After finding a vulnerability in an internet-facing server of an organization, a cybersecurity criminal is able to access an encrypted file system and successfully manages to overwrite part of some files with random data. In reference to the Top Threats Analysis methodology, how would you categorize the technical impact of this incident?

• A.As an availability breach
• B.As a confidentiality breach
• C.As control breach
• D.As an integrity breach

Comment: *

Name: *

Email: *

Verification: *

A CSP providing cloud services currently being used by the United States federal government should obtain which of the following to assure compliance to stringent government standards?

• A.FedRAMP Authorization
• B.CSA STAR Level Certificate
• C.Multi-Tier Cloud Security (MTCS) Attestation
• D.ISO/IEC 27001:2013 Certification

Comment: *

Name: *

Email: *

Verification: *

The MAIN difference between Cloud Control Matrix (CCM) and Consensus Assessment Initiative Questionnaire (CAIQ) is that:

• A.CCM has a set of security questions, whereas CAIQ has a set of security controls.
• B.CCM assesses the presence of controls, whereas CAIQ assesses overall security of a service.
• C.CCM has 14 domains and CAIQ has 16 domains.
• D.CCM provides a controls framework, whereas CAIQ provides industry-accepted ways to document which security controls exist in IaaS, PaaS, and SaaS offerings.

Comment: *

Name: *

Email: *

Verification: *

Which statement best describes why it is important to know how data is being accessed?

• A.The devices used to access data may have differentownership characteristics.
• B.The devices used to access data use a variety of operating systems and may have different programs installed on them.
• C.The devices used to access data have different storage formats.
• D.The devices used to access data use a variety of applications or clients and may have different security characteristics.
• E.The device may affect data dispersion.

Comment: *

Name: *

Email: *

Verification: *

To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

• A.EDiscovery tools
• B.Provider run audits and reports
• C.Provider and consumer contracts
• D.Provider documentation
• E.Third-party attestations

Comment: *

Name: *

Email: *

Verification: *