Chapter 10: Cloud and Virtualization Security
Authored by Fhaa Lossx
Computers
University
Used 1+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
20 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Kevin discovered that his web server was being overwhelmed by traffic, causing a CPU bottleneck. Using the interface offered by his cloud service provider, he added another CPU to the server. What term best describes Kevin's action?
Elasticity
Horizontal scaling
Vertical scaling
High availability
Answer explanation
Key Phrase: "added another CPU to the server"
Explanation:
Correct Answer (C): Vertical scaling (also known as "scaling up") involves adding resources to an existing server, such as increasing CPU, memory, or storage capacity.
Why others are wrong:
A: Elasticity refers to the ability to automatically add or remove resources based on demand, not just increasing capacity manually.
B: Horizontal scaling (or "scaling out") involves adding more servers, not increasing the capacity of an existing server.
D: High availability focuses on minimizing downtime, often through redundancy, but it doesn’t specifically refer to adding resources.
2.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Fran's organization uses a Type I hypervisor to implement an IaaS offering that it sells to customers. Which one of the following security controls is least applicable to this environment?
Customers must maintain security patches on guest operating systems.
The provider must maintain security patches on the hypervisor.
The provider must maintain security patches on the host operating system.
Customers must manage security groups to mediate network access to guest operating systems.
Answer explanation
Key Phrase: "Type I hypervisor"
Explanation:
Correct Answer (C): In a Type I hypervisor environment (bare-metal), the hypervisor runs directly on the physical hardware, so there is no host operating system as in Type II hypervisors.
Why others are wrong:
A: Security patches on guest OS are the responsibility of the customer in an IaaS environment.
B: The provider must patch the hypervisor as it directly manages virtualization resources.
D: Security groups (firewall rules) are a customer responsibility for controlling network access to their virtual machines.
3.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
In what cloud security model does the cloud service provider bear the most responsibility for implementing security controls?
IaaS
FaaS
PaaS
SaaS
Answer explanation
Key Phrase: "cloud service provider responsibility"
Explanation:
Correct Answer (D): In the SaaS model, the cloud provider handles most of the security responsibilities, as the customer is only using the software and has minimal control over the underlying infrastructure.
Why others are wrong:
A: IaaS places more security responsibility on the customer, particularly in managing guest operating systems and applications.
B: FaaS involves a serverless model, but still, the provider only handles infrastructure and runtime, leaving some responsibilities to the customer.
C: PaaS is a middle ground, with the provider managing platform security and the customer managing the applications.
4.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Greg would like to find a referenced document that describes how to map cloud security controls to different regulatory standards. What document would best assist with this task?
CSA CCM
NIST SP 500-292
ISO 27001
PCI DSS
Answer explanation
Key Phrase: "map cloud security controls to regulatory standards"
Explanation:
Correct Answer (A): The Cloud Security Alliance Cloud Controls Matrix (CCM) is a framework that maps cloud security controls to various regulatory standards, helping organizations with compliance in cloud environments.
Why others are wrong:
B: NIST SP 500-292 is a reference model for cloud computing but is not specifically aimed at mapping security controls to regulatory standards.
C: ISO 27001 is a general information security management standard, not focused on cloud-specific security controls.
D: PCI DSS applies specifically to payment card industry data, not to cloud security control mapping.
5.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Wanda is responsible for a series of seismic sensors placed at remote locations. These sensors have low-bandwidth connections, and she would like to place computing power on the sensors to allow them to preprocess data before it is sent back to the cloud. What term best describes this approach?
Edge computing
Client-server computing
Fog computing
Thin client computing
Answer explanation
Key Phrase: "low-bandwidth, preprocess data on sensors"
Explanation:
Correct Answer (A): Edge computing involves placing computational resources near the source of data generation (such as on the sensors themselves) to process data locally before sending it to the cloud.
Why others are wrong:
B: Client-server computing is a general model where client devices interact with servers, but it does not specifically describe processing data on the edge.
C: Fog computing involves intermediate computing layers (like gateways) between the edge and the cloud, but edge computing is a more specific term for the processing on the sensors themselves.
D: Thin client computing refers to a setup where the client device has minimal computing resources and relies on a remote server for processing.
6.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Which one of the following statements about cloud computing is incorrect?
Cloud computing offers ubiquitous, convenient access.
Cloud computing customers store data on hardware that is shared with other customers.
Cloud computing customers provision resources through the service provider's sales team.
Cloud computing resources are accessed over a network.
Answer explanation
Key Phrase: "incorrect statement about cloud computing"
Explanation:
Correct Answer (C): Cloud customers typically provision resources through a self-service portal or automated systems, not through a sales team.
Why others are wrong:
A: Cloud computing does provide ubiquitous, convenient access to resources.
B: Cloud computing customers often share hardware with other customers in a multi-tenant environment, which is a characteristic of many cloud offerings.
D: Cloud resources are accessed over a network, typically the internet.
7.
MULTIPLE CHOICE QUESTION
15 mins • 1 pt
Helen designed a new payroll system that she offers to her customers. She hosts the payroll system in AWS and her customers access it through the web. What tier of cloud computing best describes Helen's service?
PaaS
SaaS
FaaS
IaaS
Answer explanation
Key Phrase: "payroll system accessed through the web"
Explanation:
Correct Answer (B): Helen's payroll system is offered as a Software as a Service (SaaS) solution, where customers access the software over the web without worrying about the underlying infrastructure.
Why others are wrong:
A: PaaS provides a platform for developers to build applications, but in this case, Helen is offering the application directly.
C: FaaS refers to serverless functions where users run code in response to events, not a complete application like payroll.
D: IaaS provides infrastructure, but Helen is offering software, not raw infrastructure.
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
