Which of the following approaches would NOT be considered sufficient to meet the requirements of
secure data destruction within a cloud environment?
D
Explanation:
Deletion merely removes the pointers to data on a system; it does nothing to actually remove and
sanitize the data. As such, the data remains in a recoverable state, and more secure methods are
needed to ensure it has been destroyed and is not recoverable by another party.
Which of the following cloud aspects complicates eDiscovery?
C
Explanation:
With multitenancy, eDiscovery becomes more complicated because the data collection involves extra
steps to ensure that only those customers or systems that are within scope are turned over to the
requesting authority.
What does the management plane typically utilize to perform administrative functions on the
hypervisors that it has access to?
C
Explanation:
The functions of the management plane are typically exposed as a series of remote calls and function
executions and as a set of APIs. These APIs are typically leveraged through either a client or a web
portal, with the latter being the most common.
What is a serious complication an organization faces from the perspective of compliance with
international operations?
B
Explanation:
When operating within a global framework, a security professional runs into a multitude of
jurisdictions and requirements, and many times they might be in contention with one other or not
clearly applicable. These requirements can include the location of the users and the type of data they
enter into systems, the laws governing the organization that owns the application and any regulatory
requirements they may have, as well as the appropriate laws and regulations for the jurisdiction
housing the IT resources and where the data is actually stored, which might be multiple jurisdictions
as well.
Which networking concept in a cloud environment allows for network segregation and isolation of IP
spaces?
D
Explanation:
A virtual area network (VLAN) allows the logical separation and isolation of networks and IP spaces
to provide enhanced security and controls.
Which of the following standards primarily pertains to cabling designs and setups in a data center?
B
Explanation:
The standards put out by Building Industry Consulting Service International (BICSI) primarily cover
complex cabling designs and setups for data centers, but also include specifications on power, energy
efficiency, and hot/cold aisle setups.
Which of the following publishes the most commonly used standard for data center design in regard
to tiers and topologies?
B
Explanation:
The Uptime Institute publishes the most commonly used and widely known standard on data center
tiers and topologies. It is based on a series of four tiers, with each progressive increase in number
representing more stringent, reliable, and redundant systems for security, connectivity, fault
tolerance, redundancy, and cooling.
What type of segregation and separation of resources is needed within a cloud environment for
multitenancy purposes versus a traditional data center model?
D
Explanation:
Cloud environments lack the ability to physically separate resources like a traditional data center can.
To compensate, cloud computing logical segregation concepts are employed. These include VLANs,
sandboxing, and the use of virtual network devices such as firewalls.
Which United States law is focused on data related to health records and privacy?
D
Explanation:
The Health Insurance Portability and Accountability Act (HIPAA) requires the U.S. Federal
Department of Health and Human Services to publish and enforce regulations pertaining to
electronic health records and identifiers between patients, providers, and insurance companies. It is
focused on the security controls and confidentiality of medical records, rather than the specific
technologies used, so long as they meet the requirements of the regulations.
What is used for local, physical access to hardware within a data center?
B
Explanation:
Local, physical access in a data center is done via KVM (keyboard, video, mouse) switches.