- (Exam Topic 4)
What are the U.S. Commerce Department controls on technology exports known as?

1. A. ITAR
2. B. DRM
3. C. EAR
4. D. EAL

Correct Answer: C
EAR is a Commerce Department program. Evaluation assurance levels are part of the Common Criteria standard from ISO. Digital rights management tools are used for protecting electronic processing of intellectual property.

- (Exam Topic 4)
The goals of SIEM solution implementation include all of the following, except:

1. A. Dashboarding
2. B. Performance enhancement
3. C. Trend analysis
4. D. Centralization of log streams

Correct Answer: B
SIEM does not intend to provide any enhancement of performance; in fact, a SIEM solution may decrease performance because of additional overhead. All the rest are goals of SIEM implementations.

- (Exam Topic 1)
Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?

1. A. Reservation
2. B. Share
3. C. Limit
4. D. Provision

Correct Answer: A
A reservation is a minimum resource that is guaranteed to a customer within a cloud environment. Within a cloud, a reservation can pertain to the two main aspects of computing: memory and processor. With a reservation in place, the cloud provider guarantees that a cloud customer will always have at minimum the necessary resources available to power on and operate any of their services.

- (Exam Topic 3)
Where is a DLP solution generally installed when utilized for monitoring data in transit?

1. A. Network perimeter
2. B. Database server
3. C. Application server
4. D. Web server

Correct Answer: A
To monitor data in transit, a DLP solution would optimally be installed at the network perimeter, to ensure that data leaving the network through various protocols conforms to security controls and policies. An application server or a web server would be more appropriate for monitoring data in use, and a database server would be an example of a location appropriate for monitoring data at rest.

- (Exam Topic 4)
Apart from using encryption at the file system level, what technology is the most widely used to protect data stored in an object storage system?

1. A. TLS
2. B. HTTPS
3. C. VPN
4. D. IRM

Correct Answer: D
Information rights management (IRM) technologies allow security controls and policies to be enforced on a data object regardless of where it resides. They also allow for extended controls such as expirations and copying restrictions, which are not available through traditional control mechanisms. Hypertext Transfer Protocol Secure (HTTPS), virtual private network (VPN), and Transport Layer Security (TLS) are all technologies and protocols that are widely used with cloud implementations for secure access to systems and services and likely will be used in conjunction with other object data protection strategies.