Which of the following approach would be most suitable to assess the overall security posture of Health4Sureâ€
CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present […]
Big data includes high volume, high variety, and high velocity.
Big data includes high volume, high variety, and high velocity. A. False B. True
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
Which of the following is NOT a cloud computing characteristic that impacts incidence response? A. The on demand self-service nature of cloud computing environments. B. Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident. C. The possibility of data crossing geographic or jurisdictional boundaries. D. Object-based storage […]
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticat
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries. A. False B. True
Which attack surfaces, if any, does virtualization technology introduce?
Which attack surfaces, if any, does virtualization technology introduce? A. The hypervisor B. Virtualization management components apart from the hypervisor C. Configuration and VM sprawl issues D. All of the above
CCM: The following list of controls belong to which domain of the CCM?
CCM: The following list of controls belong to which domain of the CCM? GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework A. Governance and Retention Management B. Governance and Risk […]
Which cloud-based service model enables companies to provide client-based access for partners to databases or
Which cloud-based service model enables companies to provide client-based access for partners to databases or applications? A. Platform-as-a-service (PaaS) B. Desktop-as-a-service (DaaS) C. Infrastructure-as-a-service (IaaS) D. Identity-as-a-service (IDaaS) E. Software-as-a-service (SaaS)
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional fa
What factors should you understand about the data specifically due to legal, regulatory, and jurisdictional factors? A. The physical location of the data and how it is accessed B. The fragmentation and encryption algorithms employed C. The language of the data and how it affects the user D. The implications of storing complex information on […]
Who is responsible for the security of the physical infrastructure and virtualization platform?
Who is responsible for the security of the physical infrastructure and virtualization platform? A. The cloud consumer B. The majority is covered by the consumer C. It depends on the agreement D. The responsibility is split equally E. The cloud provider
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy
CCM: In the CCM tool, a _____________________ is a measure that modifies risk and includes any process, policy, device, practice or any other actions which modify risk. A. Risk Impact B. Domain C. Control Specification