Engineering Questions with Answers - Multiple Choice Questions
MCQs on Security Service Boundary
1 - Question
Which of the following service provider provides the highest level of service?
a) SaaS
b) PaaS
c) IaaS
d) All of the mentioned
View Answer
Answer: a
Explanation: As you move upward in the stack, each service model inherits the capabilities of the model beneath it, as well as all the inherent security concerns and risk factors.
2 - Question
Point out the correct statement.
a) PaaS supplies the infrastructure
b) IaaS adds application development frameworks, transactions, and control structures
c) SaaS is an operating environment with applications, management, and the user interface
d) All of the mentioned
View Answer
Answer: c
Explanation: IaaS has the least levels of integrated functionality and the lowest levels of integrated security, and SaaS has the most.
3 - Question
Which of the following functional cloud computing hardware/software stack is the Cloud Reference Model?
a) CAS
b) CSA
c) SAC
d) All of the mentioned
View Answer
Answer: b
Explanation: Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to “promote the use of best practices for providing security assurance within Cloud.
4 - Question
For the _________ model, the security boundary may be defined for the vendor to include the software framework and middleware layer.
a) SaaS
b) PaaS
c) IaaS
d) All of the mentioned
View Answer
Answer: b
Explanation: In the PaaS model, the customer would be responsible for the security of the application and UI at the top of the stack.
5 - Question
Point out the wrong statement.
a) Each different type of cloud service delivery model creates a security boundary
b) Any security mechanism below the security boundary must be built into the system
c) Any security mechanism above the security boundary must be maintained by the customer
d) All of the mentioned
View Answer
Answer: d
Explanation: As you move up the stack, it becomes more important to make sure that the type and level of security is part of your Service Level Agreement.
6 - Question
Which of the following model allows vendor to provide security as part of the Service Level Agreement?
a) SaaS
b) PaaS
c) IaaS
d) All of the mentioned
View Answer
Answer: a
Explanation: Compliance, governance, and liability levels are stipulated under the contract for the entire stack.
7 - Question
Which of the following cloud does not require mapping?
a) Public
b) Private
c) Hybrid
d) None of the mentioned
View Answer
Answer: a
Explanation: Private cloud may be internal or external to an organization.
8 - Question
Which of the following service model is owned in terms of infrastructure by both vendor and customer?
a) Public
b) Private
c) Hybrid
d) None of the mentioned
View Answer
Answer: c
Explanation: Infrastructure location is both on- and off-premises.
9 - Question
Which of the following model type is not trusted in terms of security?
a) Public
b) Private
c) Hybrid
d) None of the mentioned
View Answer
Answer: a
Explanation: It is owned by a vendor.
10 - Question
Which of the following has infrastructure security managed and owned by the vendor?
a) Hybrid
b) Private/Community
c) Public
d) None of the mentioned
View Answer
Answer: b
Explanation: Cloud computing has a tendency to blur the location of the defined security perimeter in such a way that the previous notions of network firewalls and edge defenses often no longer apply.