Which of the following frameworks focuses specifically on design implementation and management?
Answer : A
ISO 31000:2009 specifically focuses on design implementation and management. HIPAA refers to health care regulations, NIST 800-92 is about log management, and ISO 27017 is about cloud specific security controls.
Maintenance mode requires all of these actions except:
Answer : C
While the other answers are all steps in moving from normal operations to maintenance mode, we do not necessarily initiate any enhanced security controls.
Identity and access management (IAM) is a security discipline that ensures which of the following?
Answer : B
Options A and C are also correct, but included in B, making B the best choice. D is incorrect, because we don't want unauthorized users gaining access.
For performance purposes, OS monitoring should include all of the following except:
Answer : D
Print spooling is not a metric for system performance; all the rest are.
In addition to battery backup, a UPS can offer which capability?
Answer : D
A UPS can provide line conditioning, adjusting power so that it is optimized for the devices it serves and smoothing any power fluctuations; it does not offer any of the other listed functions.
What is the cloud service model in which the customer is responsible for administration of the OS?
Answer : D
In IaaS, the cloud provider only owns the hardware and supplies the utilities. The customer is responsible for the OS, programs, and data. In PaaS and SaaS, the provider also owns the OS. There is no QaaS. That is a red herring.
Because of multitenancy, specific risks in the public cloud that don't exist in the other cloud service models include all the following except:
Answer : A
DoS/DDoS threats and risks are not unique to the public cloud model.