Topic 2, Exam Pool B
All of the following might be used as data discovery characteristics in a content-analysisbased
data discovery effort except ____________.
Response:
A.
Keywords
B.
Pattern-matching
C.
Frequency
D.
Inheritance
Inheritance
Which of the following is a possible negative aspect of bit-splitting?
Response:
A.
It may require trust in additional third parties beyond the primary cloud service provider.
B.
There may be cause for management concern that the technology will violate internal
policy.
C.
Users will have far greater difficulty understanding the implementation.
D.
Limited vendors make acquisition and support challenging.
It may require trust in additional third parties beyond the primary cloud service provider.
Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud
provider?
Response:
A.
SOC 1 Type 1
B.
SOC 2 Type 2
C.
SOC 1 Type 2
D.
SOC 3
SOC 3
Which of the following is the best example of a key component of regulated PII?
Response:
A.
Items that should be implemented
B.
Mandatory breach reporting
C.
Audit rights of subcontractors
D.
PCI DSS
Mandatory breach reporting
Which of the following methods is often used to obscure data from production systems for use in test or development environments?
Response:
A.
Tokenization
B.
Encryption
C.
Masking
D.
Classification
Masking
Single sign-on systems work by authenticating users from a centralized location or using a
centralized method, and then allowing applications that trust the system to grant those
users access. What would be passed between the authentication system and the
applications to grant a user access?
Response:
A.
Ticket
B.
Certificate
C.
Credential
D.
Token
Token
Why does the physical location of your data backup and/or BCDR failover environment
matter?
Response:
A.
It may affect regulatory compliance
B.
Lack of physical security
C.
Environmental factors such as humidity
D.
It doesn’t matter. Data can be saved anywhere without consequence
It may affect regulatory compliance
Which phase of the cloud data lifecycle also typically entails the process of data
classification?
Response:
A.
Use
B.
Store
C.
Create
D.
Archive
Create
When considering the option to migrate from an on-premises environment to a hosted
cloud service, an organization should weigh the risks of allowing external entities to access
the cloud data for collaborative purposes against ____________.
Response:
A.
Not securing the data in the legacy environment
B.
Disclosing the data publicly
C.
Inviting external personnel into the legacy workspace in order to enhance collaboration
D.
Sending the data outside the legacy environment for collaborative purposes
Sending the data outside the legacy environment for collaborative purposes
What principle must always been included with an SOC 2 report?
Response:
A.
Confidentiality
B.
Security
C.
Privacy
D.
Processing integrity
Security
The tasks performed by the hypervisor in the virtual environment can most be likened to
the tasks of the ________ in the legacy environment.
Response:
A.
Central processing unit (CPU)
B.
Security team
C.
OS
D.
PGP
Central processing unit (CPU)
You are the IT director for a small contracting firm. Your company is considering migrating
to a cloud production environment.
Which service model would best fit your needs if you wanted an option that reduced the
chance of vendor lock-in but also did not require the highest degree of administration by
your own personnel?
Response:
A.
IaaS
B.
PaaS
C.
SaaS
D.
TanstaafL
PaaS
| Page 14 out of 43 Pages |
| Previous |