Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?

• A.Memory
• B.Number of users
• C.Storage
• D.CPU

Comment: *

Name: *

Email: *

Verification: *

Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?

• A.Six months
• B.One month
• C.One year
• D.One week

Comment: *

Name: *

Email: *

Verification: *

You are the security policy lead for your organization, which is considering migrating from your on- premises, legacy environment into the cloud. You are reviewing the Cloud Security Alliance Cloud Controls Matrix (CSA CCM) as a tool for your organization. What is probably the best benefit offered by the CCM?

• A.The low cost of the tool
• B.Simplicity of control selection from the list of approved choices
• C.Allowing your organization to leverage existing controls across multiple frameworks so as not to duplicate effort
• D.Ease of implementation by choosing controls from the list of qualified vendors

Comment: *

Name: *

Email: *

Verification: *

The goals of DLP solution implementation include all of the following, except:

• A.Elasticity
• B.Policy enforcement
• C.Data discovery
• D.Loss of mitigation

Comment: *

Name: *

Email: *

Verification: *

Which of the following best describes data masking?

• A.A method for creating similar but inauthentic datasets used for software testing and user training.
• B.A method used to protect prying eyes from data such as social security numbers and credit card data.
• C.A method where the last few numbers in a dataset are not obscured. These are often used for authentication.
• D.Data masking involves stripping out all digits in a string of numbers so as to obscure the original number.

Comment: *

Name: *

Email: *

Verification: *