Firewalls can detect attack traffic by using all these methods except ____________.
Response:

A.

Known past behavior in the environment

B.

Identity of the malicious user

C.

Point of origination

D.

Signature matching

According to OWASP recommendations, active software security testing should include all
of the following except ____________.
Response:

A.

Session initiation testing

B.

Input validation testing

C.

Testing for error handling

D.

Testing for weak cryptography

Which of the following is NOT one of the cloud computing activities, as outlined in ISO/IEC
17789?
Response:

A.

Cloud service provider

B.

Cloud service partner

C.

Cloud service administrator

D.

Cloud service customer

Which of the following is a method for apportioning resources that involves prioritizing
resource requests to resolve contention situations?
Response:

A.

Reservations

B.

Shares

C.

Cancellations

D.

Limits

Data transformation in a cloud environment should be of great concern to organizations
considering cloud migration because __________ could affect data classification
processes/implementations.
Response:

A.

Multitenancy

B.

Virtualization

C.

Remote access

D.

Physical distance

Which of the following would probably best aid an organization in deciding whether to
migrate from a legacy environment to a particular cloud provider?
Response:

A.

Rate sheets comparing a cloud provider to other cloud providers

B.

Cloud provider offers to provide engineering assistance during the migration

C.

The cost/benefit measure of closing the organization’s relocation site (hot site/warm site)
and using the cloud for disaster recovery instead

D.

SLA satisfaction surveys from other (current and past) cloud customers

Who should be involved in review and maintenance of user accounts/access?
Response:

A.

The user’s manager

B.

The security manager

C.

The accounting department

D.

The incident response team

Which security certification serves as a general framework that can be applied to any type
of system or application?
Response:

A.

ISO/IEC 27001

B.

PCI DSS

C.

FIPS 140-2

D.

NIST SP 800-53

In a Lightweight Directory Access Protocol (LDAP) environment, each entry in a directory
server is identified by a ___________.
Response:

A.

Domain name (DN)

B.

Distinguished name (DN)

C.

Directory name (DN)

D.

Default name (DN)

Which type of report is considered for “general” use and does not contain any sensitive
information?
Response:

A.

SOC 1

B.

SAS-70

C.

SOC 3

D.

SOC 2

What aspect of data center planning occurs first?
Response:

A.

Logical design

B.

Physical design

C.

Audit

D.

Policy revision

From a security perspective, automation of configuration aids in ____________.
Response:

A.

From a security perspective, automation of configuration aids in ____________.
Response:

B.

Enhancing performance

C.

Reducing potential attack vectors

D.

Increasing ease of use of the systems

E.

Reducing need for administrative personnel