Cloud Security Fundamentals : Cloud application Security MCQ


1.What is commonly the next generation of organizational patch management for many companies?

A.Classroom training
B.A bastion host
C.Enforcing MFA
D.Software assurance program

Ans:D

2.Which of these are common tools used to create or increase security awareness?

A.Exit interviews
B.Computer-based training
C. Emails
D.Bulletins
E.Confirming resume references
F.Posters

Ans: B,C,D,F

3.What solution does AWS use in partnership with other security vendors to mitigate zero-day attacks on the cloud?

A.GuardDuty
B.WAF
C.Beanstalk
D.Lightsall

Ans: A

4.When applying the Secure SDLC, which phase will most likely perform enhancement and ongoing maintenance?

A.Phase 4- construct
B.Phase 7-post-implementation
C.Phase 5 test
D.Phase 6-product release


Ans: B

5.Which of these statements is true when comparing SAST to DAST?

A.DAST can better discover runtime and environment-related issues
B.SAST is more expensive to fix vulnerabilities
C.SAST is considered black box testing
D.DAST requires source code

Ans: A

6.Which are commonly passed from the service provider to the identity provider in a federated solution?

A.Passwords
B.Tokens
C.Logs
D.Notes

Ans: B

7.Which of the following techniques will best give you the option to store and process your data on any public or private cloud instance?

A.Plan and design for elasticity
B.Design apps as a set of services
C.Decouple the data when possible
D.Build security controls into the lifecycle

Ans: c


Leave a Reply

Your email address will not be published. Required fields are marked *