Q.1 Which of the following is a primary security concern in cloud computing?
Data breach
Faster internet
Reduced storage
Lower latency
Explanation - Data breaches are a major concern in cloud computing as sensitive information is stored and processed off-premises.
Correct answer is: Data breach
Q.2 What does 'encryption at rest' mean in cloud security?
Data is encrypted while being transmitted
Data is encrypted while stored
Data is deleted after use
Data is public by default
Explanation - Encryption at rest refers to encrypting data while it is stored on cloud servers, protecting it from unauthorized access.
Correct answer is: Data is encrypted while stored
Q.3 Which model of cloud service is most responsible for securing the underlying infrastructure?
IaaS
PaaS
SaaS
All of the above
Explanation - In IaaS, the cloud provider secures the infrastructure (servers, storage, network), while the customer secures the operating systems and applications.
Correct answer is: IaaS
Q.4 What is the purpose of multi-factor authentication (MFA) in cloud security?
To provide backup storage
To verify user identity using multiple methods
To reduce network latency
To encrypt data automatically
Explanation - MFA enhances security by requiring users to provide two or more verification factors to access cloud resources.
Correct answer is: To verify user identity using multiple methods
Q.5 Which of the following is an example of a cloud security threat?
SQL Injection
DDoS attack
Data leakage
All of the above
Explanation - Cloud environments are vulnerable to various threats, including SQL injection, DDoS attacks, and data leakage.
Correct answer is: All of the above
Q.6 In cloud security, what does 'shared responsibility model' imply?
Customer is responsible for everything
Provider is responsible for everything
Responsibilities are divided between provider and customer
No one is responsible
Explanation - The shared responsibility model defines which security tasks are handled by the cloud provider and which by the customer.
Correct answer is: Responsibilities are divided between provider and customer
Q.7 Which cloud deployment model allows exclusive use by a single organization?
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Explanation - A private cloud is dedicated to one organization, offering more control and security compared to public cloud.
Correct answer is: Private Cloud
Q.8 What is a common method to protect cloud data from unauthorized access?
Data replication
Encryption
Caching
Load balancing
Explanation - Encrypting data both at rest and in transit is a key method to protect sensitive cloud information from unauthorized access.
Correct answer is: Encryption
Q.9 Which type of attack targets cloud infrastructure by overwhelming it with traffic?
Phishing
DDoS attack
Ransomware
Man-in-the-middle
Explanation - A Distributed Denial of Service (DDoS) attack floods cloud services with traffic, causing disruption or downtime.
Correct answer is: DDoS attack
Q.10 What is the primary purpose of an Identity and Access Management (IAM) system in the cloud?
Monitor network latency
Manage user permissions and roles
Encrypt storage disks
Provide backup solutions
Explanation - IAM systems control access to cloud resources by managing user identities, roles, and permissions.
Correct answer is: Manage user permissions and roles
Q.11 Which security measure ensures that data is unreadable to unauthorized parties during transmission?
Encryption in transit
Data backup
Server replication
Load balancing
Explanation - Encryption in transit protects data from interception by encrypting it while being transmitted over networks.
Correct answer is: Encryption in transit
Q.12 What is the main risk of using public cloud services for sensitive data?
Limited scalability
Shared infrastructure leading to possible data exposure
Slower performance
Higher cost
Explanation - Public clouds share resources among multiple users, increasing the risk of unauthorized access if security is misconfigured.
Correct answer is: Shared infrastructure leading to possible data exposure
Q.13 Which regulatory standard focuses on protecting healthcare data in the cloud?
PCI DSS
HIPAA
ISO 27001
GDPR
Explanation - HIPAA sets standards for protecting sensitive patient health information stored or transmitted in the cloud.
Correct answer is: HIPAA
Q.14 Which cloud security tool monitors and analyzes suspicious activities in real-time?
Firewall
SIEM (Security Information and Event Management)
VPN
Load balancer
Explanation - SIEM systems collect and analyze logs from various cloud resources to detect and respond to security incidents.
Correct answer is: SIEM (Security Information and Event Management)
Q.15 What type of cloud attack involves impersonating a legitimate cloud service?
Phishing
Man-in-the-middle
Cloud spoofing
SQL Injection
Explanation - Cloud spoofing is when attackers create fake cloud services to trick users into revealing sensitive information.
Correct answer is: Cloud spoofing
Q.16 Which of the following ensures secure deletion of data in the cloud?
Data shredding
Load balancing
Caching
Replication
Explanation - Data shredding or secure erasure ensures that deleted cloud data cannot be recovered by unauthorized users.
Correct answer is: Data shredding
Q.17 Which cloud security practice helps in mitigating insider threats?
Regular audits and monitoring
Faster internet speeds
Cloud bursting
Data replication
Explanation - Regular audits and activity monitoring can detect and prevent malicious or accidental insider actions.
Correct answer is: Regular audits and monitoring
Q.18 What is the role of a cloud access security broker (CASB)?
To provide high-speed cloud connections
To enforce security policies between cloud users and providers
To store backup data
To monitor CPU usage
Explanation - CASBs act as intermediaries to enforce security policies, monitor activity, and ensure compliance in cloud services.
Correct answer is: To enforce security policies between cloud users and providers
Q.19 Which of the following is a key advantage of using tokenization in cloud security?
Reduces data storage cost
Protects sensitive data by replacing it with tokens
Speeds up network performance
Improves server uptime
Explanation - Tokenization replaces sensitive data with non-sensitive placeholders (tokens), protecting original data from exposure.
Correct answer is: Protects sensitive data by replacing it with tokens
Q.20 What is the main purpose of regular vulnerability assessments in cloud environments?
Increase storage capacity
Identify and fix security weaknesses
Boost internet speed
Reduce cloud costs
Explanation - Vulnerability assessments help detect potential security flaws in cloud systems, allowing proactive mitigation.
Correct answer is: Identify and fix security weaknesses
Q.21 Which cloud security standard focuses on international information security management?
ISO 27001
HIPAA
PCI DSS
GDPR
Explanation - ISO 27001 provides a framework for implementing, maintaining, and improving information security management systems globally.
Correct answer is: ISO 27001
Q.22 Which type of cloud service requires the customer to secure only the application while the provider secures the rest?
SaaS
PaaS
IaaS
Hybrid Cloud
Explanation - In Platform as a Service (PaaS), the provider secures the infrastructure and platform, while the customer manages application security.
Correct answer is: PaaS
Q.23 What does 'data residency' mean in cloud computing?
Location where data is physically stored
Backup frequency of data
Data encryption method
Network latency
Explanation - Data residency refers to the physical location of cloud-stored data, which can have legal and compliance implications.
Correct answer is: Location where data is physically stored
Q.24 Which of the following is considered a best practice for securing cloud APIs?
Using strong authentication and encryption
Reducing server memory
Disabling logging
Increasing latency intentionally
Explanation - Securing cloud APIs with strong authentication and encryption prevents unauthorized access and data leaks.
Correct answer is: Using strong authentication and encryption
Q.25 Which attack exploits vulnerabilities in virtual machines or containers in cloud environments?
VM escape
Phishing
SQL Injection
DDoS attack
Explanation - VM escape attacks allow attackers to break out of a virtual machine or container to gain access to the host system or other VMs.
Correct answer is: VM escape