A company security policy mandates education and training for new employees. The policy must outline acceptable use policies for SaaS applications. Given these requirements, which of the following security controls is BEST suited?

• A.Detective
• B.Preventive
• C.Corrective
• D.Physical

Comment: *

Name: *

Email: *

Verification: *

A cloud security analyst is implementing a vulnerability scan of the web server in the DMZ, which is running in an IaaS compute instance. The default inbound firewall settings are as follows:

Which of the following will provide the analyst with the MOST accurate report?

• A.A default and common credentialed scan
• B.An agent-based scan
• C.A network vulnerability scan
• D.A network credentialed vulnerability scan

Comment: *

Name: *

Email: *

Verification: *

A systems administrator wants to restrict access to a set of sensitive files to a specific group of users. Which of the following will achieve the objective?

• A.Add audit rules on the server
• B.Configure data loss prevention in the environment
• C.Change tine permissions and ownership of the files
• D.Implement a HIPS solution on the host

Comment: *

Name: *

Email: *

Verification: *

Which of the following should an administrator implement to help reduce confidentiality risk for data at rest that is located in a public cloud?

• A.Encryption
• B.TLS
• C.IPSec tunnel
• D.SSL

Comment: *

Name: *

Email: *

Verification: *

Performance on a new private cloud deployment is not meeting expectations. An engineer has determined the virtualization host is experiencing high ready/wait times. VMs with the following configurations and metrics currently reside on the host:

Which of the following troubleshooting choices would MOST likely be used to bring the high ready/wait times to meet the expected baseline?

• A.Decrease the memory size for VM3.
• B.Decrease the CPU count for VM1.
• C.Increase the CPU count for VM4.
• D.Increase the memory size for VM2.

Comment: *

Name: *

Email: *

Verification: *