Page: 1
/ 5
Total 21 questions
Cloud X (owned by Cloud Provider X) provides Physical Server A which hosts Virtual
Servers A and B. Virtual Server B hosts Ready-Made Environments A and B. Cloud
Service Consumer A uses Virtual Server A as part of an IaaS leasing agreement in which
Cloud Consumer A is charged a fixed monthly fee for unlimited access. Cloud Service
Consumers B and C use Ready-Made Environments A and B respectively as part of a
PaaS leasing agreement based on per-minute usage fees. In both cases, access is monitored via Pay-For-Use Monitor A, which keeps track of log-in and log-out times in order to calculate the usage charges that are billed to Cloud Consumers B and C.
Virtual Server A begins generating a series of exceptions. Soon thereafter, Virtual Server B becomes destabilized, resulting in further exceptions being raised in Ready-Made
Environments A and B. Cloud Service Consumers B and C receive a series of error messages until both of their connections are dropped Finally, Physical Server A shuts down completely. A subsequent investigation reveals that Virtual Server A was the victim of a security attack performed by a malicious cloud service consumer, the attacker generated increased loads of external communication requests on Virtual Server A and the underlying network, causing Physical Server A (along with Virtual Server B) to eventually shut down.
Which of the following statements accurately identifies the type of security threat that corresponds to the described attack - and -provides a solution that can directly mitigate this type of security threat within Cloud X?
- A. Virtual Server A was subjected to a denial of service attack that can be mitigated by implementing the encryption and digital signature mechanisms.
- B. Virtual Server A was subjected to an insufficient authorization attack that can be mitigated by implementing the digital signature and hardened virtual server image mechanisms.
- C. Virtual Server A was subjected to a denial of service attack that can be mitigated by implementing the hardened virtual server image and identity and access management mechanisms.
- D. Virtual Server A was subjected to an insufficient authorization attack that can be mitigated by implementing the single sign-on mechanism.
Answer : C
Cloud Provider X (which owns Cloud X) deploys two physical servers (Physical Servers A and B) and two databases (Databases A and B). Virtual Servers A and B are hosted by
Physical Server A and Ready-Made Environments A and B are hosted by Virtual Server B.
Virtual Servers C and D are hosted by Physical Server B. Cloud Service Consumer A regularly accesses Virtual Server D in order to test and deploy a new cloud service that was developed on-premise by the cloud consumer organization operating Cloud Service
- A. The pay-for-use monitor mechanism can be installed to address the requirement for cloud service usage charges to be tracked and recorded. The automated scaling listener mechanism can be implemented to address the requirement for cloud services to be automatically scaled. The multi-device broker mechanism can be implemented to address the requirement for notifications to be issued when cloud service loads exceed thresholds.
- B. The pay-for-use monitor mechanism can be installed to address the requirement for cloud service usage to be tracked and recorded. The automated scaling listener mechanism can be implemented to address both the requirement for cloud services to be automatically scaled and for notifications to be issued when cloud service loads exceed thresholds.
- C. The pay-for-use monitor mechanism can be implemented to address the requirement for cloud service usage charges to be tracked and recorded, for cloud services to be automatically scaled, and for notifications to be issued when cloud service loads exceed thresholds.
- D. The state management database mechanism together with the virtual server mechanism and the automated scaling listener mechanism can be implemented to address the requirement for cloud service usage charges to be tracked and recorded, for cloud services to be automatically scaled, and for notifications to be issued when cloud service loads exceed thresholds.
Answer : B
Cloud X (owned by Cloud Provider X) provides Physical Server A which hosts Virtual
Servers A and B. Virtual Server B hosts Ready-Made Environments A and B. Cloud
Service Consumer A uses Virtual Server A as part of an IaaS leasing agreement in which
Cloud Consumer A is charged a fixed monthly fee for unlimited access. Cloud Service
Consumers B and C use Ready-Made Environments A and B respectively as part of a
PaaS leasing agreement based on per-minute usage fees. In both cases, access is monitored via Pay-For-Use Monitor A, which keeps track of log-in and log-out times in order to calculate the usage charges that are billed to Cloud Consumers B and C.
Physical Server A begins to become unstable. Over the course of a 24 hour period, the server shuts down three times, taking down Virtual Servers A and B with it. This causes numerous problems for Cloud Service Consumers A, B and C, which lose connections and encounter a variety of exceptions.
A subsequent investigation of the log files generated by Pay-For-Use Monitor A reveals that the three server crashes coincided with the usage periods of Ready-Made Er n'ronment B b> Cloud Service Consumer B. De 'elopers at the Cloud Consumer 3 organization confirm they did not actually log in during those periods, which leads Cloud
Provider X to discover that another cloud service consumer has been posing as Cloud
Service Consumer B in order to maliciously access Ready-Made Environment B, Virtual
Server B, and Physical Server B on Cloud X. The investigation concludes that the malicious cloud service consumer was able to carry out the attack successfully by obtaining a weak password being used by developers from Cloud Consumer B.
Which of the following statements accurately identifies the type of security threat that corresponds to the described attack - and -provides a solution that can directly mitigate this type of security threat within Cloud X?
- A. Ready-Made Environment B. Virtual Server B and Physical Server B were subjected to a weak authentication attack that can be mitigated by implementing the encryption and digital signature mechanisms.
- B. Ready-Made Environment B. Virtual Server B and Physical Server B were subjected to a malicious intermediary attack that can be mitigated by implementing the cloud-based security groups and hardened virtual server images mechanisms.
- C. Ready-Made Environment B, Virtual Server B and Physical Server B were subjected to a virtualization attack that can be mitigated by implementing the encryption and digital signature mechanisms.
- D. Ready-Made Environments, Virtual Server B and Physical Server B were subjected to an attack that succeeded due to overlapping trust boundaries. This type of attack can be mitigated by implementing the single sign-on mechanism.
Answer : A
The cloud service owner of Cloud Service A is evaluating Clouds X, Y and Z to determine which cloud environment can offer the greatest level of reliability. All three clouds are geographically dispersed across three separate time zones. As a result, each cloud experiences usage peaks at different times. Based on the metrics provided, the greater the usage of a cloud, the lower its reliability. When the cloud service owner complains to Cloud
Provider A (the owner of all three clouds) that none of the clouds provide an adequate level of reliability, Cloud Provider A suggests a solution that increases resiliency.
Which of the following statements accurately describes a solution that can be used to fulfill the resiliency requirements of Cloud Service A?
- A. Redundant implementations of Cloud Service A are deployed in all three clouds. The failover system mechanism and a special type of automated scaling listener mechanism are implemented to establish a system whereby one redundant Cloud Service A implementation will automatically take over from another.
- B. A cloud balancing solution is established, whereby an automated scaling listener mechanism is implemented on each cloud in such a way that every cloud can automatically scale out to another cloud. As a result, if reliability problems occur on any one cloud, the subsequent requests will be scaled out to another cloud in a manner that is transparent to cloud service consumers.
- C. A failover system mechanism is implemented on Cloud X, which acts as the primary point of contact for cloud service consumers. Upon failure conditions occurring, the Cloud Service A implementation on Cloud X automatically hands over control of current and future message requests from cloud service consumers to Cloud Y. Cloud Y retains control of cloud service consumer communication until the next failure condition occurs, at which point it hands over control to Cloud Z. Finally, if a failure con
- D. A cloud balancing solution is established, whereby a resource replication mechanism is implemented on each cloud. This allows Cloud Service A to be automatically replicated across cloud environments, thereby enabling each implementation of Cloud Service A to take the place of another, whenever failure conditions occur.
Answer : A
Cloud Service Consumer A accesses Cloud Service A (1) that resides in Cloud X. a private
- A. Moving Cloud Service A to Cloud Y will result in the need for Cloud Service A to undergo integration testing to determine how well it can function within Cloud Y and what changes may need to be made to Cloud Service A in order for it to behave as expected. The integration testing and the subsequent changes required for Cloud Service A to function correctly within Cloud Y will incur integration costs that need to be budgeted for.
- B. Because, in this scenario, the cost of capital is comprised of the up-front costs added to the on-going costs, the cost of capital required to move Cloud Service A to Cloud Y will be higher than upgrading Cloud X to accommodate Cloud Service A' s increased usage.
- C. If the existing infrastructure that currently resides in private Cloud X was purchased specifically in support of Cloud Service A, then there may be a financial loss resulting from moving Cloud Service A out of Cloud X. This can be considered sunk costs that need to be evaluated.
- D. By moving Cloud Service A to Cloud Y, there may be a decrease in operational governance control over the Cloud Service A implementation. This can increase locked-in costs because Cloud Consumer A may be forced to form dependencies upon proprietary tools used to configure and maintain the Cloud Service A implementation.
Answer : A,C,D
31 days access 