GIAC Public Cloud Security - GPCS Exam Practice Test

A. By using less secure, older versions of software to ensure compatibility. B. By automatically deploying every change without review to speed up development. C. By focusing only on functionality and not on security testing. D. By including security checks and tests in the deployment processes.

A. Hash-based encryption B. Symmetric encryption C. One-time pad encryption D. Asymmetric encryption

A. Audit and log all access to sensitive information. B. Ensure that all credentials are embedded in application code. C. Regularly rotate and manage keys and credentials. D. Use a centralized identity and access management system. E. Store credentials locally on each cloud platform.

A. Store credentials in plain text for easy access B. Use encryption and restrict access to minimize security risks C. Store credentials on multiple devices for redundancy D. Grant all users access to credentials

A. By reducing the need for authentication. B. By providing a dedicated physical connection to the cloud. C. By increasing the access speed to cloud resources. D. By encrypting data transmitted between the administrator and the cloud service.

A. To automatically delete outdated functions B. To track function performance C. To ensure compliance with service-level agreements D. To detect unauthorized access or unusual behavior

A. They provide a caching layer for database queries B. They serve as the entry point for all client requests and enforce throttling and authorization C. They act as a management interface for serverless functions D. They offer continuous integration and deployment services

A. Requiring multi-factor authentication (MFA) B. Disabling logging of administrative activities C. Allowing all IPs to access the admin console D. Hardcoding administrative credentials into applications

A. By reducing the number of cloud services in use. B. By implementing comprehensive access controls and regular security reviews. C. By using stronger network firewalls. D. By frequently changing the physical location of their servers.

A. Allow public IP access without restrictions B. Disable encryption for remote connections C. Use virtual private networks (VPNs) D. Enforce multi-factor authentication (MFA)

A. By physically isolating cloud hardware from unauthorized users. B. By mandating the use of public networks for sensitive data. C. By automatically encrypting all stored data. D. By ensuring that data does not traverse public internet, reducing exposure.

A. AWS CloudFormation B. AWS VPC C. AWS S3 D. AWS IAM

A. It verifies data integrity. B. It generates a random string to replace sensitive data. C. It creates digital tokens for network security. D. It encrypts data using a public key.