Cloud Security Best Practices

Questions and Answers

What is the purpose of a CASB (cloud access security broker)?

• To encrypt all data in cloud resources
• To control access to cloud resources (correct)
• To provide access to cloud resources
• To monitor all activities in cloud resources

What does data loss prevention refer to in the context of CASB?

• Preventing unauthorized access to cloud resources
• Ensuring data integrity in cloud resources
• Limiting data ex-filtration possibilities from cloud resources (correct)
• Preventing data corruption in cloud resources

What does cloud governance aim to ensure in the use of cloud IT services?

• Adherence to company-specific rules and regulations only
• Security measures against cyber attacks and malware
• Adherence to the appropriate regulations, laws, and data privacy standards (correct)
• Compliance with international trade laws and regulations

Where can one find information about a public cloud provider's compliance with regulations like GDPR and PCI DSS?

In the documentation provided on the provider's site (B)

What is the primary focus of cloud security best practices discussed in the text?

Mitigating impacts of potential vulnerabilities in cloud computing (B)

Which of the following is an example of a Cloud Access Security Broker (CASB)?

Microsoft Defender for Cloud (C)

What is the purpose of using a jump box in a cloud environment?

To restrict public access to virtual machines (A)

What does serverless computing entail in terms of server management?

Underlying servers are managed by the cloud service provider (D)

Which best practice is relevant to both on-premises and cloud environments?

Limiting network access with proper firewall configurations (A)

What is the primary benefit of serverless computing for software developers and database admins?

Automatic OS and software updates managed by the cloud service provider (D)

What is the primary purpose of a jump box in a cloud environment?

To serve as a secure gateway for accessing virtual machines with private IP addresses (D)

Which tool is an example of a Cloud Access Security Broker (CASB)?

Microsoft Defender for Cloud (A)

What does serverless computing entail in terms of server management?

Managed servers by the cloud service provider, including software updates and maintenance (B)

Where are the credentials specified when signing in to a Linux virtual machine through the Azure Portal?

Through the Azure Portal without the need for external tools (B)

What common best practice is relevant to both on-premises and cloud environments for limiting network access?

Proper firewall configurations and multi-factor authentication (D)

Which of the following is NOT a purpose of a Cloud Access Security Broker (CASB)?

Managing serverless computing platforms (D)

What does cloud governance aim to ensure in the use of cloud IT services?

Compliance with regulations and data privacy standards (D)

Where can one find information about a public cloud provider's compliance with regulations like GDPR and PCI DSS?

Public cloud provider's webpage and documentation (D)

What is the primary focus of data loss prevention in the context of a CASB?

Limiting data ex-filtration possibilities (C)

What is a CASB primarily designed to control when it comes to cloud resources?

Access to cloud resources and data (B)