Cloud Security Fundamentals : Cloud application Security MCQ

1.What is commonly the next generation of organizational patch management for many companies?

A.Classroom training
B.A bastion host
C.Enforcing MFA
D.Software assurance program


2.Which of these are common tools used to create or increase security awareness?

A.Exit interviews
B.Computer-based training
C. Emails
E.Confirming resume references

Ans: B,C,D,F

3.What solution does AWS use in partnership with other security vendors to mitigate zero-day attacks on the cloud?


Ans: A

4.When applying the Secure SDLC, which phase will most likely perform enhancement and ongoing maintenance?

A.Phase 4- construct
B.Phase 7-post-implementation
C.Phase 5 test
D.Phase 6-product release

Ans: B

5.Which of these statements is true when comparing SAST to DAST?

A.DAST can better discover runtime and environment-related issues
B.SAST is more expensive to fix vulnerabilities
C.SAST is considered black box testing
D.DAST requires source code

Ans: A

6.Which are commonly passed from the service provider to the identity provider in a federated solution?


Ans: B

7.Which of the following techniques will best give you the option to store and process your data on any public or private cloud instance?

A.Plan and design for elasticity
B.Design apps as a set of services
C.Decouple the data when possible
D.Build security controls into the lifecycle

Ans: c

Leave a Reply

Your email address will not be published. Required fields are marked *