructure?

A; Blue/green deployment

  1. Which of the following access control types attempts to block any security events from occurring?

A: Preventive

  1. You are working as a cloud engineer at NilCo. You have put in a request to install a security update on your organization’s firewalls. The security update is needed to address a potential security vulnerability with the firewall authentication system. Your manager agrees with the value the security update offers but asks if there are any known issues with the patch and if there is a rollback plan if the firewalls stop functioning. What process is your manager requesting?

A: Change management

  1. You are working as a cloud manager at Congruence Corp. Management has decided that the company will purchase iPhones for all engineers who are on an on-call rotation. This is to help ensure availability and provide a standard for all on-call engineers. Since the iPhones are being purchased by the organization, management wants to have a level of control over the iPhones, i.e., the ability to wipe data, enable security settings like PIN, and enable Find My iPhone. What should you look into to meet this request?

A: Resource management

  1. You are working as an account manager at NilCo. You've received an email from the organization’s CEO that he has signed a check of $40,000 and you need to mail it to a P.O. box in another state. What process should you initiate?

A: Incident response

  1. John, a security analyst, is purchasing the DDoS protection service because while performing a risk assessment he considers the DDoS attack as a serious threat. What type of risk management strategy is John pursuing?

A: Mitigation

  1. A telecommunication company in Alaska has been continuously getting emails from customers that they are experiencing poor voice quality over the network. The degraded quality is due to extremely harsh weather conditions, which have frozen the network transmitters. This will automatically restore once the weather conditions drop down to normal. The company has decided to eliminate the risk and wait for the weather conditions to get better. Which of the following risk management techniques is the company using to manage the risk?

A: Avoidance

  1. Erika is working as a service desk manager at BigCO. She gets a request from her manager to immediately disable an employee's account because he is being terminated. For this purpose, she wants to validate the employee's manager and contact HR to verify termination. However, her manager is insistent that she should disable the employee's account now or he will terminate her. What process would she be violating if she disables the employee's account right away?

A: Standard operating procedure

  1. In dealing with risks, which response is accomplished when an organization purchases insurance to protect the income when a disaster or threat is realized?

A: Transference

  1. Purchasing employment practice liability insurance is what type of risk management technique?

A: Transference

  1. Which of the following security policies defines the behaviors and activities that are acceptable in an organization?

A: Advisory

  1. Katy, a project manager, identifies a project risk that could harm the team members. So, she hires a professional vendor to complete the critical part of the project. What type of risk response is she using for handling the potential risks?

A: Transfer

  1. The network diagrams have been digitized while migrating it to the cloud. Which data category and data security principle is referred in the scenario?

A: Sensitive

  1. Which of the following is a testament to the compliance of standards, practices, or regulations by an independent third party?

A: Certification

  1. Which of the following International Organization for Standardization (ISO) standards governs personally identifiable information (PII) in the cloud?

A: 27018

  1. Which law reforms the financial services industry and specifically addressed concerns about protecting consumer privacy?

A: Gramm-Leach-Bliley Act

  1. Flora works as a software engineer at BigCo. She is developing an application that will assess the security of a new version of the organization's internally developed ERP tool. The organization prefers focusing on assessing security throughout the life cycle. Which of the following methods should she perform to assess the security of the product?

A: Vulnerability scanning

  1. Peter is working as a cloud engineer at NilCo. Management has asked him to identify the services and desktops that have missing security patches and updates. Which of the following will he perform to accomplish the task?

A: Vulnerability scanning

  1. Your organization’s network file share was crypto-locked (encrypted), and a ransom was demanded for access to the files. Management has requested that you review and lock down access to the file share. They want only authorized individuals to be able to make changes to the entire file share. What is management asking you to perform?

A: Hardening

  1. Edward is working as a security analyst at NilCo. Management has asked him to perform a security audit of the systems on a network to determine their compliance with security policies. Which of the following will he perform in the audit?

A: Vulnerability scanning

  1. What will you use to perform a security audit of the systems on a network to determine their compliance with security policies?

A: Vulnerability scanning





A _________ is a written document that is legally binding, specifying the rights and duties of the parties to the agreement.

A)   Contract

The cost for utilities is considered as what type of expenditure?

A)   Operating

Which of the following are aspects of human capital?

A)   Training

B)   Professional development

A _________ runs in a test environment and designed to prove that a technology works as it should.

A)   proof of concept

Which of the following documents specifies metrics to determine whether a CSP is delivering things as specified in the statement of work (SOW)?

A)   Service level agreement

In which migration approach are all applications and data migrated as it is?

A)   Lift and shift

Which of the following is a small-scale initial rollout of a solution into the production environment?

A)   Pilot

In which migration approach are applications optimized to make full use of cloud capabilities?

A)   Rip and replace

___________  is a long-term educational process focused on employee growth.

A)   Professional development

Which of the following collects written information about a CSP's capabilities?

A)   Request for information 









































Labels:

Comments

Post a Comment

Popular posts from this blog

IS5203 Type 2 Post Assessment and Final Quiz

  Carlos has just created a new subnet for the finance department. He needs to be able to allow the employees in finance to retrieve files from the sales server, which is located in another subnet. Which of the following OSI model layers would it be necessary to categorize the device into? a. Layer 4 b. Layer 6 c. Layer 2 d. Layer 3 All of the cubicles in a company's office have cables that run up to the ceiling and across to an IDF. Inside the IDF, they connect directly to the latest generation switch available from the networking equipment vendor that they have chosen. Which of the following describes the physical topology most likely in use? a. mesh
Post a Comment
Read more

GE5103-2 Project Management [Aug 23 Syllabus]

    Some of the advantages of using time boxes and cycles in project coordination efforts include creating urgency, measuring progress, and allowing for predictable measurements. A)        True 2.    Even though most project managers are not contract specialists, they need to understand the process well enough to coordinate with the team. For the current assignment, you are looking at a short-term and small effort with a contractor of just a few hours without significant clarity. Which of the following would be the most applicable contract to use in this situation? A)        Time and materials 3. The project you are working on has had modifications to the plan from the start and even how the project is run. Project governance covers all of the 3 following except: A)        Naming The project manager 4. Of the following, which is most likely a trigger condition defined early in the project? A) Alerting Governance board if 10 percent over schedule 5. Of the following options, which stand
Post a Comment
Read more

GE5163 Week8 ( Final Exam ) Quize's

  A process or product that is insensitive to normal variation is referred to as being Select one: a. in specification b. capable c. robust d. out of control Feedback Your answer is correct. A completed failure mode and effects analysis (FMEA) results in the following assessment rating.      Occurrence = 4      Severity = 8      Detection = 10 What is the risk priority number (RPN) for this FMEA? Select one: a. 42 b. 22 c. 320 d. 120 Feedback Your answer is correct. In a visual inspection situation, one of the best ways to minimize deterioration of the quality level is to: Select one: a. have a program of frequent eye exams. b. retrain the inspector frequently. c. add variety to the task. d. have a standard to compare against as an element of the operation. Feedback Your answer is correct. Which of the following elements is least necessary to a good corrective action feedback report? Select one: a. What caused the failure b. Who caused the failure c. What correction has been made d. Wh
Post a Comment
Read more