EMT Practice Test

1. Question Content...


Question List

Question1: In which cloud service model is the customer only responsible for the data?

Question2: Which of the following is an effective way of segregating different cloud networks and datacenters in a hybrid cloud environment?

Question3: "Cloud provider acquisition" as a risk fall under which of the following categories?

Question4: Ensuring the use of data and information complies with organizational policies, standards and strategy- including regulatory, contractual, and business objectives, known as:

Question5: An inherent weakness in an information system. security procedures. internal controls, or implementation that could be exploited by a threat source.

Question6: Exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations, are called:

Question7: When the data is transferred to third party. who is ultimately responsible for security of data?

Question8: What is the key benefit provided to the customer in Infrastructure as a Service model?

Question9: ENISA: "VM hopping" is:

Question10: Which data security control is the LEAST likely to be assigned to an IaaS provider?

Question11: Which of the following reports the cloud service provide normally share with customer WITHOUT any non-disclosure agreement and is in the public domain?

Question12: Which of the following Standards define "Application Security Management Process" (ASMP)?

Question13: Which of the following is NOT one of the common networks underlying in Cloud Infrastructure?

Question14: Which concept provides the abstraction needed for resource pools?

Question15: What item below allows disparate directory services and independent security domains to be interconnected?

Question16: Which is the set of technologies that are designed to detect conditions indicative of a security vulnerability in an application in its running state?

Question17: Which of the followinglS0 Standard provides Code of practice for information security controls based on IS0/IEC 27002for cloud services?

Question18: Which one of the following is NOT a level of CSA star program?

Question19: Who is responsible for infrastructure Security in Software as a Service(SaaS) service model?

Question20: Which of the following will not be provided by cloud services when requested by the customer?

Question21: What is the process to determine any weaknesses in the application and the potential ingress, egress, and actors involved before the weakness is introduced to production?

Question22: Which cloud-based service model enables companies to provide client-based access for partners to databases or applications?

Question23: Network logs from cloud providers are typically flow records, not full packet captures.

Question24: Which of the following are two most effective ways of protection against data breaches in the cloud environment?

Question25: Which of the following is a key tool for enabling and enforcing separation and isolation in multitenancy?

Question26: Which of the following is NOT atypical approach of Key Storage in cloud?

Question27: An adversary uses a cloud Platform to launch a DDoS attack against XYZ company. This type of risk is termed as:

Question28: How can virtual machine communications bypass network security controls?

Question29: ENISA: A reason for risk concerns of a cloud provider being acquired is:

Question30: What is the newer application development methodology and philosophy focused on automation of application development and deployment?

Question31: Which one of the following is NOT one of phases for cloud auditing?

Question32: In ability to provide enough capacity to the cloud customer can lead to which of the following risk:

Question33: Which of the following adds abstraction layer on top of networking hardware and decouples network control plane from the data plane?

Question34: Which of the following are communications method for components within a cloud, some of which (or an entirely different set) are exposed to the cloud user to manage their resources and configurations?

Question35: Which is the key technology that enables the sharing of resources and makes cloud computing most viable in terms of cost savings?

Question36: A cloud storage architecture that caches content close to locations of high demand is known as:

Question37: CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Question38: What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?

Question39: Which of the following is not one of the essential characteristics of Cloud Computing?

Question40: In which type of environment is it impractical to allow the customer to conduct their own audit, making it important that the data center operators are required to provide auditing for the customers?

Question41: Which of the following can lead to vendor lock-in?

Question42: What refers refer the model that allows customers to scale their computer and/ or storage needs with little or no intervention from or prior communication with the provider. The services happen in real time?

Question43: CCM: The following list of controls belong to which domain of the CCM?
GRM 06 - Policy GRM 07 - Policy Enforcement GRM 08 - Policy Impact on Risk Assessments GRM 09 - Policy Reviews GRM 10 - Risk Assessments GRM 11 - Risk Management Framework

Question44: Which of the following is most commonly used to program Application Programming Interface(API)?

Question45: Which of the following allows organizations to access, report, and obtain evidence of actions, controls, and processes that were performed or run by a specified user?

Question46: According to ENISA(European Network and Information Security Agency) document on Security risk and recommendation. Isolation Failure is:

Question47: Which document defines the minimum levels of service availability, security, controls, processes, communications & support?

Question48: Which of the following is also knows as white-box test and can be used to find XSS errors, SQL injection.
buffer overflows. unhandled error conditions. and potential backdoors?

Question49: Which of the following describes the cloud security reference architecture?

Question50: ______ refers to the deeper integration of development and operations teams through better collaboration and communications, with a heavy focus on automating application deployment and infrastructure operations?

Question51: How does virtualized storage help avoid data loss if a drive fails?

Question52: In Platform as a Service (PaaS), platform security is a responsibility of:

Question53: Metrics which govern the contractual obligations of cloud service are found in:

Question54: Which of the vulnerabilities is inherited from general software development practice in PaaS environment?

Question55: Which are the two major categories of network virtualization commonly seen in cloud computing today?

Question56: Which of the following is the correct pair of risk management standards?

Question57: John said that he is looking for cloud service which is self-serviced and has a on-demand capacity. Which service model is he referring to?

Question58: In a cloud scenario. who is the data processor and who is the data controller?

Question59: Your cloud and on-premises infrastructures should always use the same network address ranges.

Question60: Which of the following is NOT a component of Software Defined Perimeter as defined by Cloud Security Alliance Working group on SDP?

Question61: Enterprise Risk Management is part of over all information Risk Management of the organization

Question62: The intermediary that provides connectivity and transport of cloud services between the CSPs and the cloud service consumers is called:

Question63: Which of the following processes leverages virtual network topologies to run more smaller and more isolated networks without incurring additional hardware costs?

Question64: Erin has a picture which he wants to store in the cloud and would like to share its URL so that his friends can see the picture. What type of cloud storage would you recommend for him?

Question65: ln which of the following cloud service models is the customer required to maintain the operating system?

Question66: One of the primary benefits of the cloud is the ability to perform dynamic allocation of physical resources when required. The most common approach is a multi-tenant environment. However, it increases risk of disclosure of customer dat a. This can happen because of which of the following?

Question67: CCM: In the CCM tool, a is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk.

Question68: ln which service model. does cloud security provider has least responsibility?

Question69: Cloud applications can use virtual networks and other structures, for hyper-segregated environments.

Question70: Cloud customer and cloud service provider are jointly responsible legally for data breach or data loss in absence of any written clause regarding same in contract or SLA.

Question71: Cloud customer can do vulnerability assessment of their whole infrastructure on cloud just like they conduct vulnerbility assessment of their traditional infrastructure.

Question72: Who is responsible for Data Security in Software as a Service(SaaS) service mode?

Question73: What is the key difference between Business Continuity and Business Continuity Management?

Question74: When creating business strategies for cloud migration. which is the most important aspect?

Question75: Stopping a function to control further risk to business is called:

Question76: Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?

Question77: Which of the following help to intermediate IAM between an organization's existing identity providers and many different cloud services used by the organization?

Question78: Which of the following reports is of most interest to the customer but may not be provided by Cloud Service Provider?

Question79: Private cloud model can be managed by third party who may not be part of the organization served by that private cloud.

Question80: Logs, documentation, and other materials needed for audits and compliance and often serve as evidence of compliance activities are known as:

Question81: Which of the following phases of data security lifecycle typically occurs nearly simultaneously with creation?

Question82: Which of the following establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information(PII) in accordance with the privacy principles in IS0/IEC 29100 for the public cloud computing environment?

Question83: Which statement best describes why it is important to know how data is being accessed?

Question84: Exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations, are called:

Question85: Sending data to a provider's storage over an API is likely as much more reliable and secure than setting up your own SFTP server on a VM in the same provider

Question86: Which of the following Standards is normally followed to manage Enterprise Risk?

Question87: Which of the following are key Data functions?

Question88: Which of the following best describes the relationship between a cloud provider and the customer?

Question89: An important consideration when performing a remote vulnerability test of a cloud-based application is to

Question90: Which is the key mechanism used by organisations that supports. assures and demonstrate compliance?

Question91: A health care facility has to only comply with HIPAA and do not need to comply with PCI DSS.

Question92: Operating System management is done by customer in which service model of cloud computing?

Question93: Due to multi-tenancy nature of cloud. there is the possibility that data belonging to one customer will be read or received by another. This is known as:

Question94: Which of the following is key benefit of private cloud model?

Question95: What is true of security as it relates to cloud network infrastructure?

Question96: Which is the most important trust mechanism between cloud service provider and cloud customer?

Question97: Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?

Question98: Credentials and cryptographic keys must not be embedded in source code or distributed in public facing repositories such as GitHub.

Question99: What is resource pooling?

Question100: What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors?

Question101: What is the main driver for decision to deploy cloud solutions?

Question102: Which communication methods within a cloud environment must be exposed for partners or consumers to access database information using a web application?

Question103: An adversary stole1 million username and passwords of Pass4test LLCs customers. They took advantage of a security vulnerability in the publically accessible application hosted on the cloud. This is an example of: