The NIST ITL Cloud Research Team defines some primary and secondary technologies as the
fundamental elements of cloud computing in its “Effectively and Securely Using the Cloud
Computing Paradigm” presentation. Which of the following technologies are included in the
primary technologies? Each correct answer represents a complete solution. Choose all that apply.

Which of the following disaster recovery tests includes the operations that shut down at the
primary site, and are shifted to the recovery site according to the disaster recovery plan?

In which of the following deployment models of cloud is the cloud infrastructure administered by
the organizations or a third party? Each correct answer represents a complete solution. Choose
two.

Which of the following statements about a host-based intrusion prevention system (HIPS) are
true? Each correct answer represents a complete solution. Choose two.

Who amongst the following makes the final accreditation decision?

You are the project manager of the GHY project for your organization. You are about to start the
qualitative risk analysis process for the project and you need to determine the roles and
responsibilities for conducting risk management. Where can you find this information?

You work as a project manager for BlueWell Inc. You are preparing to plan risk responses for your
project with your team. How many risk response types are available for a negative risk event in the
project?

You work as an analyst for Tech Perfect Inc. You want to prevent information flow that may cause
a conflict of interest in your organization representing competing clients. Which of the following
security models will you use?

Which of the following are the phases of the Certification and Accreditation (C&A) process? Each
correct answer represents a complete solution. Choose two.

Fill in the blank with an appropriate phrase The is a formal state transition system of computer
security policy that describes a set of access control rules designed to ensure data integrity.