How does SASE enhance traffic management when compared to traditional network models?
Which areas should be initially prioritized for hybrid cloud security?
Which cloud service model allows users to access applications hosted and managed by the provider, with the user only needing to configure the application?
How does the variability in Identity and Access Management (IAM) systems across cloud providers impact a multi-cloud strategy?
What is the primary purpose of implementing a systematic data/asset classification and catalog system in cloud environments?
Why is early integration of pre-deployment testing crucial in a cybersecurity project?
Which of the following best describes the responsibility for security in a cloud environment?
Which of the following is a common security issue associated with serverless computing environments?
Which of the following best describes the primary benefit of utilizing cloud telemetry sources in cybersecurity?
According to NIST, what is cloud computing defined as?
Which principle reduces security risk by granting users only the permissions essential for their role?
What is a key advantage of using Policy-Based Access Control (PBAC) for cloud-based access management?
Which of the following best describes the primary purpose of cloud security frameworks?
What is the primary reason dynamic and expansive cloud environments require agile security approaches?
Which feature in cloud enhances security by isolating deployments similar to deploying in distinct data centers?
What is a key consideration when handling cloud security incidents?
Which of the following is the MOST common cause of cloud-native security breaches?
Which activity is a critical part of the Post-Incident Analysis phase in cybersecurity incident response?
Which of the following strategies best enhances infrastructure resilience against Cloud Service Provider (CSP) technical failures?
How does network segmentation primarily contribute to limiting the impact of a security breach?
Which approach is essential in identifying compromised identities in cloud environments where attackers utilize automated methods?
Which aspect is crucial for crafting and enforcing CSP (Cloud Service Provider) policies?
How does serverless computing impact infrastructure management responsibility?
What tool allows teams to easily locate and integrate with approved cloud services?
In the Incident Response Lifecycle, which phase involves identifying potential security events and examining them for validity?
What is a key consideration when implementing AI workloads to ensure they adhere to security best practices?
Which of the following best describes compliance in the context of cybersecurity?
In a cloud environment, what does the Shared Security Responsibility Model primarily aim to define?
How does centralized logging simplify security monitoring and compliance?
CCM: A hypothetical company called: “Health4Sure” is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present this document to potential clients.
Which of the following approach would be most suitable to assess the overall security posture of Health4Sure’s cloud service?
What is true of a workload?
Which of the following is a perceived advantage or disadvantage of managing enterprise risk for cloud deployments?
Which concept is a mapping of an identity, including roles, personas, and attributes, to an authorization?
CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in
their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?
Which of the following items is NOT an example of Security as a Service (SecaaS)?
What item below allows disparate directory services and independent security domains to be interconnected?
What are the encryption options available for SaaS consumers?
What are the primary security responsibilities of the cloud provider in the management infrastructure?
ENISA: Which is a potential security benefit of cloud computing?
What of the following is NOT an essential characteristic of cloud computing?
Which layer is the most important for securing because it is considered to be the foundation for secure cloud operations?
Which attack surfaces, if any, does virtualization technology introduce?
CCM: Cloud Controls Matrix (CCM) is a completely independent cloud
assessment toolkit that does not map any existing standards.
What method can be utilized along with data fragmentation to enhance security?
A defining set of rules composed of claims and attributes of the entities in a transaction, which is used to determine their level of access to cloud-based resources is called what?
If in certain litigations and investigations, the actual cloud application or environment itself is relevant to resolving the dispute in the litigation or investigation, how is the information likely to be obtained?
What is known as the interface used to connect with the metastructure and configure the cloud environment?
The Software Defined Perimeter (SDP) includes which components?
What is a core tenant of risk management?
ENISA: A reason for risk concerns of a cloud provider being acquired is:
What is the newer application development methodology and philosophy focused on automation of application development and deployment?
Which governance domain deals with evaluating how cloud computing affects compliance with internal
security policies and various legal requirements, such as regulatory and legislative?
Big data includes high volume, high variety, and high velocity.
In the Software-as-a-service relationship, who is responsible for the majority of the security?
ENISA: Which is not one of the five key legal issues common across all scenarios:
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries.
What is the best way to ensure that all data has been removed from a public cloud environment including all media such as back-up tapes?
Select the best definition of “compliance” from the options below.
What is a primary benefit of consolidating traffic through a central bastion/transit network in a hybrid cloud environment?
How can the use of third-party libraries introduce supply chain risks in software development?
What is the most effective way to identify security vulnerabilities in an application?
What is the purpose of access policies in the context of security?
Which technique involves assessing potential threats through analyzing attacker capabilities, motivations, and potential targets?
Which of the following best describes the concept of Measured Service in cloud computing?
Which aspect of cybersecurity can AI enhance by reducing false positive alerts?
In securing virtual machines (VMs), what is the primary role of using an “image factory" in VM deployment?
In a cloud context, what does entitlement refer to in relation to a user's permissions?
What is a primary benefit of implementing micro-segmentation within a Zero Trust Architecture?
What is a key advantage of using Infrastructure as Code (IaC) in application development?
Which of the following is used for governing and configuring cloud resources and is a top priority in cloud security programs?
Which of the following is a primary purpose of establishing cloud risk registries?
What key activities are part of the preparation phase in incident response planning?
Which type of controls should be implemented when required controls for a cybersecurity framework cannot be met?
What are the essential characteristics of cloud computing as defined by the NIST model?
Which factor is typically considered in data classification?
A company plans to shift its data processing tasks to the cloud. Which type of cloud workload best describes the use of software emulations of physical computers?
When comparing different Cloud Service Providers (CSPs), what should a cybersecurity professional be mindful of regarding their organizational structures?
What is the primary role of Identity and Access Management (IAM)?
Why is identity management at the organization level considered a key aspect in cybersecurity?
Which of the following functionalities is provided by Data Security Posture Management (DSPM) tools?
Which of the following enhances Platform as a Service (PaaS) security by regulating traffic into PaaS components?
In Identity and Access Management (IAM) containment, why is it crucial to understand if an attacker escalated their identity?
Which of the following statements best reflects the responsibility of organizations regarding cloud security and data ownership?
In the context of Software-Defined Networking (SDN), what does decoupling the network control plane from the data plane primarily achieve?
In the context of cloud workload security, which feature directly contributes to enhanced performance and resource utilization without incurring excess costs?
What type of logs record interactions with specific services in a system?