Which of the following best describes the primary function of Cloud Detection and Response (CDR) in cybersecurity?
Correct Answer: A
Cloud Detection and Response (CDR) is an emerging capability that focuses specifically on detecting and responding to threats in cloud environments. While not deeply detailed in the core CSA Security Guidance v4.0, CDR is an evolution of traditional SIEM and endpoint detection strategies applied to cloud-native infrastructures. In CSA Security Guidance v4.0 - Domain 9: Incident Response, it's made clear that: "Security monitoring and detection capabilities in the cloud must be able to identify suspicious behavior, policy violations, and misconfigurations - often across multiple layers such as infrastructure, applications, and identity." - CSA Security Guidance v4.0, Domain 9: Incident Response CDR platforms typically include: Threat detection across cloud workloads (e.g., compute, storage, IAM misuse) Real-time alerts Automated or manual response mechanisms Integration with cloud-native logging services like AWS CloudTrail, Azure Monitor, or GCP Audit Logs Incorrect options: B is about application management, not threat detection. C relates to cloud cost optimization tools. D refers to cloud storage tuning, unrelated to threat detection. Reference: CSA Security Guidance v4.0 - Domain 9: Incident Response
Question 92
A SIEM device should be tuned in regularly to:
Correct Answer: B
It is necessary to tuned regularly. It is helps in reducing false positives and keep the signatures latest and optimal.
Question 93
Which of the following processes plays a major role in managing system vulnerabilities?
Correct Answer: B
Although other process are part of overall security strategy proper patch management plays key role in keeping control on system vulnerabilities.
Question 94
The Software Defined Perimeter (SDP) includes which components?
Correct Answer: C
Question 95
Which of the following best describes the concept of Measured Service in cloud computing?
Correct Answer: D
The correct answer isD. Cloud systems automatically monitor resource usage and provide billing based on actual consumption. Measured Service is one of theessential characteristics of cloud computingas defined by theNIST (National Institute of Standards and Technology). It implies that cloud systems automatically control and optimize resource usage by leveraging ametering capability. This capability tracks and reports resource consumption (such as CPU, storage, or bandwidth), which is used for billing, monitoring, and planning. Key Characteristics: Automatic Monitoring:Cloud platforms continuously track resource usage without manual intervention. Billing Based on Usage:Customers are billed based on the actual consumption of resources (pay-as-you-go model). Transparency:Users can view detailed usage reports to understand their resource utilization and associated costs. Resource Optimization:Providers use these metrics to optimize resource allocation and improve efficiency. Why Other Options Are Incorrect: A . Fixed immutable set of measured services:This contradicts the concept of elasticity and resource pooling in cloud computing. B . Elastic resources:While elasticity is a cloud characteristic, it does not directly define measured service. C . Manual reporting:Measured service is aboutautomated, real-time monitoring and billing, not manual data gathering. Real-World Example: In AWS, services likeAmazon CloudWatchautomatically collect and provide usage metrics, and the AWS Billing Console shows the cost associated with each resource. Reference: CSA Security Guidance v4.0, Domain 1: Cloud Computing Concepts and Architectures NIST SP 800-145 - The NIST Definition of Cloud Computing Cloud Controls Matrix (CCM) v3.0.1 - Metering and Billing Domain
