Education - IBM - Introduction to Data Management and Security in the Cloud

 

Introduction to Data Management and Security in the Cloud

01/15

Sophia is a cloud administrator for her company’s mobile app development group. She needs to control and monitor which employees can access the cloud resources.

What should Sophia set up to define what the employees can or can’t do in the company’s cloud service?

A.      A policy

B.      A procedure

C.     A report

D.     Authentication

 

02/15

In the simulation, what IBM Cloudant test did you select to run to check that the database was enabled with encryption and accessible only through HTTPS, which is a secure way to send data over the internet?

Select all that apply.

A.      Check whether Cloudant is enabled with Bring Your Own Key

B.      Check whether Cloudant is enabled with customer-managed encryption

C.     Check whether Cloudant is accessible only through TLS 1.2 or higher

D.     Check whether Cloudant is enabled with encryption

 

03/15

What benefits can businesses expect when they use DBaaS?

Select all that apply.

A.      Businesses can save costs by only paying for what they use.

B.      Businesses can scale their databases up or down as demand changes.

C.     Business can expect data to be encrypted and protected by the provider’s security measures.

D.     Businesses can install, configure, back up, secure, and scale their database themselves.

 

04/15

To help mitigate cloud vulnerabilities and protect data, businesses can follow the principle of least privilege. Which of the following statements is correct about the principle of least privilege?

A.      It means the business requires biometrics plus strong passwords which use a mix of uppercase letters, lowercase letters, numbers, and special characters.

B.      It means cloud service providers must secure the cloud infrastructure while the business secures the data, applications, and access to its cloud.

C.     It means the business grants users only the minimum level of access and permissions needed to perform their tasks.

D.     It means the business should implement multiple layers of security, such as using firewalls, encryption, and antivirus software.

 

05/15

What type of tools can cloud engineers use to examine the status of web services to determine if the services are under attack?

A.      Development tools

B.      Middleware tools

C.     Monitoring tools

D.     Prevention tools

 

06/15

Fill in the blank. Salwa is required to use _______________ at work, in which she enters her username and password and then must use a secondary form of identification to access her company’s website. The secondary identification is a code that her company sends to her work email address.

A.      multifactor authentication (MFA)

B.      pass-through authentication

C.     identity and access management (IAM)

D.     identity application

 

07/15

Which of the following statements best describes the relationship between data governance and data compliance?

A.      Data governance and data compliance are independent processes that have different goals and scopes.

B.      Data compliance is a subset of data governance that focuses on the legal and regulatory aspects of data.

C.     Data governance is a subset of data compliance that focuses on the quality and usability of data.

D.     Data governance and data compliance are interrelated activities that support each other in ensuring the effective management of data.

 

08/15

Businesses can transform data into a secret code that only their authorized users can read when transferring the data over the internet. This means that even if a threat attacker can access the data, they cannot understand it without a proper key.

Which DBaaS security feature is this?

A.      Access control

B.      Data migration

C.     Encryption

D.     Backup and recovery

 

09/15

Which of the following is a possible, negative consequence of a cloud security breach that a company should anticipate?

Select all that apply.

A.      Customers could lose confidence in the company’s ability to safeguard their data and privacy.

B.      Customers could suffer from negative media attention and need to deal with damage to their reputations.

C.     The company could face lawsuits and fines for failing to comply with data protection laws.

D.     The company could suffer from negative media attention and need to deal with damage to its reputation.

 

10/15

Wayne is a cloud security analyst working at a pharmaceutical company. His management approved a new initiative to take more measures to protect the company’s cloud against attacks. Wayne is implementing multiple layers of security controls. Specifically, he’s installing web application firewalls, a backup and recovery solution, and a security monitoring tool.

What cloud security approach is the team implementing?

A.      Shared responsibility model

B.      Least privilege principle

C.     Multifactor authentication

D.     Defense in depth strategy

 

11/15

A global nonprofit organization focusing on the global food insecurity crisis just switched to a new cloud service provider. It’s important for the organization to keep its data secure in the cloud. The new cloud service provider offers a security tool that defines and enforces who can access what resources in the cloud, and under what conditions. The nonprofit can create and manage accounts as well control the access of their employees and partners.

What cloud security tool is this?

A.      Security information and event management (SIEM)

B.      Key management

C.     Data loss prevention (DLP)

D.     Identity and access management (IAM)

 

12/15

Jenny is connecting to her company’s website. She successfully entered her username and password to access the site and now wants to run a report. When she selects the information that she wants to view, she receives an error message saying that she cannot access that data. 

Which security measure is denying her access?

A.      Authentication

B.      Authorization

C.     Multifactor authentication

D.     Single sign-on

 

13/15

Which of the following is a way in which cloud service providers support data governance and data compliance?

Select all that apply.

A.      They provide certificates to show their compliance with standards.

B.      They provide regulations to follow for data governance and data compliance.

C.     They provide tools to help customers manage their data.

D.     They collaborate with customers and regulators to help address data governance and data compliance issues.

 

14/15

In the simulation, you created storage for the results of the compliance and security tests.

What type of storage did you create?

A.      Cloud results storage

B.      Cloud file storage

C.     Cloud object storage

D.     Cloud test storage

 

15/15

Juliette is a cloud engineer working for a financial services company.

What should she do to prevent misconfiguration of the company’s cloud services so they’re not vulnerable to attack vectors?

A.      Follow the best practices and guidelines provided by the cloud service provider.

B.      Grant full access to the cloud storage service.

C.     Decrypt the cloud database.

D.     Disable the cloud backup services.