Cloud Security MCQs
Cloud Security MCQs
These Cloud Security multiple-choice questions and their answers will help you strengthen your grip on the subject of Cloud Security. You can prepare for an upcoming exam or job interview with these Cloud Security MCQs.
So scroll down and start answering.
1: Which security requirement is difficult for a SaaS provider to meet?
A. Ensuring trusted SSL communications
B. Complying with company-specific IT standards
C. Protecting the integrity of stored information
D. Securing web page content from modification
2: A company has decided to implement "cloud bursting" to allow their production environment to scale to any size by utilizing on-demand connections to a public cloud IaaS infrastructure. Which solution allows the IT department to minimize security risks by treating the IaaS environment as a logical extension of their internal network?
A. Hosted SaaS connection between the datacenter and IaaS provider
B. Virtual DLP connection between the datacenter and the IaaS provider
C. IPSEC VPN connection between the datacenter and the IaaS provider
D. On-demand PGP connection between the datacenter and the IaaS provider
3: Which scenario identifies assets eligible for PaaS cloud migration?
A. Proprietary beta release product application software and its supporting kernel-level programming code
B. The development team application servers that require constant physical configuration changes the development team? application servers that require constant physical configuration changes
C. Layer 3 switches that are being used to segregate the various business units and separate the production and testing environments
D. Database servers that are being used by the QA team to test load handling
4: A company is planning a migration of an application to public IaaS. What is a valid objection related to data security in this scenario?
A. Security risks introduced by a multi-tenant cloud
B. Loss of administrative control of the application in the cloud
C. Lack of operational resiliency in the cloud
D. Inability to enforce strong authentication in the cloud
5: A CSO is concerned to learn that data is being intercepted while moving data between the cloud and corporate users. What should an IT professional do to mitigate this issue?
A. Implement data encryption
B. Implement firewall policies
C. Implement data loss prevention
D. Implement an automated patch management process
6: What is the correct order used by Symantec Messaging Gateway for scanning email messages?
A. Message is scanned for viruses > message is scanned for spam > message attachments are scanned for policy violations
B. Message is scanned for viruses > message is scanned for content violations and data loss > message is scanned for spam
C. Message is scanned for viruses > message is scanned for spam > message is scanned for content violations and data loss
D. Message is scanned for spam > message is scanned for viruses > message is scanned for content violations and data loss
7: An individual has been able to obtain "Virtual Machine User" level access on a VMware host.Which possible issue could this cause?
A. Broken fault tolerance
B. Ineffective resource pooling
C. Virtual machines being shut down
D. Virtual machines removed from data store
8: Which action addresses a risk inherent to the public cloud model?
A. Harden applications sufficiently for multi-tenant environments
B. Revert a public cloud to a private cloud during an emergency
C. Apply anti-spam measures on the endpoint accessing the cloud
D. Activate de duplication on the cloud-based storage
9: A cloud service provider administrator has discovered that someone is attempting to determine which servers and operating systems are running on a tenant's network by using network mapping. How is this risk categorized?
A. Legal
B. Technical
C. Non-cloud specific
D. Policy and organizational
10: An IT security professional at a large US-based manufacturing company has decided to deploy and manage a host intrusion detection solution to assist with their migration to a cloud environment. Which cloud environment will benefit from this solution?
A. Hybrid SaaS
B. Multi-tenant IaaS
C. Multi-tenant PaaS
D. Multi-tenant SaaS
11: What can a hosted Symantec Data Loss Prevention solution do to protect confidential data in an outgoing email?
A. Modify the email body to redirect to a quarantine location
B. Use a Flex Response plug-in to modify the email header
C. Add a header to an email to route to an encryption gateway
D. Modify the email attachment content to remove confidential information
12: An enterprise is in the process of moving application servers to a cloud-based IaaS platform. Which technology should an IT professional use to assess the risk of the IT assets in a business context?
A. Symantec Validation and Identity Protection
B. Symantec Critical Systems Protection
C. Symantec Control Compliance Suite
D. Symantec Data Loss Prevention
13: How does Symantec Endpoint Protection (SEP) maximize VM density and performance without impacting security?
A. SEP analyzes virtual system configurations to identify vulnerabilities.
B. SEP reduces the spread of malware by hardening VMware vCenter.
C. SEP checks that offline VMware machines are safe before bringing them online.
D. SEP identifies malicious attacks to ESX/ESXi hypervisors without using signatures.
14: A company is hosting its email infrastructure in the cloud. The company is unable to enjoy the benefit of cloud deployment because its email servers process excessive spam emails. The company needs a solution that can block spam and malware contained in email messages before it reaches the email servers. Which solution resolves this issue?
A. Symantec Web Gateway
B. Symantec Messaging Gateway
C. Symantec Network Prevent for Email
15: Which component of the Symantec Control Compliance Suite (CCS) simplifies the evaluation of procedural controls by enabling an organization to automate, publish, and analyze results from web-based surveys?
A. CCS Policy Manager
B. CCS Standards Manager
C. CCS Response Assessment Manager
D. CCS External Data Interface Manager
16: A ________ is a cloud that is owned and operated by an organization for its own benefit.
A. Private cloud
B. Virtual private network
C. Wide area network
17: One downside to cloud storage is that ________ is needed to access your files.
A. Magnetic storage
B. Internet access
C. Statistical analysis of aircraft wing flutter
D. Optical processors
18: Compared to in-house hosting, cloud-based hosting ________.
A. Provides better visibility of security and disaster preparedness capabilities
B. Minimizes the risk of investing in technology that will soon become obsolete
C. Provides greater control over the location of data
D. Requires a significant amount of capital
19: When using ssl, the public key is found in a _______.
A. Digital certificate
B. Cookie
C. Smartfilter
D. Accelerator
List of Cloud Security MCQs Mu...
Available in:
Cloud Security MCQs
