Q.1 What is the primary goal of cloud security?
To ensure high availability of cloud services
To protect cloud data, applications, and infrastructure from threats
To reduce cloud service costs
To improve network speed in the cloud
Explanation - Cloud security focuses on safeguarding data, applications, and infrastructure from unauthorized access, data breaches, and other cyber threats.
Correct answer is: To protect cloud data, applications, and infrastructure from threats
Q.2 Which of the following is a common method for securing data at rest in the cloud?
Using firewalls
Data encryption
Load balancing
Caching
Explanation - Data at rest is often encrypted to prevent unauthorized access, ensuring that even if data is stolen, it cannot be read without the encryption key.
Correct answer is: Data encryption
Q.3 What is multi-factor authentication (MFA) used for in cloud security?
To improve system performance
To provide additional verification for user access
To reduce storage costs
To monitor network traffic
Explanation - MFA adds an extra layer of security by requiring multiple forms of verification, such as passwords and one-time codes, to access cloud services.
Correct answer is: To provide additional verification for user access
Q.4 Which cloud security model allows organizations to control physical infrastructure while outsourcing services?
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Explanation - A private cloud is operated solely for a single organization, allowing control over infrastructure, security policies, and data.
Correct answer is: Private Cloud
Q.5 Which of the following is a potential risk of storing data in the public cloud?
Increased hardware costs
Data breaches and unauthorized access
Slower computation speeds
Difficult system updates
Explanation - Public cloud environments are accessible over the internet and can be targets for cyber attacks, making data breaches a primary concern.
Correct answer is: Data breaches and unauthorized access
Q.6 What is the purpose of a cloud access security broker (CASB)?
To act as a firewall for cloud storage
To monitor and enforce security policies across cloud services
To manage cloud service subscriptions
To improve cloud server performance
Explanation - CASBs provide visibility and control over cloud services, ensuring compliance and security policy enforcement.
Correct answer is: To monitor and enforce security policies across cloud services
Q.7 Which technique is used to ensure data privacy in multi-tenant cloud environments?
Data isolation
Load balancing
Caching
Data compression
Explanation - Data isolation ensures that each tenant's data is kept separate and secure from other tenants sharing the same physical infrastructure.
Correct answer is: Data isolation
Q.8 What type of attack involves injecting malicious code into cloud applications?
Denial-of-service attack
SQL injection attack
Phishing attack
Man-in-the-middle attack
Explanation - SQL injection attacks exploit vulnerabilities in applications to inject malicious SQL queries, potentially compromising data in cloud databases.
Correct answer is: SQL injection attack
Q.9 Which compliance standard focuses on protecting personal health information in cloud environments?
ISO 27001
HIPAA
PCI-DSS
GDPR
Explanation - HIPAA (Health Insurance Portability and Accountability Act) sets standards for protecting sensitive patient health information, including in cloud storage and services.
Correct answer is: HIPAA
Q.10 In cloud security, what is the main purpose of logging and monitoring?
To optimize storage utilization
To track access and detect security incidents
To encrypt network traffic
To manage cloud subscriptions
Explanation - Logging and monitoring allow organizations to track who accessed what data and detect anomalies or unauthorized activities, helping to prevent breaches.
Correct answer is: To track access and detect security incidents
Q.11 Which of the following best describes data sovereignty in the cloud?
Data must be encrypted
Data must reside in a specific geographic location and comply with local laws
Data is shared between all cloud tenants
Data is automatically backed up
Explanation - Data sovereignty refers to the requirement that data stored in the cloud must follow the regulations of the country where it resides.
Correct answer is: Data must reside in a specific geographic location and comply with local laws
Q.12 What is the primary risk of insider threats in cloud environments?
Physical damage to servers
Unauthorized access and data leaks by employees or administrators
Poor network performance
High operational costs
Explanation - Insider threats arise from individuals within the organization misusing access privileges, potentially compromising sensitive cloud data.
Correct answer is: Unauthorized access and data leaks by employees or administrators
Q.13 Which encryption method is commonly used for data in transit to the cloud?
AES-256
TLS/SSL
RSA
SHA-256
Explanation - TLS (Transport Layer Security) and SSL (Secure Sockets Layer) encrypt data during transmission between users and cloud servers, preventing interception.
Correct answer is: TLS/SSL
Q.14 Which security principle involves giving users the minimum access necessary to perform their tasks?
Defense in depth
Least privilege
Role-based access
Segregation of duties
Explanation - The principle of least privilege limits access rights to the minimum necessary, reducing the risk of misuse or accidental data exposure.
Correct answer is: Least privilege
Q.15 Which of the following attacks targets cloud services by overwhelming resources to make them unavailable?
DDoS attack
Man-in-the-middle attack
Phishing attack
SQL injection
Explanation - Distributed Denial-of-Service (DDoS) attacks flood cloud services with traffic, causing downtime and preventing legitimate users from accessing services.
Correct answer is: DDoS attack
Q.16 What is the main purpose of cloud security policies?
To define how data and resources are protected in the cloud
To improve cloud performance
To reduce storage costs
To speed up data transfer
Explanation - Security policies establish rules and guidelines for securing cloud resources, ensuring consistent and effective protection.
Correct answer is: To define how data and resources are protected in the cloud
Q.17 Which of the following is a privacy concern in multi-tenant public clouds?
Service downtime
Data leakage between tenants
Slow response times
High operational costs
Explanation - In multi-tenant environments, improper isolation could result in one tenant gaining access to another tenant’s data, posing privacy risks.
Correct answer is: Data leakage between tenants
Q.18 What type of cloud security control is encryption considered?
Physical control
Technical control
Administrative control
Legal control
Explanation - Technical controls use technology to protect systems and data, including encryption, firewalls, and intrusion detection systems.
Correct answer is: Technical control
Q.19 Which international standard provides a framework for managing information security in cloud services?
ISO 9001
ISO 27001
HIPAA
SOC 2
Explanation - ISO 27001 specifies requirements for establishing, implementing, and maintaining an information security management system (ISMS), applicable to cloud services.
Correct answer is: ISO 27001
Q.20 Which type of attack in cloud environments involves eavesdropping on communications between a client and server?
Man-in-the-middle attack
DDoS attack
SQL injection
Brute force attack
Explanation - A man-in-the-middle attack intercepts communications, allowing attackers to read or alter data in transit between cloud clients and servers.
Correct answer is: Man-in-the-middle attack
Q.21 Which cloud security mechanism verifies the identity of users or devices before granting access?
Authentication
Encryption
Auditing
Logging
Explanation - Authentication ensures that only legitimate users or devices can access cloud resources, typically using passwords, tokens, or biometric verification.
Correct answer is: Authentication
Q.22 Which term describes the practice of continuously assessing and improving cloud security?
Cloud governance
Security auditing
Cloud orchestration
DevOps
Explanation - Security auditing involves regularly reviewing cloud systems and policies to detect vulnerabilities and ensure ongoing protection against threats.
Correct answer is: Security auditing
Q.23 Which cloud privacy regulation protects personal data of EU citizens?
HIPAA
PCI-DSS
GDPR
ISO 27001
Explanation - The General Data Protection Regulation (GDPR) mandates how organizations must handle personal data of EU citizens, including in cloud storage and processing.
Correct answer is: GDPR
Q.24 Which security strategy layers multiple defensive mechanisms to protect cloud systems?
Zero Trust
Defense in depth
Least privilege
Single sign-on
Explanation - Defense in depth uses multiple security layers, such as firewalls, intrusion detection, encryption, and access controls, to strengthen protection.
Correct answer is: Defense in depth