1|Page
C838 - MANAGING CLOUD SECURITY
WITH QUESTIONS AND ANSWERS 100%
VERIFIED
Which penalty is imposed for privacy violations under the general data
protection regulation (GDPR)?
Penalty up to 10 million Euros
Penalty up to 20 million Euros
Penalty up to 2% of gross income
Penalty up to 5% of gross income - correct answer_ Penalty up to 20
million Euros
Why is eDiscovery difficult in the cloud?
The process is time consuming.
The cloud service provider may lack sufficient resources.
The client may lack the credentials to access the required data.
The customer is responsible for their data on a multitenant system. -
correct answer_ The client may lack the credentials to access the
required data.
,2|Page
Which artifact may be required as a data source for a compliance audit
in a cloud environment?
Customer SLAs
Change management details
Quarterly revenue projections
Annual actual-to-budgeted expense reports - correct answer_ Change
management details
Which artifact may be required as a data source for a regulatory
compliance audit (i.e., HIPAA, PCI-DSS) in a cloud environment?
System configuration details
Quarterly revenue projections
System performance benchmarks
Annual actual-to-budgeted expenses - correct answer_ System
configuration details
Which item would be a risk for an enterprise considering contracting
with a cloud service provider?
99.99% up time guarantees
No SLA exclusion penalties
Very expensive SLA provider penalties
,3|Page
Suspension of service if payment is delinquent - correct answer_
Suspension of service if payment is delinquent
Which risk during the eDiscovery process would limit the usefulness of
the requested data from the cloud by third parties?
Direct access
Authentication
Native production
Discovery by design - correct answer_ Native production
Which type of control is important in order to achieve compliance for
risk management?
Security
Privacy
Validation
Technical - correct answer_ Security
Which requirement is included when exceptions, restrictions, and
potential risks are highlighted in a cloud services contract?
Load balancer algorithm
, 4|Page
Stockholder expectations
Regulatory and compliance
Virtual machine and operating system - correct answer_ Regulatory and
compliance
Which item is required in a cloud contract?
Strategy for the SDLC
Specifications for unit testing
Penalties for failure to meet SLA
Diagrams for data flow structures - correct answer_ Penalties for failure
to meet SLA
Which factor exemplifies adequate cloud contract governance?
The bandwidth that is contractually provided
The emphasis of privacy controls in the contract
The frequency with which contracts are renewed
The flexibility of data types in accordance with a contract - correct
answer_ The frequency with which contracts are renewed
C838 - MANAGING CLOUD SECURITY
WITH QUESTIONS AND ANSWERS 100%
VERIFIED
Which penalty is imposed for privacy violations under the general data
protection regulation (GDPR)?
Penalty up to 10 million Euros
Penalty up to 20 million Euros
Penalty up to 2% of gross income
Penalty up to 5% of gross income - correct answer_ Penalty up to 20
million Euros
Why is eDiscovery difficult in the cloud?
The process is time consuming.
The cloud service provider may lack sufficient resources.
The client may lack the credentials to access the required data.
The customer is responsible for their data on a multitenant system. -
correct answer_ The client may lack the credentials to access the
required data.
,2|Page
Which artifact may be required as a data source for a compliance audit
in a cloud environment?
Customer SLAs
Change management details
Quarterly revenue projections
Annual actual-to-budgeted expense reports - correct answer_ Change
management details
Which artifact may be required as a data source for a regulatory
compliance audit (i.e., HIPAA, PCI-DSS) in a cloud environment?
System configuration details
Quarterly revenue projections
System performance benchmarks
Annual actual-to-budgeted expenses - correct answer_ System
configuration details
Which item would be a risk for an enterprise considering contracting
with a cloud service provider?
99.99% up time guarantees
No SLA exclusion penalties
Very expensive SLA provider penalties
,3|Page
Suspension of service if payment is delinquent - correct answer_
Suspension of service if payment is delinquent
Which risk during the eDiscovery process would limit the usefulness of
the requested data from the cloud by third parties?
Direct access
Authentication
Native production
Discovery by design - correct answer_ Native production
Which type of control is important in order to achieve compliance for
risk management?
Security
Privacy
Validation
Technical - correct answer_ Security
Which requirement is included when exceptions, restrictions, and
potential risks are highlighted in a cloud services contract?
Load balancer algorithm
, 4|Page
Stockholder expectations
Regulatory and compliance
Virtual machine and operating system - correct answer_ Regulatory and
compliance
Which item is required in a cloud contract?
Strategy for the SDLC
Specifications for unit testing
Penalties for failure to meet SLA
Diagrams for data flow structures - correct answer_ Penalties for failure
to meet SLA
Which factor exemplifies adequate cloud contract governance?
The bandwidth that is contractually provided
The emphasis of privacy controls in the contract
The frequency with which contracts are renewed
The flexibility of data types in accordance with a contract - correct
answer_ The frequency with which contracts are renewed
