What Identity and Access Management (IAM) process decides to permit or deny a subject access to system objects like networks, data, or applications?
In the cloud provider and consumer relationship, which entity
manages the virtual or abstracted infrastructure?
CCM: In the CCM tool, “Encryption and Key Management” is an example of which of the following?
Who is responsible for the security of the physical infrastructure and virtualization platform?
Which statement best describes why it is important to know how data is being accessed?
Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?
CCM: The Architectural Relevance column in the CCM indicates the applicability of the cloud security control to which of the following elements?
What is the primary purpose of the CSA Security, Trust, Assurance, and Risk (STAR) Registry?
Which of the following best describes the primary purpose of cloud security frameworks?
What is a PRIMARY cloud customer responsibility when managing SaaS applications in terms of security and compliance?
Which feature in cloud enhances security by isolating deployments similar to deploying in distinct data centers?
What is the primary focus during the Preparation phase of the Cloud Incident Response framework?
How does cloud sprawl complicate security monitoring in an enterprise environment?
Which of the following best explains how Multifactor Authentication (MFA) helps prevent identity-based attacks?
How does artificial intelligence pose both opportunities and risks in cloud security?
What is the primary purpose of implementing a systematic data/asset classification and catalog system in cloud environments?
How can Identity and Access Management (IAM) policies on keys ensure adherence to the principle of least privilege?
In a containerized environment, what is fundamental to ensuring runtime protection for deployed containers?
In the Incident Response Lifecycle, which phase involves identifying potential security events and examining them for validity?
How does artificial intelligence pose both opportunities and risks in cloud security?
Which of the following best describes how cloud computing manages shared resources?
Audits should be robustly designed to reflect best practice, appropriate resources, and tested protocols and standards. They should also use what type of auditors?
ENISA: Which is not one of the five key legal issues common across all scenarios:
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?
In volume storage, what method is often used to support resiliency and security?
When mapping functions to lifecycle phases, which functions are required to successfully process data?
The containment phase of the incident response lifecycle requires taking systems offline.
A security failure at the root network of a cloud provider will not compromise the security of all customers because of multitenancy configuration.
ENISA: An example high risk role for malicious insiders within a Cloud Provider includes
Any given processor and memory will nearly always be running multiple workloads, often from different tenants.
Network logs from cloud providers are typically flow records, not full packet captures.
In the Software-as-a-service relationship, who is responsible for the majority of the security?
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?
Sending data to a provider’s storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider
Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?
In the context of cloud workload security, which feature directly contributes to enhanced performance and resource utilization without incurring excess costs?
Which of the following best describes a primary risk associated with the use of cloud storage services?
What key activities are part of the preparation phase in incident response planning?
Which of the following functionalities is provided by Data Security Posture Management (DSPM) tools?
What's the best way for organizations to establish a foundation for safeguarding data, upholding privacy, and meeting regulatory requirements in cloud applications?
When designing a cloud-native application that requires scalable and durable data storage, which storage option should be primarily considered?
What tool allows teams to easily locate and integrate with approved cloud services?
In the shared security model, how does the allocation of responsibility vary by service?
In a hybrid cloud environment, why would an organization choose cascading log architecture for security purposes?
What is the primary reason dynamic and expansive cloud environments require agile security approaches?
Which of the following best describes compliance in the context of cybersecurity?
How does network segmentation primarily contribute to limiting the impact of a security breach?
In the context of Software-Defined Networking (SDN), what does decoupling the network control plane from the data plane primarily achieve?
Which aspect of cybersecurity can AI enhance by reducing false positive alerts?
A company plans to shift its data processing tasks to the cloud. Which type of cloud workload best describes the use of software emulations of physical computers?
What is the primary function of Privileged Identity Management (PIM) and Privileged Access Management (PAM)?
Which technique is most effective for preserving digital evidence in a cloud environment?
Which of the following events should be monitored according to CIS AWS benchmarks?
What is the primary advantage of implementing Continuous Integration and Continuous Delivery/Deployment (CI/CD) pipelines in the context of cybersecurity?
When comparing different Cloud Service Providers (CSPs), what should a cybersecurity professional be mindful of regarding their organizational structures?
Which aspect of assessing cloud providers poses the most significant challenge?
Which of the following statements best reflects the responsibility of organizations regarding cloud security and data ownership?
What is an essential security characteristic required when using multi-tenant technologies?
How can the use of third-party libraries introduce supply chain risks in software development?
What is a primary benefit of implementing Zero Trust (ZT) architecture in cloud environments?
In the IaaS shared responsibility model, which responsibility typically falls on the Cloud Service Provider (CSP)?
What is a primary objective during the Detection and Analysis phase of incident response?
Which Cloud Service Provider (CSP) security measure is primarily used to filter and monitor HTTP requests to protect against SQL injection and XSS attacks?
Which of the following best describes a benefit of using VPNs for cloud connectivity?
Why is governance crucial in balancing the speed of adoption with risk control in cybersecurity initiatives?
Which of the following cloud computing models primarily provides storage and computing resources to the users?
Which activity is a critical part of the Post-Incident Analysis phase in cybersecurity incident response?