Which of the following statements is true in regards to Data Loss Prevention (DLP)?
Select the best definition of “compliance” from the options below.
When deploying Security as a Service in a highly regulated industry or environment, what should both parties agree on in advance and include in the SLA?
Which opportunity helps reduce common application security issues?
CCM: The following list of controls belong to which domain of the CCM?
GRM 06 – Policy GRM 07 – Policy Enforcement GRM 08 – Policy Impact on Risk Assessments GRM 09 – Policy Reviews GRM 10 – Risk Assessments GRM 11 – Risk Management Framework
Any given processor and memory will nearly always be running multiple workloads, often from different tenants.
What method can be utilized along with data fragmentation to enhance security?
All assets require the same continuity in the cloud.
What should every cloud customer set up with its cloud service provider (CSP) that can be utilized in the event of an incident?
ENISA: Lock-in is ranked as a high risk in ENISA research, a key underlying vulnerability causing lock in is:
If there are gaps in network logging data, what can you do?
What is defined as the process by which an opposing party may obtain private documents for use in litigation?
When configured properly, logs can track every code, infrastructure, and configuration change and connect it back to the submitter and approver, including the test results.
In which deployment model should the governance strategy consider the minimum common set of controls comprised of the Cloud Service Provider contract and the organization's internal governance agreements?
Which of the following statements best defines the "authorization" as a component of identity, entitlement, and access management?
CCM: A hypothetical start-up company called "ABC" provides a cloud based IT management solution. They are growing rapidly and therefore need to put controls in place in order to manage any changes in
their production environment. Which of the following Change Control & Configuration Management production environment specific control should they implement in this scenario?