D320 - Managing Cloud Security (Pre-Assessment) Questions with
complete solution 2025
1. 1. Which phase of the cloud data life cycle
requires adherence to export and import b. Share
restrictions, includ- ing Export Administration
Regulations (EAR) and the Wassenaar
Arrangement?
a. Create
b. Share
c. Use
d. Destroy
2. 2. Why is the striping method of storing data used d. It allows eflcient
in most redundant array of independent disks
(RAID) configurations? data recovery as even
if one dri- ve fails,
a. It prevents outages and attacks from occurring other drives fill in the
in a cloud environment. missing data.
b. It prevents data from being recovered once
it is destroyed using crypto-shredding.
c. It allows data to be safely distributed and
stored in a common centralized location.
d. It allows efficient data recovery as even if one
drive fails, other drives fill in the missing data.
3. 3. What is the purpose of egress monitoring tools?
a. They are used to convert a given set of
data or information into a different value.
b. They are used to prevent data from going
outside the control of an organization. b. They are used to
c. They are used to create data during the pre- vent data from
Create phase of the cloud data life cycle. going out- side the
control of an or-
ganization.
,D320 - Managing Cloud Security (Pre-Assessment) Questions with
complete solution 2025
d. They are used to remove data during the
Destroy phase of the cloud data life cycle.
4. 4. A company is looking at different types of d. Ephemeral
cloud storage options. One of the threats to
cloud storage that the company foresees is the
possibility of losing forensic artifacts in the event
of an incident response investigation.
Which type of cloud storage has the highest
risk of losing forensic artifacts in the event of
an incident response investigation?
a. File-based
b. Long-term
c. Block
d. Ephemeral
5. 5. A manager is made aware of a customer
complaint about how an application developed by
the company collects personal and environmental c. Privacy notice
information from the devices it is installed on.
Which document should the manager refer to in
order to determine if the company has properly
disclosed information about what data it collects
from this ap- plication's users?
a. Retention policy
b. Breach notification
c. Privacy notice
d. Denial of service
, D320 - Managing Cloud Security (Pre-Assessment) Questions with
complete solution 2025
6. 6. An organization needs to store passwords in a data- b. Hashing
base securely. The data should not be available to
sys- tem administrators.
Which technique should the organization use?
a. Encryption
b. Hashing
c. Encoding
d. Masking
7. 7. A company is looking to ensure that the names c. Anonymization
of individuals in its data in the cloud are not
revealed in the event of a data breach, as the
data is sensitive and classified.
Which data masking technique should the
company use to prevent attackers from identifying
individuals in the event of a data breach?
a. Crypto-shredding
b. Degaussing
c. Anonymization
d. Randomization
8. 8. An organization needs to quickly identify the
docu- ment owner in a shared network folder.
a. Labeling
Which technique should the organization use to
meet this goal?
a. Labeling
b. Classification
complete solution 2025
1. 1. Which phase of the cloud data life cycle
requires adherence to export and import b. Share
restrictions, includ- ing Export Administration
Regulations (EAR) and the Wassenaar
Arrangement?
a. Create
b. Share
c. Use
d. Destroy
2. 2. Why is the striping method of storing data used d. It allows eflcient
in most redundant array of independent disks
(RAID) configurations? data recovery as even
if one dri- ve fails,
a. It prevents outages and attacks from occurring other drives fill in the
in a cloud environment. missing data.
b. It prevents data from being recovered once
it is destroyed using crypto-shredding.
c. It allows data to be safely distributed and
stored in a common centralized location.
d. It allows efficient data recovery as even if one
drive fails, other drives fill in the missing data.
3. 3. What is the purpose of egress monitoring tools?
a. They are used to convert a given set of
data or information into a different value.
b. They are used to prevent data from going
outside the control of an organization. b. They are used to
c. They are used to create data during the pre- vent data from
Create phase of the cloud data life cycle. going out- side the
control of an or-
ganization.
,D320 - Managing Cloud Security (Pre-Assessment) Questions with
complete solution 2025
d. They are used to remove data during the
Destroy phase of the cloud data life cycle.
4. 4. A company is looking at different types of d. Ephemeral
cloud storage options. One of the threats to
cloud storage that the company foresees is the
possibility of losing forensic artifacts in the event
of an incident response investigation.
Which type of cloud storage has the highest
risk of losing forensic artifacts in the event of
an incident response investigation?
a. File-based
b. Long-term
c. Block
d. Ephemeral
5. 5. A manager is made aware of a customer
complaint about how an application developed by
the company collects personal and environmental c. Privacy notice
information from the devices it is installed on.
Which document should the manager refer to in
order to determine if the company has properly
disclosed information about what data it collects
from this ap- plication's users?
a. Retention policy
b. Breach notification
c. Privacy notice
d. Denial of service
, D320 - Managing Cloud Security (Pre-Assessment) Questions with
complete solution 2025
6. 6. An organization needs to store passwords in a data- b. Hashing
base securely. The data should not be available to
sys- tem administrators.
Which technique should the organization use?
a. Encryption
b. Hashing
c. Encoding
d. Masking
7. 7. A company is looking to ensure that the names c. Anonymization
of individuals in its data in the cloud are not
revealed in the event of a data breach, as the
data is sensitive and classified.
Which data masking technique should the
company use to prevent attackers from identifying
individuals in the event of a data breach?
a. Crypto-shredding
b. Degaussing
c. Anonymization
d. Randomization
8. 8. An organization needs to quickly identify the
docu- ment owner in a shared network folder.
a. Labeling
Which technique should the organization use to
meet this goal?
a. Labeling
b. Classification
