Exam Question 11
What type of malicious software uses encryption to render data inaccessible to authorized users?
A. Virus
B. Worm
C. Ransomware
D. Trojan horse
Correct Answer:
C. Ransomware
Answer Description:
The hallmark of a ransomware attack is that the malicious software encrypts the user’s data and then demands payment of a ransom in exchange for the decryption key.
Exam Question 12
Kelly is investigating a situation where an employee’s computer was infected with malware and that malware was used to steal the employee’s password. What term best describes this situation?
A. Event
B. Adverse event
C. Social engineering
D. Incident
Correct Answer:
D. Incident
Answer Description:
Security incidents occur when there is a violation or imminent threat of a violation of a security policy. The theft of the employee’s password meets these criteria. Events and adverse events are elevated to the level of an incident when this type of violation occurs. There is no indication that social engineering techniques were used in this attack.
Exam Question 13
Which of the following is a common source of security alerts that may indicate a need for an incident response effort?
A. Third-party monitoring services
B. Intrusion detection systems
C. Security information and event management systems
D. File integrity checking software
E. All of the above
Correct Answer:
E. All of the above
Answer Description:
All of these systems are reasonable sources of security alerts that may indicate the need for a cybersecurity incident response effort.
Exam Question 14
Which one of the following is not an objective of the containment, eradication, and recovery phase of incident response?
A. Limit the damage caused by an incident.
B. Identity the attackers and attacking systems.
C. Recover normal business operations.
D. Detect a potential security incident.
Correct Answer:
D. Detect a potential security incident.
Answer Description:
The detection of security incidents occurs during the detection and analysis phase of incident response. The goals of the containment, eradication, and recovery phase are to select a containment strategy, implement that strategy to limit damage, gather additional evidence, identity the attackers, eradicate the effects of the incident, and recover normal operations.
Exam Question 15
Who is the most effective person to lead a lessons-learned session in the wake of a cybersecurity incident?
A. Independent third party
B. Chief privacy officer (CPO)
C. Chief information officer (CIO)
D. Incident response team leader
Correct Answer:
A. Independent third party
Answer Description:
The lessons learned review should be facilitated by an independent facilitator who was not involved in the incident response and who is perceived by everyone involved as an objective outsider. This allows the facilitator to guide the discussion in a productive manner without participants feeling that the facilitator is advancing a hidden agenda.
Exam Question 16
What best describes the role of a Google Cloud Architect?
A. An individual within an organization who architects
B. An engineer who is interested in designing robust solutions in an enterprise
C. A technical subject matter expert who understands business and technical requirements and is able to translate those requirements into technical designs
D. An individual who can design, develop and manage robust, secure, scalable, highly available and dynamic solutions to drive business objectives
Correct Answer:
D. An individual who can design, develop and manage robust, secure, scalable, highly available and dynamic solutions to drive business objectives
Answer Description:
Although all answers are technically correct, the question is looking for the best description of the role of a Google Cloud Architect, which is an individual who can design, develop and manage robust, secure, scalable, highly available and dynamic solutions to drive business objectives.
Exam Question 17
Your company has made plans to roll out OpenShift, a Kubernetes platform solution offered by IBM Red Hat, across all its on-premises and public cloud environments. Given that you are the lead architect responsible for your company’s GCP deployments, what type of shared responsibility model will this deployment entail for you?
A. On premises
B. IaaS
C. PaaS
D. SaaS
Correct Answer:
B. IaaS
Answer Description:
The key to remember here is that for a service provided (GCP in this case) to take responsibility for its PaaS, it must offer the service as a managed service. GCP offers its own Kubernetes platform called GKE. But OpenShift is not a Google-offered PaaS solution. As such, Google will not take responsibility for the back-end operations and design of your OpenShift environments. You will need to manage all the VMs that OpenShift will provision as part of its GCP deployment. So this is an IaaS deployment from a shared responsibility model perspective.
Exam Question 18
The principle of least privilege is focused on:
A. Ensuring that you give users the least amount of privilege possible
B. Separating the amount of responsibilities that each of your applications has into logical chunks
C. Ensuring that roles are defined for your company’s access model
D. Minimizing the amount of privileges that a single user has to the bare minimum needed to perform their job duties
Correct Answer:
D. Minimizing the amount of privileges that a single user has to the bare minimum needed to perform their job duties
Answer Description:
The goal of least privilege is to ensure that your users are privileged or entitled to do only what their job duties entail, and nothing more.
Exam Question 19
A carefully designed organization hierarchy enables businesses to do all of the following except:
A. Improve the speed of innovation
B. Have more granular billing data
C. Govern and secure the organization in a more managed and centralized fashion
D. Minimize the amount of projects needed to leverage GCP effectively
Correct Answer:
D. Minimize the amount of projects needed to leverage GCP effectively
Answer Description:
Minimizing the amount of projects leveraged in your GCP environment is not a goal of designing an effective cloud development and deployment strategy. The goal of governance in the cloud is to be able to apply policies consistently across the entire enterprise and also minimize the blast radius. You can do this using a many-projects approach. Minimizing the amount of projects does not enable you to segregate duties and manage access control properly.
Exam Question 20
You need to leverage a consistent set of host names for your pods. Which feature should you use?
A. Persistent Volumes
B. Persistent Disk
C. Instance Templates
D. StatefulSets
Correct Answer:
D. StatefulSets
Answer Description:
StatefulSets are used to assign a consistent set of unique host names for your pods.
