850-001 - Cloud Security 1.0
Go back to Symantec
A current customer's cloud service provider is undergoing a merger and acquisition process. This increases the likelihood of a strategic shift to the customer's business operations and may put non-binding agreements at risk, as well as make compliance with security requirements impossible. How is this cloud provider acquisition risk categorized?
policy and organizational
An IT security professional at a large US-based manufacturing company has decided to deploy and manage a host intrusion detection solution to assist with their migration to a cloud environment. Which cloud environment will benefit from this solution?
Several government agencies collaborate extensively, sharing a variety of tools, processes, and data. Data shared by the organizations is highly sensitive, and risk tolerance for data loss or exposure is extremely low. Which type of cloud solution is appropriate in this scenario?
internally-hosted infrastructure providing a community cloud
A company is moving to the cloud. Because of DDOS attacks, it would like to start by moving email to the cloud. The company is small, with fewer than 200 users. What is the most cost- effective deployment model for this company to begin using?
A large enterprise that is currently supported by a very large IT infrastructure and experienced staff would like to offer individual Business Units (BUs) the ability to use local servers and storage on an as-needed basis. The BUs would then be charged accordingly, based on their individual usage. Which cloud service and deployment model combination provides an appropriate solution?
Infrastructure as a Service, private cloud
A cloud service provider administrator has discovered that someone is attempting to determine which servers and operating systems are running on a tenant's network by using network mapping. How is this risk categorized?
A cloud customer has determined that their data is being held in multiple geographic locations. They are concerned that these sites will be raided by local authorities and their data or systems are subject to disclosure or seizure. Which risk category does this type of risk fall into?
In order to achieve greater scalability, a CIO has mandated that a specific set of processes and data move to a cloud environment. These assets include: - Company email requiring anti-spam protection - Proprietary database with specific infrastructure requirements - Point-of-sale application and process for retail purchases. Which service and deployment model could support all of these assets?
Infrastructure as a Service, hosted in a private cloud
Which action addresses a risk inherent to the public cloud model?
harden applications sufficiently for multi-tenant environments
A company has decided to implement "cloud bursting" to allow their production environment to scale to any size by utilizing on-demand connections to a public cloud IaaS infrastructure. Which solution allows the IT department to protect against VM hopping?
data loss prevention