Question: What are the examples of the cloud infrastructure capability?
Ans – Launching virtual services
Using scalable storage
Question: Which facilitates managing cloud-based delegated administration?
Question: Which security threat encrypts data files?
Question: Which security standard is related to the protection of cardholder data?
Ans- PCI DSS
Question: When analysing captured HTTP traffic, which header follows the IP header?
Question: What are the benefits of adopting a security-centric approach to develop the applications in the cloud?
Ans- Identify system configuration issues
Early identification and mitigation of security vulnerabilities
Reuse of security strategies and tools
Question: What are the cloud application security issues?
Ans- Attack surface has increased
API calls travel across the Internet and are subject to threats
API calls emanate from multiple device types
Developers create the APIs when building applications
Question: Which network vulnerability is concerned with altering the content of data packets traversing the network and session hijacking?
Ans- Man-in-the-middle attacks
Question: What are characteristics of an SLA?
Ans- Must cover service provision across many jurisdictions
Components of the contractual relationship between CSC and CSP
Uses standardized terminology
Mapped to specific provided cloud services
Question: What are the reasons to warrant the risk management metrics?
Ans- Support objective security analysis
Evaluate information and system security
Ensure security control objectives are fulfilled