Cloud computing offers a range of advantages, like increased collaboration, easy accessibility, mobility, and storage capacity, to name a few. Cloud computing, however, comes with its own set of security concerns. Data loss, hacked interfaces, insecure APIs, data breach, vendor lock-in, denial of service, and account hijacking are just a few of the concerns. So to avoid these security risks it is important to have a robust security plan in place.
Pursuing cloud computing online training and certification is a great way to get started with a career in cloud computing and if you’re already somewhat advanced and interested in cloud computing, try the PG program in cloud computing.
Let us have a look at the security risks of cloud computing.
Q1. Which service provider out of the following options provides the least amount of built-in security?
- SaaS
- IaaS
- PaaS
- None of the above.
Answer- (a.) IaaS
Q2. Which service provider out of the following options provides the most amount of built-in
security?
- IaaS
- PaaS
- SaaS
- None of the above.
Answer- ( c.) SaaS
Q3. Which out of the following services mentioned below is required to be negotiated in
Service Level Agreements?
- Regulatory Compliance
- Logging
- Auditing
- All of the above.
Answer- (d.) All of the above.
Q4. What is the biggest concern regarding cloud computing?
- Accessibility
- Privacy
- Security
- Both b and c
Answer- (d.) Both b and c.
Q5. Which cloud computing model is implemented using dedicated resources and
infrastructure within an organization?
- Internal cloud
- Hybrid cloud
- External cloud
- Public cloud
Answer- (a.) Internal Cloud.
Q6. Which of the following aspects of cloud computing seems to be the most challenging or
troublesome?
- e-Discovery for the legal compliance
- Auditing
- Data integrity
- All of the above.
Answer- (d.) All of the above
Q7. What are three key areas of auditing?
- Operation visibility, change control process, incident response.
- Consideration of risks, errors, and inconsistencies
- Selection and planning, execution and reporting, follow-up.
- Logging, auditing, and regulatory compliance
Answer- (a.) Operation visibility, change control process, incident response.
Q8. What aspect of cloud computing is responsible for preventing downtime and determining costs?
- Bandwidth cost
- Committing to service level agreements or SLAs
- Application programming interfaces
- Virtual private network or VPN.
Answer- (b.) Committing to service level agreements or SLAs
Q9. Which organization promotes cloud computing security standards?
- Cloud Security Watchdog
- Cloud Security Alliance
- Cloud Security Standards Working Group
- None of the above.
Answer- (b.) Cloud Security Alliance
Q10. Cloud computing models are designed to support-
- Private, Public, and Hybrid Clouds
- Only Public Cloud and Hybrid Cloud
- Only Private Cloud and Public Cloud
- Only Hybrid Cloud
Answer- (a.) Private, Public, and Hybrid Clouds
Q11. Which of these is not a security risk of cloud computing?
- Reduced visibility and control over data.
- Regulatory non-compliance by the cloud service provider or CSP.
- Data breaches by malicious co-tenants
- Disaster Recovery.
Answer- (d.) Disaster Recovery
Q12. When migrating your on-premises systems to the cloud, you must first identify what security mechanisms are required and then map those to controls provided by your cloud service provider.
- True
- False
Answer- (a.)True.
Q13. Which out of the following is considered the operational domain of CSA?
- Flexibility and Scalability
- Portability and Interoperability
- Authentication and Control
- None of the above.
Answer- (b.) Portability and Interoperability
Q14. A CSP that keeps track of sensitive information like credit card details is an invitation for cybercriminals.
- True
- False
Answer- (a.)True
Q15. Which is the correct full form of CDN?
- Control Distribution Network
- Content Distribution Network
- Content Delivery Network
- Control Delivery Network
Answer- (c.) Content Delivery Network
Q16. A group of technologies that operate together on a network to ensure that it can reliably run high-priority applications and traffic despite restricted network capacity and includes the non-functional requirements such as disaster recovery, security, and dependability.
- Service Development
- Plan Development
- Technical Service
- Quality of Service.
Answer- (d.) Quality of Service.
Q17. Local networks, web browsers, and web applications are all part of the__________ cloud infrastructure.
- Front-end
- Back end
- Hybrid cloud
- None of the above
Q18. ______________ refers to the encoding or transforming of data before it is transferred to a cloud storage system.
a.Cloud Decryption
b.Cloud Encryption
- Symmetric Algorithm
- Asymmetric Algorithm
Q19. When an attacker creates a script that consumes all of the resources on a cloud server, ___________ threat occurs.
- Customer Manipulation
- Data Loss
- Account Hijacking
- Denial of Service
Q20. Data being transmitted in an unauthorized way to an external recipient from within an organisation is known as ________________.
- Data Misinterpretation
- Data Loss
- Data Leakage
- Denial of Service
Leave a Reply