- (Exam Topic 1)
Which type of cloud model typically presents the most challenges to a cloud customer during the "destroy" phase of the cloud data lifecycle?

1. A. IaaS
2. B. DaaS
3. C. SaaS
4. D. PaaS

Correct Answer: C
With many SaaS implementations, data is not isolated to a particular customer but rather is part of the overall application. When it comes to data destruction, a particular challenge is ensuring that all of a customer's data is completely destroyed while not impacting the data of other customers.

- (Exam Topic 1)
GAAPs are created and maintained by which organization?

1. A. ISO/IEC
2. B. AICPA
3. C. PCI Council
4. D. ISO

Correct Answer: B
The AICPA is the organization responsible for generating and maintaining what are the Generally Accepted Accounting Practices in the United States.

- (Exam Topic 4)
Your company is in the planning stages of moving applications that have large data sets to a cloud environment.
What strategy for data removal would be the MOST appropriate for you to recommend if costs and speed are primary considerations?

1. A. Shredding
2. B. Media destruction
3. C. Crypthographic erasure
4. D. Overwriting

Correct Answer: C
Cryptographic erasure involves having the data encrypted, typically as a matter of standard operations, and then rendering the data useless and unreadable by destroying the encryption keys for it. It represents a very cheap and immediate way to destroy data, and it works in all environments. With a cloud environment and multitenancy, media destruction or the physical destruction of storage devices, including shredding, would not be possible. Depending on the environment, overwriting may or may not be possible, but cryptographic erasure is the best answer because it is always an available option and is very quick to implement.

- (Exam Topic 1)
What is the primary reason that makes resolving jurisdictional conflicts complicated?

1. A. Different technology standards
2. B. Costs
3. C. Language barriers
4. D. Lack of international authority

Correct Answer: D
With international operations, systems ultimately cross many jurisdictional boundaries, and many times, they conflict with each other. The major hurdle to overcome for an organization is the lack of an ultimate international authority to mediate such conflicts, with a likely result of legal efforts in each jurisdiction.

- (Exam Topic 2)
Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?

1. A. Platform
2. B. Infrastructure
3. C. Software
4. D. Desktop

Correct Answer: C
The software service capability gives the cloud customer a fully established application, where only minimal user configuration options are allowed.