D320 - MANAGING CLOUD SECURITY
QUESTIONS WITH 100% CORRECT ANSWERS.
Which phase of the cloud data life cycle requires adherence to export and import restrictions,
including Export Administration Regulations (EAR) and the Wassenaar Arrangement?
A) Create
B) Share
C) Use
D) Destroy
CORRECT ANSWER: B
Why is the striping method of storing data used in most redundant array of independent disks
(RAID) configurations?
A) It prevents outages and attacks from occurring in a cloud environment.
B) It prevents data from being recovered once it is destroyed using crypto-shredding.
C) It allows data to be safely distributed and stored in a common centralized location.
D) It allows efficient data recovery as even if one drive fails, other drives fill in the missing data.
CORRECT ANSWER: D
What is the purpose of egress monitoring tools?
A) They are used to convert a given set of data or information into a different value.
B) They are used to prevent data from going outside the control of an organization.
C) They are used to create data during the Create phase of the cloud data life cycle.
D) They are used to remove data during the Destroy phase of the cloud data life cycle.
CORRECT ANSWER: B
,A company is looking at different types of cloud storage options. One of the threats to cloud
storage that the company foresees is the possibility of losing forensic artifacts in the event of an
incident response investigation.
Which type of cloud storage has the highest risk of losing forensic artifacts in the event of an
incident response investigation?
A) File-based
B) Long-term
C) Block
D) Ephemeral
CORRECT ANSWER: D
A manager is made aware of a customer complaint about how an application developed by the
company collects personal and environmental information from the devices it is installed on.
Which document should the manager refer to in order to determine if the company has
properly disclosed information about what data it collects from this application's users?
A) Retention policy
B) Breach notification
C) Privacy notice
D) Denial of service
CORRECT ANSWER: C
An organization needs to store passwords in a database securely. The data should not be
available to system administrators.
Which technique should the organization use?
A) Encryption
,B) Hashing
C) Encoding
D) Masking
CORRECT ANSWER: B
A company is looking to ensure that the names of individuals in its data in the cloud are not
revealed in the event of a data breach, as the data is sensitive and classified.
Which data masking technique should the company use to prevent attackers from identifying
individuals in the event of a data breach?
A) Crypto-shredding
B) Degaussing
C) Anonymization
D) Randomization
CORRECT ANSWER: C
An organization needs to quickly identify the document owner in a shared network folder.
Which technique should the organization use to meet this goal?
A) Labeling
B) Classification
C) Mapping
D) Categorization
CORRECT ANSWER: A
An organization plans to introduce a new data standard and wants to ensure that system
inventory data will be efficiently discovered and processed.
Which type of data should the organization use to meet this goal?
A) Structured
, B) Semi-structured
C) Annotated
D) Mapped
CORRECT ANSWER: A
An organization implemented an information rights management (IRM) solution to prevent
critical data from being copied without permission and a cloud backup solution to ensure that
the critical data is protected from storage failures.
Which IRM challenge will the organization need to address?
A) Jurisdictional conflicts
B) Agent conflicts
C) Replication restrictions
D) Execution restrictions
CORRECT ANSWER: C
A data center engineer is tasked with the destruction of data on solid-state drives (SSDs). The
engineer must ensure that the data is not able to be retrieved.
Which data destruction action should the engineer take to meet this goal?
A) Overwriting
B) Crypto-shredding
C) Wiping
D) Degaussing
CORRECT ANSWER: B
An organization wants to gather and interpret logs from its cloud environment.
QUESTIONS WITH 100% CORRECT ANSWERS.
Which phase of the cloud data life cycle requires adherence to export and import restrictions,
including Export Administration Regulations (EAR) and the Wassenaar Arrangement?
A) Create
B) Share
C) Use
D) Destroy
CORRECT ANSWER: B
Why is the striping method of storing data used in most redundant array of independent disks
(RAID) configurations?
A) It prevents outages and attacks from occurring in a cloud environment.
B) It prevents data from being recovered once it is destroyed using crypto-shredding.
C) It allows data to be safely distributed and stored in a common centralized location.
D) It allows efficient data recovery as even if one drive fails, other drives fill in the missing data.
CORRECT ANSWER: D
What is the purpose of egress monitoring tools?
A) They are used to convert a given set of data or information into a different value.
B) They are used to prevent data from going outside the control of an organization.
C) They are used to create data during the Create phase of the cloud data life cycle.
D) They are used to remove data during the Destroy phase of the cloud data life cycle.
CORRECT ANSWER: B
,A company is looking at different types of cloud storage options. One of the threats to cloud
storage that the company foresees is the possibility of losing forensic artifacts in the event of an
incident response investigation.
Which type of cloud storage has the highest risk of losing forensic artifacts in the event of an
incident response investigation?
A) File-based
B) Long-term
C) Block
D) Ephemeral
CORRECT ANSWER: D
A manager is made aware of a customer complaint about how an application developed by the
company collects personal and environmental information from the devices it is installed on.
Which document should the manager refer to in order to determine if the company has
properly disclosed information about what data it collects from this application's users?
A) Retention policy
B) Breach notification
C) Privacy notice
D) Denial of service
CORRECT ANSWER: C
An organization needs to store passwords in a database securely. The data should not be
available to system administrators.
Which technique should the organization use?
A) Encryption
,B) Hashing
C) Encoding
D) Masking
CORRECT ANSWER: B
A company is looking to ensure that the names of individuals in its data in the cloud are not
revealed in the event of a data breach, as the data is sensitive and classified.
Which data masking technique should the company use to prevent attackers from identifying
individuals in the event of a data breach?
A) Crypto-shredding
B) Degaussing
C) Anonymization
D) Randomization
CORRECT ANSWER: C
An organization needs to quickly identify the document owner in a shared network folder.
Which technique should the organization use to meet this goal?
A) Labeling
B) Classification
C) Mapping
D) Categorization
CORRECT ANSWER: A
An organization plans to introduce a new data standard and wants to ensure that system
inventory data will be efficiently discovered and processed.
Which type of data should the organization use to meet this goal?
A) Structured
, B) Semi-structured
C) Annotated
D) Mapped
CORRECT ANSWER: A
An organization implemented an information rights management (IRM) solution to prevent
critical data from being copied without permission and a cloud backup solution to ensure that
the critical data is protected from storage failures.
Which IRM challenge will the organization need to address?
A) Jurisdictional conflicts
B) Agent conflicts
C) Replication restrictions
D) Execution restrictions
CORRECT ANSWER: C
A data center engineer is tasked with the destruction of data on solid-state drives (SSDs). The
engineer must ensure that the data is not able to be retrieved.
Which data destruction action should the engineer take to meet this goal?
A) Overwriting
B) Crypto-shredding
C) Wiping
D) Degaussing
CORRECT ANSWER: B
An organization wants to gather and interpret logs from its cloud environment.
