Topic 1: Exam Pool A
Every cloud service provider that opts to join the CSA STAR program registry must
complete a ___________.
A.
SOC 2, Type 2 audit report
B.
Consensus Assessment Initiative Questionnaire (CAIQ)
C.
NIST 800-37 RMF audit
D.
ISO 27001 ISMS review
Consensus Assessment Initiative Questionnaire (CAIQ)
Which of the following best describes SAML?
Response:
A.
A standard for developing secure application management logistics
B.
A standard for exchanging authentication and authorization data between security
domains
C.
A standard for exchanging usernames and passwords across devices
D.
A standard used for directory synchronization
A standard for exchanging authentication and authorization data between security
domains
All of the following are terms used to described the practice of obscuring original raw data
so that only a portion is displayed for operational purposes, except:
Response:
A.
Tokenization
B.
Data discovery
C.
Obfuscation
Data discovery
Who should be the only entity allowed to declare that an organization can return to normal
following contingency or BCDR operations?
Response:
A.
Regulators
B.
Law enforcement
C.
The incident manager
D.
Senior management
Senior management
You work for a government research facility. Your organization often shares data
with other government research organizations.
You would like to create a single sign-on experience across the organizations, where
users at each organization can sign in with the user ID/authentication issued by that
organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other
organization (which is one way of accomplishing this goal), you instead want every
user to have access to each organization’s specific storage resources.
If you don’t use cross-certification, what other model can you implement for this
purpose?
Response:
A.
Third-party identity broker
B.
Cloud reseller
C.
Intractable nuanced variance
D.
Mandatory access control (MAC)
Third-party identity broker
Page 15 out of 103 Pages |
Previous |