An important consideration when performing a remote vulnerability test of a cloud-based application is to

• A.Use techniques to evade cloud provider's detection systems
• B.Use network layer testing tools exclusively
• C.Use application layer testing tools exclusively
• D.Schedule vulnerability test at night
• E.Obtain provider permission for test

Comment: *

Name: *

Email: *

Verification: *

Which of the following quantitative measures is KEY for an auditor to review when assessing the implementation of continuous auditing of performance on a cloud system?

• A.Recovery Time Objectives (RTO)
• B.Recovery Point Objectives (RPO)
• C.Service Level Objective (SLO)
• D.Service Level Agreement (SLA)

Comment: *

Name: *

Email: *

Verification: *

Which of the following is NOT a cloud computing characteristic that impacts incidence response?

• A.Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident.
• B.The resource pooling practiced by cloud services, in addition to the rapid elasticity offered by cloud infrastructures.
• C.The possibility of data crossing geographic or jurisdictional boundaries.
• D.Object-based storage in a private cloud.
• E.The on demand self-service nature of cloud computing environments.

Comment: *

Name: *

Email: *

Verification: *

What is true of searching data across cloud environments?

• A.Search and discovery time is alwaysfactored into a contract between the consumer and provider.
• B.You might not have the ability oradministrative rights to search or access all hosted data.
• C.The cloud provider must conduct the search with the full administrative controls.
• D.You can easily search across your environment using any E-Discovery tool.
• E.All cloud-hosted email accounts are easily searchable.

Comment: *

Name: *

Email: *

Verification: *

In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

• A.Distributed computing arrangements
• B.Multi-tenant environments
• C.Single tenantenvironments
• D.Long distance relationships
• E.Multi-application, single tenant environments

Comment: *

Name: *

Email: *

Verification: *