This set of Cloud Computing Multiple Choice Questions & Answers (MCQs) focuses on “Security Data”.

1. Which of the following is a compliance standard ?
a) PCI-DSS
b) HIPPA
c) GLBA
d) All of the mentioned

Answer()

2. Point out the correct statement:
a) The cloud service model you choose does not determine the variety of security features, compliance auditing, and other requirements
b) To determine the particular security mechanisms you need, you must perform a mapping of the particular cloud service model to the particular application you are deploying
c) A security control model includes the security that you normally use for your applications only
d) All of the mentioned

Answer()

3. Which of the following is key mechanism for protecting data ?
a) Access control
b) Auditing
c) Authentication
d) All of the mentioned

Answer()

4. How many security accounts per client is provided by Microsoft ?
a) 1
b) 3
c) 5
d) 7

Answer()

5. Point out the wrong statement:
a) Securing data sent to, received from, and stored in the cloud is the single largest security concern
b) The problem with the data you store in the cloud is that it can be located anywhere in the cloud service provider’s system
c) One and only approach to isolating storage in the cloud from direct client access is to create layered access to the data
d) All of the mentioned

Answer() 

6. Which of the following is a common means for losing encrypted data ?
a) lose the keys
b) lose the encryption standard
c) lose the account

Answer()

7. Which of the following is the standard for interoperable cloud-based key management ?
a) KMIP
b) PMIK
c) AIMK
d) None of the mentioned

Answer()

8. Which of the following was one of the weaker aspects of early cloud computing service offerings ?
a) Logging
b) Integrity checking
c) Consistency checking
d) None of the mentioned

Answer()

9. Which of the following is one of the most actively developing and important areas of cloud computing technology ?
a) Logging
b) Auditing
c) Regulatory compliance
d) None of the mentioned

Answer()

10. Amazon Web Services supports ________ Type II Audits.
a) SAS70
b) SAS20
c) SAS702
d) None of the mentioned

Answer()

ANSWERS

1. d
Explanation:A compliance standard can be any government regulatory framework.

2. b
Explanation:These mechanisms must be supported by the various controls that are provided by your service provider, your organization, or a third party.

3.  d
Explanation:Whatever service model you choose should have mechanisms operating in all above mentioned areas that meet your security requirements.

4. c
Explanation:On Amazon Web Service, you can create multiple keys and rotate those keys during different sessions.

5.  c
Explanation:The location of the proxy and the broker is not important.

6.  a
Explanation:Keys should have a defined lifecycle.

7.  a
Explanation:KMIP stands for Key Management Interoperability Protocol.

8.  a
Explanation:KMIP stands for Key Management Interoperability Protocol.

9.  c
Explanation:For any company with clients in multiple countries, the burden of regulatory compliance is onerous.

10.  a
Explanation:Becoming a cloud service provider requires a large investment.