1. What is cloud computing?

A. Local storage of data

B. On-premise server management
C. Internet-based computing services
D. Wired networking infrastructure

C. Internet-based computing services

Cloud computing refers to the delivery of computing services, including storage,
processing power, and applications, over the internet.

2. What is the main benefit of using a public cloud service?

A. Enhanced security controls

B. Increased customization options
C. Cost-effective scalability
D. Complete control over infrastructure

C. Cost-effective scalability
Public cloud services offer cost-effective scalability, allowing users to pay for resources
based on their actual usage.

3. Which cloud service model provides virtualized computing resources over the

internet?

A. Infrastructure as a Service (IaaS)

B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Function as a Service (FaaS)

A. Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) provides virtualized computing resources, such as
virtual machines, over the internet.
4. What is the responsibility model in cloud computing?

A. Sharing computing resources with other users

B. Distributing data across multiple servers
C. Defining the division of security responsibilities between the cloud provider and
the customer
D. Virtualizing network infrastructure

C. Defining the division of security responsibilities between the cloud provider and
the customer
The responsibility model in cloud computing defines the division of security
responsibilities between the cloud provider and the customer.

5. What is a common security concern related to multi-tenancy in cloud computing?

A. Lack of internet connectivity

B. Data segregation
C. Limited scalability
D. Insufficient processing power

B. Data segregation
Data segregation is a common security concern in multi-tenancy, where multiple users
share the same resources in a cloud environment.

6. Which encryption technique is commonly used to protect data in transit between a

user and a cloud service?

A. AES (Advanced Encryption Standard)

B. DES (Data Encryption Standard)
C. RSA (Rivest-Shamir-Adleman)
D. MD5 (Message Digest Algorithm 5)

A. AES (Advanced Encryption Standard)

AES (Advanced Encryption Standard) is commonly used to encrypt data in transit in
cloud computing.
7. What is the term for a security attack where an attacker intercepts and alters

communication between two parties in a cloud environment?

A. DDoS attack
B. Man-in-the-Middle (MitM) attack
C. SQL injection
D. Cross-Site Scripting (XSS)

B. Man-in-the-Middle (MitM) attack

A Man-in-the-Middle (MitM) attack involves an attacker intercepting and altering
communication between two parties.

8. What cloud deployment model allows organizations to have the highest level of

control over their infrastructure?

A. Public cloud
B. Private cloud
C. Hybrid cloud
D. Community cloud

B. Private cloud
Private cloud deployment allows organizations to have the highest level of control over
their infrastructure.

9. What is the primary purpose of a Cloud Access Security Broker (CASB)?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Enforcing security policies in cloud services
D. Optimizing cloud resource usage

C. Enforcing security policies in cloud services

CASB enforces security policies in cloud services and ensures secure access to cloud
resources.
10. Which security challenge is associated with the "shared responsibility model" in

cloud computing?

A. Lack of scalability
B. Data segregation
C. Limited customization options
D. Unclear security responsibilities

D. Unclear security responsibilities

The shared responsibility model in cloud computing can lead to unclear security
responsibilities between the cloud provider and the customer.

11. What is the term for the practice of securing data by converting it into a code that

is unreadable without the correct decryption key?

A. Hashing
B. Salting
C. Encryption
D. Tokenization

C. Encryption
Encryption is the practice of securing data by converting it into a code that is
unreadable without the correct decryption key.

12. What is the primary purpose of a Virtual Private Network (VPN) in cloud security?

A. Data storage
B. Network isolation
C. Server management
D. Cloud resource optimization

B. Network isolation
A Virtual Private Network (VPN) in cloud security provides network isolation to secure
communication over the internet.
13. What is the term for a security attack where an attacker tries to exploit

vulnerabilities in a cloud service by injecting malicious SQL code?

A. DDoS attack
B. SQL injection
C. Man-in-the-Middle (MitM) attack
D. Cross-Site Scripting (XSS)

B. SQL injection
SQL injection is a security attack where an attacker injects malicious SQL code to exploit
vulnerabilities in a cloud service.

14. What is the purpose of a Security Information and Event Management (SIEM)

system in cloud security?

A. Managing cloud infrastructure

B. Monitoring and analyzing security events
C. Enforcing data privacy policies
D. Optimizing cloud resource usage

B. Monitoring and analyzing security events

SIEM systems in cloud security are used for monitoring and analyzing security events to
detect and respond to security incidents.

15. Which authentication method involves using a combination of something the user

knows and something the user possesses?

A. Single Sign-On (SSO)

B. Multi-Factor Authentication (MFA)
C. Biometric authentication
D. OAuth authentication

B. Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) involves using a combination of something the user
knows (password) and something the user possesses (token, smartphone, etc.).
16. What is the purpose of tokenization in cloud security?

A. Encrypting data at rest

B. Authenticating users
C. Securing communication channels
D. Protecting sensitive data

D. Protecting sensitive data

Tokenization in cloud security involves replacing sensitive data with a token to protect
the original data.

17. What is the term for a cloud security model where data is stored in multiple

locations to ensure availability and resilience?

A. Data encryption
B. Data segregation
C. Data mirroring
D. Data redundancy

D. Data redundancy
Data redundancy is a cloud security model where data is stored in multiple locations to
ensure availability and resilience.

18. What cloud deployment model involves using a combination of private and public

clouds to host an organization's applications?

A. Public cloud
B. Private cloud
C. Hybrid cloud
D. Community cloud

C. Hybrid cloud
Hybrid cloud deployment involves using a combination of private and public clouds to
host an organization's applications.
19. What is the term for a security measure that restricts user access to only the

information and resources necessary for their role?

A. Least privilege principle

B. Role-based access control
C. Network segmentation
D. Identity and Access Management (IAM)

B. Role-based access control

Role-based access control (RBAC) restricts user access based on their roles, ensuring
they only have access to necessary information and resources.

20. What is the primary goal of a Distributed Denial of Service (DDoS) attack in the

context of cloud security?

A. Data theft
B. Unauthorized access
C. Disrupting service availability
D. Code injection

C. Disrupting service availability

The primary goal of a DDoS attack in the context of cloud security is to disrupt service
availability by overwhelming the targeted system with a flood of traffic.

21. Which cloud service model provides a platform that allows customers to develop,

run, and manage applications without dealing with the complexity of building and

maintaining the infrastructure?

A. Infrastructure as a Service (IaaS)

B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Function as a Service (FaaS)

B. Platform as a Service (PaaS)

Platform as a Service (PaaS) provides a platform that allows customers to develop, run,
and manage applications without dealing with the underlying infrastructure.
22. What is the term for the process of securing data by applying a mathematical

function to generate a fixed-size string of characters?

A. Hashing
B. Salting
C. Encryption
D. Tokenization

A. Hashing
Hashing is the process of securing data by applying a mathematical function to generate
a fixed-size string of characters.

23. What is the purpose of Cloud Security Posture Management (CSPM)?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Assessing and maintaining security configurations in the cloud
D. Optimizing cloud resource usage

C. Assessing and maintaining security configurations in the cloud

Cloud Security Posture Management (CSPM) is used for assessing and maintaining
security configurations in the cloud.

24. What is the term for a security attack where an attacker tricks a user into

revealing sensitive information by pretending to be a trustworthy entity?

A. DDoS attack
B. Phishing attack
C. SQL injection
D. Cross-Site Scripting (XSS)

B. Phishing attack
A phishing attack involves an attacker tricking a user into revealing sensitive
information by pretending to be a trustworthy entity.

25. What cloud service model provides end-users with access to software

applications over the internet without the need for installation on their devices?
A. Infrastructure as a Service (IaaS)
B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Function as a Service (FaaS)

C. Software as a Service (SaaS)

Software as a Service (SaaS) provides end-users with access to software applications
over the internet without the need for installation on their devices.

26. What is the primary goal of Cloud Security Access Brokers (CSAB)?

A. Ensuring data privacy

B. Managing cloud infrastructure
C. Enforcing security policies in cloud services
D. Optimizing cloud resource usage

C. Enforcing security policies in cloud services

Cloud Security Access Brokers (CSAB) enforce security policies in cloud services and
ensure secure access to cloud resources.

27. What is the term for a security attack where an attacker injects malicious scripts

into web pages viewed by other users?

A. DDoS attack
B. Phishing attack
C. SQL injection
D. Cross-Site Scripting (XSS)

D. Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is a security attack where an attacker injects malicious scripts
into web pages viewed by other users.

28. What is the purpose of a Web Application Firewall (WAF) in cloud security?

A. Managing cloud infrastructure

B. Protecting against DDoS attacks
C. Enforcing security policies for web applications
D. Optimizing cloud resource usage

C. Enforcing security policies for web applications

A Web Application Firewall (WAF) in cloud security is used to enforce security policies
for web applications and protect against various web-based attacks.

29. What is the term for a security measure that separates a network into segments

to prevent unauthorized access to sensitive data?

A. Least privilege principle

B. Role-based access control
C. Network segmentation
D. Identity and Access Management (IAM)

C. Network segmentation
Network segmentation is a security measure that separates a network into segments to
prevent unauthorized access to sensitive data.

30. Which cloud deployment model involves providing cloud services to a specific

group of organizations with shared interests or requirements?

A. Public cloud
B. Private cloud
C. Hybrid cloud
D. Community cloud

D. Community cloud
Community cloud deployment involves providing cloud services to a specific group of
organizations with shared interests or requirements.

31. What is the term for a cloud security model where resources are allocated
dynamically based on demand, allowing for efficient resource utilization?

A. Elasticity
B. Redundancy
C. Scalability
D. Virtualization

A. Elasticity
Elasticity in cloud computing allows resources to be allocated dynamically based on
demand, ensuring efficient resource utilization.
32. Which cloud service model provides on-demand access to computing resources,

including servers, storage, and networking, without the need for physical hardware?

A. Infrastructure as a Service (IaaS)

B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Function as a Service (FaaS)

A. Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) provides on-demand access to computing resources
without the need for physical hardware

33. What is the term for a security measure that monitors and controls network traffic

between virtual machines within a cloud environment?

A. Intrusion Detection System (IDS)

B. Network Address Translation (NAT)
C. Virtual Private Network (VPN)
D. Microsegmentation

D. Microsegmentation
Microsegmentation is a security measure that monitors and controls network traffic
between virtual machines within a cloud environment.

34. What cloud deployment model involves sharing cloud resources among multiple

organizations with similar security and compliance requirements?

A. Public cloud
B. Private cloud
C. Hybrid cloud
D. Community cloud

D. Community cloud
Community cloud deployment involves sharing cloud resources among multiple
organizations with similar security and compliance requirements.
35. What is the primary goal of a Cloud Service Level Agreement (SLA)?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Defining the terms and conditions of service between a cloud provider and a
customer
D. Optimizing cloud resource usage

C. Defining the terms and conditions of service between a cloud provider and a
customer
A Cloud Service Level Agreement (SLA) defines the terms and conditions of service
between a cloud provider and a customer.

36. What is the term for a cloud security measure that involves authenticating and

authorizing users and devices to access cloud resources?

A. Least privilege principle

B. Role-based access control
C. Identity and Access Management (IAM)
D. Network segmentation

C. Identity and Access Management (IAM)

Identity and Access Management (IAM) involves authenticating and authorizing users
and devices to access cloud resources.

37. What is the purpose of Data Loss Prevention (DLP) in cloud security?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Monitoring and preventing the unauthorized transmission of sensitive data
D. Optimizing cloud resource usage

C. Monitoring and preventing the unauthorized transmission of sensitive data

Data Loss Prevention (DLP) in cloud security involves monitoring and preventing the
unauthorized transmission of sensitive data.

38. What is the term for a cloud security measure that involves encrypting data

stored in the cloud to protect it from unauthorized access?

A. Data mirroring
B. Data encryption
C. Data redundancy
D. Data segregation

B. Data encryption
Data encryption in cloud security involves encrypting data stored in the cloud to protect
it from unauthorized access.

39. Which cloud security model provides a set of controls and best practices for

securing information in the cloud?

A. Cloud Access Security Broker (CASB)

B. Cloud Security Posture Management (CSPM)
C. Cloud Security Alliance (CSA)
D. Cloud Service Level Agreement (SLA)

C. Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA) provides a set of controls and best practices for securing
information in the cloud.

40. What is the purpose of a Cloud Access Security Broker (CASB) in cloud

security?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Enforcing security policies in cloud services
D. Optimizing cloud resource usage

C. Enforcing security policies in cloud services

CASB enforces security policies in cloud services and ensures secure access to cloud
resources.
41. What is the term for a security measure that involves creating backups of data to

prevent data loss in the event of a security incident or system failure?

A. Data mirroring
B. Data encryption
C. Data redundancy
D. Data segregation

C. Data redundancy
Data redundancy involves creating backups of data to prevent data loss in the event of a
security incident or system failure.

42. What is the purpose of a Cloud Security Information and Event Management

(SIEM) system?

A. Managing cloud infrastructure

B. Monitoring and analyzing security events in the cloud
C. Enforcing data privacy policies
D. Optimizing cloud resource usage

B. Monitoring and analyzing security events in the cloud

Cloud Security Information and Event Management (SIEM) systems are used for
monitoring and analyzing security events in the cloud.

43. Which cloud deployment model involves using both on-premise infrastructure

and cloud services to host an organization's applications?

A. Public cloud
B. Private cloud
C. Hybrid cloud
D. Community cloud

C. Hybrid cloud
Hybrid cloud deployment involves using both on-premise infrastructure and cloud
services to host an organization's applications.

44. What is the purpose of Cloud Security Posture Management (CSPM) in cloud
security?
A. Managing cloud infrastructure
B. Ensuring data privacy
C. Assessing and maintaining security configurations in the cloud
D. Optimizing cloud resource usage

C. Assessing and maintaining security configurations in the cloud

CSPM is used for assessing and maintaining security configurations in the cloud.

45. What is the term for a security attack where an attacker floods a network or

system with traffic to disrupt its normal functioning?

A. DDoS attack
B. Man-in-the-Middle (MitM) attack
C. SQL injection
D. Cross-Site Scripting (XSS)

A. DDoS attack
A Distributed Denial of Service (DDoS) attack involves flooding a network or system
with traffic to disrupt its normal functioning.

46. Which cloud service model provides a runtime environment for executing code in

response to events without the need for server management?

A. Infrastructure as a Service (IaaS)

B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Function as a Service (FaaS)

D. Function as a Service (FaaS)

Function as a Service (FaaS) provides a runtime environment for executing code in
response to events without the need for server management.

47. What is the term for a cloud security measure that involves monitoring and

controlling user access to cloud resources based on predefined policies?

A. Least privilege principle

B. Role-based access control
C. Identity and Access Management (IAM)
D. Network segmentation
B. Role-based access control
Role-based access control (RBAC) involves monitoring and controlling user access to
cloud resources based on predefined policies.

48. What is the primary purpose of a Cloud Security Access Broker (CSAB) in cloud

security?

A. Ensuring data privacy

B. Managing cloud infrastructure
C. Enforcing security policies in cloud services
D. Optimizing cloud resource usage

C. Enforcing security policies in cloud services

CSAB enforces security policies in cloud services and ensures secure access to cloud
resources.

49. What is the term for a security measure that involves monitoring and analyzing

user activities in the cloud to detect and respond to suspicious behavior?

A. Intrusion Detection System (IDS)

B. Security Information and Event Management (SIEM)
C. Virtual Private Network (VPN)
D. Network Address Translation (NAT)

B. Security Information and Event Management (SIEM)

SIEM is a security measure that involves monitoring and analyzing user activities in the
cloud to detect and respond to suspicious behavior.

50. What is the purpose of Cloud Security Posture Management (CSPM) in cloud

security?

A. Managing cloud infrastructure

B. Ensuring data privacy
C. Assessing and maintaining security configurations in the cloud
D. Optimizing cloud resource usage

C. Assessing and maintaining security configurations in the cloud

CSPM is used for assessing and maintaining security configurations in the cloud.