Cloud Security 1.0 v6.0 (850-001)

Page:    1 / 7   
Total 91 questions

A CSO is concerned to learn that data is being intercepted while moving data between the cloud and corporate users. What should an IT professional do to mitigate this issue?

  • A. implement data encryption
  • B. implement firewall policies
  • C. implement data loss prevention
  • D. implement an automated patch management process


Answer : A

A company has employee data in a PaaS cloud. Results from an audit reveal that recently departed administrators of the service provider have not been patching the database server that holds sensitive data. What two Symantec products can be used to mitigate this risk?
(Select two.)

  • A. Control Compliance Suite B.PGP Encryption
  • B. Enterprise Vault
  • C. Critical System Protection
  • D. Web Gateway


Answer : A,D

A US-based company needs to protect sensitive data sent over a public network by integrating DLP and encryption solutions with their email infrastructure. Which data flow scenario should an IT professional implement to ensure proper inspection and security of the data?

  • A. create email, DLP scan email, encrypt email, deliver email
  • B. create email, encrypt email, DLP scan email, deliver email
  • C. create email, encrypt email, deliver email, DLP scan email
  • D. create email, deliver email, DLP scan email, encrypt email


Answer : D

A CIO wants to move assets to the cloud to save cost and improve availability. The CIO has mandated that the first data be moved without increasing risk of confidential information being exposed. Which data meets this criteria?

  • A. Collaboration tool containing marketing collateral
  • B. HR database containing employee names and addresses
  • C. Web shopping portal that processes retail transactions
  • D. Inventory management system containing sales data


Answer : A

An IT professional needs to determine if applications that are cloud migration candidates can achieve the required scalability and reliability characteristics. What must an IT professional consider regarding the applications' availability?

  • A. whether the application is based on variable consumption of computer resources
  • B. the percentage of uptime required of the application
  • C. if the application guarantees 100% of the megahertz or gigabytes that were reserved
  • D. whether it is based on Java, .NET, or another language


Answer : B

A company is planning a migration of an application to public IaaS. What is a valid objection related to data security in this scenario?

  • A. loss of administrative control of the application in the cloud
  • B. security risks introduced by a multi-tenant cloud
  • C. inability to enforce strong authentication in the cloud
  • D. lack of operational resiliency in the cloud


Answer : B

An organization is exploring the cost and benefits of migrating business-critical applications into the cloud. Today, the organization is most concerned with testing the cloud model and can wait until their findings are complete. Which cloud consumption characteristic is most flexible and able to meet their immediate needs?

  • A. allocation
  • B. metering
  • C. all-in
  • D. reservation


Answer : B

Which scenario identifies assets eligible for PaaS cloud migration?

  • A. proprietary beta release product application software and its supporting kernel-level programming code
  • B. the development team application servers that require constant physical configuration changesthe development team? application servers that require constant physical configuration changes
  • C. layer 3 switches that are being used to segregate the various business units and separate the production and testing environments
  • D. database servers that are being used by the QA team to test load handling


Answer : D

A company's Chief Security Officer (CSO) has just learned that the quality assurance department is utilizing public cloud IaaS infrastructures for testing of proprietary applications. These applications may also be exposing sensitive customer information.
Which solution will the CSO use to determine the company's exposure?

  • A. Network Encryption
  • B. DLP Network Discover
  • C. Endpoint Encryption
  • D. DLP Network Prevent


Answer : B

A company is moving a custom application from their private datacenter to a public cloud
IaaS provider. This will allow partners to access the application over public networks. As part of this initiative, the company would like to implement a more secure level of user access control. What should an IT professional do to achieve this goal?

  • A. use DLP at the datacenter
  • B. use DLP at the IaaS provider
  • C. use two-factor authentication at the datacenter
  • D. use two-factor authentication at the IaaS provider


Answer : B

An organization has implemented a telecommuting initiative to allow employees to work from home. Which solution would an IT professional implement to scan the user's HTTP traffic for malicious code without requiring a connection to the company's VPN?

  • A. Data Loss Prevention
  • B. Messaging Security Gateway
  • C. Data Encryption
  • D. Web Security.cloud


Answer : D

A company has decided to implement "cloud bursting" to allow their production environment to scale to any size by utilizing on-demand connections to a public cloud IaaS infrastructure. Which solution allows the IT department to minimize security risks by treating the IaaS environment as a logical extension of their internal network?

  • A. Hosted SaaS connection between the datacenter and IaaS provider
  • B. Virtual DLP connection between the datacenter and the IaaS provider
  • C. IPSEC VPN connection between the datacenter and the IaaS provider
  • D. On-demand PGP connection between the datacenter and the IaaS provider


Answer : C

An administrator needs to profile discovered systems and group them according to controls that are required. This function must also be performed across both physical and logical groupings based on policy. Which solution performs this function?

  • A. Symantec Control Compliance Suite
  • B. Symantec Critical Systems Protection
  • C. Symantec Security Information Manager
  • D. Symantec Managed Security Services


Answer : A

A potential cloud customer has determined that their current applications are eligible for migration because most are batch-processing applications that work on sets of data, extracting and inserting data into databases. Which type of cloud application architecture is this application?

  • A. synchronous
  • B. asynchronous
  • C. independent
  • D. traditional


Answer : B

Which security requirement is difficult for a SaaS provider to meet?

  • A. securing web page content from modification
  • B. ensuring trusted SSL communications
  • C. complying with company-specific IT standards
  • D. protecting the integrity of stored information


Answer : C

Page:    1 / 7   
Total 91 questions