InterviewSolution
Saved Bookmarks
InterviewSolution
This section includes InterviewSolutions, each offering curated multiple-choice questions to sharpen your knowledge and support exam preparation. Choose a topic below to get started.
| 1. |
__________ allows users to authenticate their access to applications both locally and in the cloud with a claims-based identity.(a) AD FS(b) AC(c) SAS(d) None of the mentionedI got this question by my school principal while I was bunking the class.This interesting question is from Identity Protocol Standards in division Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT answer is (a) AD FS To explain I would say: AD FS uses WS-Federation, WS-Trust, and SAML, which allows USERS to access a system based on IBM, Novel, SAP, and MANY other vendors. |
|
| 2. |
Which of the following foundation offers .NET developers Visual Studio integration of WS-Federation and WS-Trust open standards?(a) Windows Workflow(b) Windows Identity(c) Windows compliance(d) None of the mentionedI got this question in semester exam.This intriguing question originated from Identity Protocol Standards topic in portion Cloud Management and Security of Cloud Computing |
|
Answer» Correct ANSWER is (B) Windows Identity |
|
| 3. |
Which of the following provides a token service that can be used to present validated access to resources?(a) OAuth(b) OCheck(c) SAML(d) None of the mentionedI got this question in an internship interview.I would like to ask this question from Identity Protocol Standards topic in division Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT answer is (a) OAUTH To EXPLAIN I would SAY: OAuth is similar to OpenID. |
|
| 4. |
Which of the following entity queries the OpenID identity provider to authenticate the veracity of the OpenID credentials?(a) serving party(b) relieving party(c) relaying party(d) none of the mentionedI had been asked this question in an online quiz.This key question is from Identity Protocol Standards in division Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT choice is (c) relaying party For explanation I would say: The OpenID is presented to a service that provides ACCESS to the RESOURCE that is DESIRED. |
|
| 5. |
Which of the following standard is the key to creating Single Sign-On (SSO) systems?(a) OpenID 2.0(b) CHAP(c) SMAL(d) None of the mentionedThe question was asked in class test.I need to ask this question from Identity Protocol Standards in section Cloud Management and Security of Cloud Computing |
|
Answer» Right OPTION is (a) OPENID 2.0 |
|
| 6. |
Which of the following is a complementary mechanism to OpenID and is used to create SSO systems?(a) OpenSSL(b) CHAP(c) SMAL(d) None of the mentionedThis question was posed to me in semester exam.This is a very interesting question from Identity Protocol Standards in division Cloud Management and Security of Cloud Computing |
|
Answer» Correct option is (c) SMAL |
|
| 7. |
Point out the wrong statement.(a) OpenID 2.0 is the standard associated with creating an identity(b) OpenID doesn’t specify the means for authentication of identity(c) OpenID provides access to important Web sites(d) None of the mentionedThis question was posed to me in an interview.Question is taken from Identity Protocol Standards in section Cloud Management and Security of Cloud Computing |
|
Answer» Correct answer is (d) None of the mentioned |
|
| 8. |
Which of the following is required by Cloud Computing?(a) That you establish an identity(b) That the identity be authenticated(c) That the authentication be portable(d) All of the mentionedI have been asked this question during an online interview.The question is from Identity Protocol Standards in section Cloud Management and Security of Cloud Computing |
|
Answer» Correct option is (d) All of the mentioned |
|
| 9. |
Which of the following is one of the most actively developing and important areas of cloud computing technology?(a) Logging(b) Auditing(c) Regulatory compliance(d) None of the mentionedThis question was addressed to me in my homework.This interesting question is from Security Data topic in section Cloud Management and Security of Cloud Computing |
|
Answer» The correct choice is (C) Regulatory compliance |
|
| 10. |
Which of the following is done by Identity management?(a) controlling access to data in the cloud(b) maintaining user roles(c) preventing unauthorized uses(d) all of the mentionedThis question was posed to me in class test.The above asked question is from Identity Protocol Standards in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Correct choice is (d) all of the mentioned |
|
| 11. |
Amazon Web Services supports ________ Type II Audits.(a) SAS70(b) SAS20(c) SAS702(d) None of the mentionedThis question was posed to me by my school teacher while I was bunking the class.Origin of the question is Security Data in section Cloud Management and Security of Cloud Computing |
|
Answer» Correct option is (a) SAS70 |
|
| 12. |
Point out the correct statement.(a) Identities are not tied to the concept of accounts and can be used for contacts or “ID cards”(b) Identities are important from a reliability standpoint(c) Presence is important in cloud computing because it adds context that can modify services and service delivery(d) All of the mentionedI got this question during an online exam.My question is taken from Identity Protocol Standards in section Cloud Management and Security of Cloud Computing |
|
Answer» The correct OPTION is (c) Presence is important in cloud COMPUTING because it adds context that can modify services and SERVICE delivery |
|
| 13. |
Which of the following was one of the weaker aspects of early cloud computing service offerings?(a) Logging(b) Integrity checking(c) Consistency checking(d) None of the mentionedI got this question during an interview for a job.This intriguing question originated from Security Data in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Right OPTION is (a) Logging |
|
| 14. |
Which of the following is the standard for interoperable cloud-based key management?(a) KMIP(b) PMIK(c) AIMK(d) None of the mentionedThis question was posed to me in an international level competition.This interesting question is from Security Data in portion Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT option is (a) KMIP |
|
| 15. |
Which of the following are a common means for losing encrypted data?(a) lose the keys(b) lose the encryption standard(c) lose the account(d) all of the mentionedThis question was posed to me during an interview.My query is from Security Data in division Cloud Management and Security of Cloud Computing |
|
Answer» The correct CHOICE is (a) lose the KEYS |
|
| 16. |
Point out the wrong statement.(a) Securing data sent to, received from, and stored in the cloud is the single largest security concern(b) The problem with the data you store in the cloud is that it can be located anywhere in the cloud service provider’s system(c) One and only approach to isolating storage in the cloud from direct client access is to create layered access to the data(d) All of the mentionedI have been asked this question by my college professor while I was bunking the class.Enquiry is from Security Data in section Cloud Management and Security of Cloud Computing |
|
Answer» Correct OPTION is (c) One and only approach to isolating STORAGE in the cloud from direct client access is to CREATE layered access to the data |
|
| 17. |
How many security accounts per client is provided by Microsoft?(a) 1(b) 3(c) 5(d) 7I got this question during an online exam.The origin of the question is Security Data in division Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT ANSWER is (c) 5 To explain: On Amazon Web Service, you can create multiple keys and ROTATE those keys during DIFFERENT SESSIONS. |
|
| 18. |
Which of the following is a key mechanism for protecting data?(a) Access control(b) Auditing(c) Authentication(d) All of the mentionedI have been asked this question in class test.I need to ask this question from Security Data in chapter Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT answer is (d) All of the mentioned To EXPLAIN I would say: WHATEVER SERVICE model you choose should have mechanisms operating in all above mentioned areas that meet your security requirements. |
|
| 19. |
Point out the correct statement.(a) The cloud service model you choose does not determine the variety of security features, compliance auditing, and other requirements(b) To determine the particular security mechanisms you need, you must perform a mapping of the particular cloud service model to the particular application you are deploying(c) A security control model includes the security that you normally use for your applications only(d) All of the mentionedI have been asked this question in an internship interview.My question is based upon Security Data topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT option is (b) To determine the particular security mechanisms you need, you must perform a mapping of the particular cloud SERVICE model to the particular application you are deploying The BEST explanation: These mechanisms must be supported by the various controls that are provided by your service provider, your ORGANIZATION, or a THIRD party. |
|
| 20. |
Which of the following is a compliance standard?(a) PCI-DSS(b) HIPPA(c) GLBA(d) All of the mentionedThis question was posed to me in an interview for internship.My doubt is from Security Data topic in division Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT option is (d) All of the mentioned To elaborate: A compliance standard can be any GOVERNMENT REGULATORY framework. |
|
| 21. |
Which of the following has infrastructure security managed and owned by the vendor?(a) Hybrid(b) Private/Community(c) Public(d) None of the mentionedThis question was addressed to me during an interview.My query is from Security Service Boundary topic in division Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT answer is (B) Private/Community Explanation: Cloud computing has a tendency to BLUR the LOCATION of the defined security perimeter in such a way that the PREVIOUS notions of network firewalls and edge defenses often no longer apply. |
|
| 22. |
Which of the following model type is not trusted in terms of security?(a) Public(b) Private(c) Hybrid(d) None of the mentionedThe question was asked during an interview.I need to ask this question from Security Service Boundary in portion Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT ANSWER is (a) Public Best EXPLANATION: It is OWNED by a VENDOR. |
|
| 23. |
Which of the following service model is owned in terms of infrastructure by both vendor and customer?(a) Public(b) Private(c) Hybrid(d) None of the mentionedI have been asked this question during an interview for a job.I'm obligated to ask this question of Security Service Boundary topic in division Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT ANSWER is (c) Hybrid |
|
| 24. |
Which of the following model allows vendor to provide security as part of the Service Level Agreement?(a) SaaS(b) PaaS(c) IaaS(d) All of the mentionedI have been asked this question in examination.Question is taken from Security Service Boundary topic in portion Cloud Management and Security of Cloud Computing |
|
Answer» Right CHOICE is (a) SaaS |
|
| 25. |
Which of the following cloud does not require mapping?(a) Public(b) Private(c) Hybrid(d) None of the mentionedThe question was posed to me by my college director while I was bunking the class.The query is from Security Service Boundary in division Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT option is (a) Public |
|
| 26. |
Point out the wrong statement.(a) Each different type of cloud service delivery model creates a security boundary(b) Any security mechanism below the security boundary must be built into the system(c) Any security mechanism above the security boundary must be maintained by the customer(d) All of the mentionedI have been asked this question in class test.The origin of the question is Security Service Boundary in section Cloud Management and Security of Cloud Computing |
|
Answer» Correct answer is (d) All of the mentioned |
|
| 27. |
For the _________ model, the security boundary may be defined for the vendor to include the software framework and middleware layer.(a) SaaS(b) PaaS(c) IaaS(d) All of the mentionedThis question was addressed to me during an online exam.Enquiry is from Security Service Boundary in chapter Cloud Management and Security of Cloud Computing |
|
Answer» CORRECT option is (B) PaaS Explanation: In the PaaS model, the CUSTOMER WOULD be responsible for the security of the application and UI at the top of the STACK. |
|
| 28. |
Which of the following functional cloud computing hardware/software stack is the Cloud Reference Model?(a) CAS(b) CSA(c) SAC(d) All of the mentionedI got this question in exam.My question comes from Security Service Boundary topic in portion Cloud Management and Security of Cloud Computing |
|
Answer» The correct option is (B) CSA |
|
| 29. |
Which of the following service provider provides the highest level of service?(a) SaaS(b) PaaS(c) IaaS(d) All of the mentionedThe question was asked in my homework.My question is from Security Service Boundary topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Right answer is (a) SaaS |
|
| 30. |
Point out the correct statement.(a) PaaS supplies the infrastructure(b) IaaS adds application development frameworks, transactions, and control structures(c) SaaS is an operating environment with applications, management, and the user interface(d) All of the mentionedI have been asked this question in class test.My enquiry is from Security Service Boundary topic in division Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT option is (c) SaaS is an operating ENVIRONMENT with APPLICATIONS, management, and the user interface |
|
| 31. |
Which of the following is application and infrastructure management software for hybrid multi-clouds?(a) VMware Hyperic(b) Webmetrics(c) Univa UD(d) TapinsystemsI had been asked this question during an online interview.This question is from Cloud Security in portion Cloud Management and Security of Cloud Computing |
|
Answer» Right CHOICE is (c) Univa UD |
|
| 32. |
Which of the following is used for Web performance management and load testing?(a) VMware Hyperic(b) Webmetrics(c) Univa UD(d) TapinsystemsThe question was posed to me in an interview for internship.This is a very interesting question from Cloud Security topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Right answer is (b) Webmetrics |
|
| 33. |
Which of the following is considered an essential element in cloud computing by CSA?(a) Multi-tenancy(b) Identity and access management(c) Virtualization(d) All of the mentionedThe question was posed to me by my school principal while I was bunking the class.The above asked question is from Cloud Security topic in section Cloud Management and Security of Cloud Computing |
|
Answer» Right CHOICE is (a) Multi-tenancy |
|
| 34. |
Which of the following is the operational domain of CSA?(a) Scalability(b) Portability and interoperability(c) Flexibility(d) None of the mentionedI got this question by my school teacher while I was bunking the class.I'm obligated to ask this question of Cloud Security topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT option is (b) Portability and interoperability Best EXPLANATION: CSA is an industry working GROUP that studies SECURITY ISSUES in cloud computing and offers recommendations to its members. |
|
| 35. |
Which of the following services that need to be negotiated in Service Level Agreements?(a) Logging(b) Auditing(c) Regulatory compliance(d) All of the mentionedThis question was addressed to me in an online quiz.Enquiry is from Cloud Security in division Cloud Management and Security of Cloud Computing |
|
Answer» The correct CHOICE is (d) All of the mentioned |
|
| 36. |
Which of the following area of cloud computing is uniquely troublesome?(a) Auditing(b) Data integrity(c) e-Discovery for legal compliance(d) All of the mentionedThe question was posed to me by my college professor while I was bunking the class.My question is based upon Cloud Security topic in division Cloud Management and Security of Cloud Computing |
|
Answer» Correct OPTION is (d) All of the mentioned |
|
| 37. |
Point out the wrong statement.(a) You can use proxy and brokerage services to separate clients from direct access to shared cloud storage(b) Any distributed application has a much greater attack surface than an application that is closely held on a Local Area Network(c) Cloud computing doesn’t have vulnerabilities associated with Internet applications(d) All of the mentionedThe question was asked in an interview for internship.Origin of the question is Cloud Security in portion Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT choice is (C) CLOUD computing doesn’t have vulnerabilities ASSOCIATED with Internet applications Easiest explanation: Additional vulnerabilities arise from pooled, VIRTUALIZED, and outsourced resources. |
|
| 38. |
The following flowchart is intended to evaluate __________ in any cloud.(a) risk(b) errors(c) inconsistencies(d) none of the mentionedI have been asked this question by my school principal while I was bunking the class.This intriguing question comes from Cloud Security in portion Cloud Management and Security of Cloud Computing |
|
Answer» The correct CHOICE is (a) risk |
|
| 39. |
Which of the following service provider provides the least amount of built in security?(a) SaaS(b) PaaS(c) IaaS(d) All of the mentionedThis question was posed to me by my school principal while I was bunking the class.My question is based upon Cloud Security topic in division Cloud Management and Security of Cloud Computing |
|
Answer» The correct answer is (C) IaaS |
|
| 40. |
Point out the correct statement.(a) Different types of cloud computing service models provide different levels of security services(b) Adapting your on-premises systems to a cloud model requires that you determine what security mechanisms are required and mapping those to controls that exist in your chosen cloud service provider(c) Data should be transferred and stored in an encrypted format for security purpose(d) All of the mentionedThis question was addressed to me in exam.This question is from Cloud Security in division Cloud Management and Security of Cloud Computing |
|
Answer» Right answer is (d) All of the mentioned |
|
| 41. |
Which of the following is a workflow control and policy based automation service by CA?(a) CA Cloud Optimize(b) CA Cloud Orchestrate(c) CA Cloud Insight(d) CA Cloud ComposeThe question was posed to me in a national level competition.My question is taken from Cloud Commons and SMI topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Right CHOICE is (B) CA CLOUD Orchestrate |
|
| 42. |
Which of the following monitors the performance of the major cloud-based services in real time in Cloud Commons?(a) CloudWatch(b) CloudSensor(c) CloudMetrics(d) All of the mentionedI had been asked this question during an interview.I want to ask this question from Cloud Commons and SMI in division Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT OPTION is (b) CloudSensor Easy explanation: The Cloud Commons is a new online community FOUNDED by CA to promote information EXCHANGE on cloud SERVICES and the SMI standard. |
|
| 43. |
Which of the following is open and both hypervisor and processor-architecture-agnostic?(a) Dell Scalent(b) CloudKick(c) Elastra(d) All of the mentionedThe question was asked in a job interview.Origin of the question is Cloud Commons and SMI in chapter Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT answer is (a) Dell Scalent |
|
| 44. |
Which of the following initiative tries to provide a way of measuring cloud computing services along dimension like cost?(a) CCE(b) OCCI(c) SMI(d) All of the mentionedI have been asked this question during an online interview.The query is from Cloud Commons and SMI topic in portion Cloud Management and Security of Cloud Computing |
|
Answer» Right ANSWER is (C) SMI |
|
| 45. |
Which of the following is an industry organization that develops industry system management standards for platform interoperability?(a) DMTF(b) DMS(c) EBS(d) All of the mentionedI got this question in an interview for job.This key question is from Cloud Commons and SMI in section Cloud Management and Security of Cloud Computing |
|
Answer» The correct ANSWER is (a) DMTF |
|
| 46. |
Point out the wrong statement.(a) Cloudkick’s Insight module is powerful and particularly easy to use(b) Both Cloudkick and RightScale are known to be easy to use with Window virtual servers and less so with Linux instances(c) All of the service models support monitoring solutions(d) All of the mentionedI have been asked this question in an interview for job.I'd like to ask this question from Cloud Commons and SMI topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT ANSWER is (B) Both Cloudkick and RightScale are known to be easy to use with WINDOW virtual servers and less so with Linux instances |
|
| 47. |
Which of the following is used to extend CIM to virtual computer system management?(a) OVF(b) VMAN(c) OCSI(d) None of the mentionedThis question was addressed to me in an interview for job.The above asked question is from Cloud Commons and SMI topic in portion Cloud Management and Security of Cloud Computing |
|
Answer» Correct answer is (b) VMAN |
|
| 48. |
Point out the correct statement.(a) Eucalyptus and Rackspace both use Amazon EC2 and S3 services(b) The RightScale user interface provides real-time measurements of individual server instances(c) RightScale server templates and the Rightscript technology are highly configurable and can be run under batch control(d) All of the mentionedThis question was addressed to me in an interview for job.I want to ask this question from Cloud Commons and SMI topic in division Cloud Management and Security of Cloud Computing |
|
Answer» RIGHT answer is (d) All of the mentioned To elaborate: EUCALYPTUS is OPEN source and portable. |
|
| 49. |
Which of the following is a core management feature offered by most cloud management service products?(a) Support of different cloud types(b) Creation and provisioning of different types of cloud resources, such as machine instances, storage, or staged applications(c) Performance reporting including availability and uptime, response time, resource quota usage, and other characteristics(d) All of the mentionedThe question was posed to me by my school principal while I was bunking the class.My query is from Cloud Commons and SMI in portion Cloud Management and Security of Cloud Computing |
|
Answer» The CORRECT answer is (d) All of the mentioned |
|
| 50. |
Which of the following is used for performance management for virtualized Java Apps with VMware integration?(a) Hyperic(b) Internetseer(c) RightScale(d) All of the mentionedI have been asked this question at a job interview.Query is from Cloud Management Products topic in chapter Cloud Management and Security of Cloud Computing |
|
Answer» Correct choice is (a) Hyperic |
|