Cloud Security Quiz #1001 (Sanjay Jha | ProProfs)
-
What kind of cloud-based Shadow IT services needs to be secured?
-
Only on-premise deployments
-
Only off-Premise deployments
-
Both On-Premise and Off-Premise deployments
-
None of above
-
About This Quiz
Cloud Security Quiz #1001 by Sanjay Jha on ProProfs assesses knowledge on cloud visibility, shadow IT, data encryption, and data localization. It's essential for understanding regulatory requirements and security measures in cloud environments.
Quiz Preview
- 2.
CASB can help in prevention of Account Hijacking. (True/False)
-
True
-
False
Correct Answer
A. TrueExplanation
CASB (Cloud Access Security Broker) can help in prevention of Account Hijacking by providing visibility and control over user activities and access to cloud applications. It can monitor user behavior, detect suspicious activities, and enforce security policies to prevent unauthorized access to user accounts. CASB can also provide multi-factor authentication and strong access controls to ensure that only authorized users can access cloud applications, reducing the risk of account hijacking.Rate this question:
-
- 3.
For cloud security revoking access to risky OAuth apps is important.
-
True
-
False
Correct Answer
A. TrueExplanation
Revoking access to risky OAuth apps is important for cloud security because OAuth (Open Authorization) allows users to grant access to their information on one website to another website without sharing their credentials. However, there is a risk associated with granting access to third-party apps that may have vulnerabilities or malicious intent. By revoking access to risky OAuth apps, the user can mitigate the potential security threats and protect their sensitive data stored in the cloud.Rate this question:
-
- 4.
Having visibility to redundancies in functionality and license costs of cloud services does not make any sense. (True/False)
-
True
-
False
Correct Answer
A. FalseExplanation
The statement "Having visibility to redundancies in functionality and license costs of cloud services does not make any sense" is false. Having visibility to redundancies in functionality and license costs of cloud services is important in order to optimize resources and reduce unnecessary expenses. By identifying and eliminating redundant services and licenses, organizations can streamline their operations and save costs. Therefore, it does make sense to have visibility to redundancies in functionality and license costs of cloud services.Rate this question:
-
- 5.
Which of the following are used for obscuration of data?
-
Encryption
-
Pseudonymization
-
Tokenization
-
All of the above
Correct Answer
A. All of the aboveExplanation
Encryption, pseudonymization, and tokenization are all techniques used for obscuring data. Encryption involves converting data into a coded form that can only be accessed with a decryption key. Pseudonymization replaces identifying information with pseudonyms, making it more difficult to link data to specific individuals. Tokenization involves replacing sensitive data with randomly generated tokens, reducing the risk of unauthorized access. All three methods help protect data privacy and security by making it harder for unauthorized individuals to understand or misuse the data.Rate this question:
-
- 6.
For cloud security, visibility to which of the following is required?
-
Sanctioned cloud applications
-
Unsanctioned cloud applications
-
Both of above
-
None of them
Correct Answer
A. Both of aboveExplanation
For cloud security, visibility to both sanctioned and unsanctioned cloud applications is required. Sanctioned cloud applications are those that have been approved and authorized by the organization, while unsanctioned cloud applications are those that have not been approved or authorized. Having visibility to both types of applications allows organizations to monitor and assess the security risks associated with the use of cloud services, ensure compliance with policies and regulations, and take necessary actions to protect sensitive data and prevent unauthorized access or usage.Rate this question:
-
- 7.
Which of the following is the appropriate example of encryption of data-at-rest, data-in-use and data-in-transit?
-
Backup, Restoration and Off-Site Storage
-
Database, Backup, Tapes
-
Backup Encryption, Database Encryption, Traffic Encryption
-
Encryption of APIs, Middleware, and Network
Correct Answer
A. Backup Encryption, Database Encryption, Traffic EncryptionExplanation
The appropriate example of encryption of data-at-rest, data-in-use, and data-in-transit is Backup Encryption, Database Encryption, Traffic Encryption. This answer correctly identifies the different types of data and the corresponding encryption methods. Backup encryption refers to encrypting data that is stored or backed up, database encryption refers to encrypting data that is being used or accessed within a database, and traffic encryption refers to encrypting data that is being transmitted over a network.Rate this question:
-
- 8.
Data Localization or Data Sovereignty or Data Residency is required for which of the following?
-
Cloud bandwidth performance
-
Local data vendors
-
Residents of a country
-
Regulatory requirement
Correct Answer
A. Regulatory requirementExplanation
Data Localization or Data Sovereignty or Data Residency is required for regulatory requirement. This means that certain countries or regions have regulations in place that require data to be stored and processed within their borders. This is often done to protect sensitive data and ensure compliance with local laws and regulations. By keeping data within the country or region, it allows authorities to have more control and oversight over how the data is handled and accessed.Rate this question:
-
- 9.
In cloud environment, the cloud customer is required to monitor compliance with which of the following regulations?
-
GDPR
-
HIPAA
-
HITECH
-
None of the above
Correct Answer(s)
A. GDPR
A. HIPAA
A. HITECHExplanation
In a cloud environment, the cloud customer is responsible for monitoring compliance with regulations such as GDPR, HIPAA, and HITECH. GDPR (General Data Protection Regulation) is a regulation that protects the personal data and privacy of European Union citizens. HIPAA (Health Insurance Portability and Accountability Act) is a regulation that ensures the security and privacy of healthcare information. HITECH (Health Information Technology for Economic and Clinical Health) is an act that promotes the adoption and meaningful use of health information technology. Therefore, the cloud customer needs to ensure compliance with these regulations to protect the data and privacy of their users.Rate this question:
-
- 10.
Which of the following statement(s) is/are true?
-
Data Loss Prevention (DLP) is an essential part of Cloud Security
-
Digital Rights Management (DRM) is critical for success of DLP in cloud
-
Data exfiltration can't be enforced in cloud environment
-
All of these
Correct Answer(s)
A. Data Loss Prevention (DLP) is an essential part of Cloud Security
A. Digital Rights Management (DRM) is critical for success of DLP in cloudExplanation
Data Loss Prevention (DLP) is indeed an essential part of Cloud Security as it helps in identifying, monitoring, and protecting sensitive data from unauthorized access or leakage in the cloud environment. Digital Rights Management (DRM) is critical for the success of DLP in the cloud as it provides the necessary mechanisms to enforce access controls, encryption, and usage restrictions on digital content, ensuring that sensitive data is protected and only accessed by authorized users. Therefore, both statements are true.Rate this question:
-
Quiz Review Timeline (Updated): Mar 14, 2023 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 14, 2023Quiz Edited by
ProProfs Editorial Team -
Feb 29, 2020Quiz Created by
SKJHA_MUMBAI
Back to top