Q26. Which provides guidelines for organizational information security standards including the selection, implementation, and management of controls taking into consideration the organization’s information security risk environments?

Q27. Which of the following pose the biggest risk in the organization?

Q28. If there are gaps in network logging data, what can you do?

Q29. Which of the following Storage type is NOT associated with SaaS solution?

Q30. CCM: A hypothetical start-up company called “ABC” provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in
their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?

Q31. Stopping a function to control further risk to business is called:

Q32. Which term is used to describe the use of tools to selectively degrade portions of the cloud to continuously test business continuity?

Q33. Who is responsible for Governance, Risk & Compliance in Software as a Service(SaaS) service model?

Q34. Which of the following is typically a policy set that define ingress and egress rules that can apply to single assets or groups of assets, regardless of network location?

Q35. Which of the following authentication is most secured?

Q36. Which are the two major categories of network virtualization commonly seen in cloud computing today?

Q37. The amount of risk that the leadership and stakeholders of an organization are willing to accept is know as:

Q38. To understand their compliance alignments and gaps with a cloud provider, what must cloud customers rely on?

Q39. What of the following is NOT an essential characteristic of cloud computing?

Q40. One of the main reasons and advantage of having external audit is:

Q41. Who is responsible for the safe custody, transport, data storage. and implementation of business rules in relation to the privacy?