- (Exam Topic 2)
Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?

1. A. Virtualization
2. B. Multitenancy
3. C. Resource pooling
4. D. Dynamic optimization

Correct Answer: A
Cloud environments will regularly change virtual machines as patching and versions are changed. Unlike a physical environment, there is little continuity from one period of time to another. It is very unlikely that the same virtual machines would be in use during a repeat audit.

- (Exam Topic 2)
Which of the following is NOT something that an HIDS will monitor?

1. A. Configurations
2. B. User logins
3. C. Critical system files
4. D. Network traffic

Correct Answer: B
A host intrusion detection system (HIDS) monitors network traffic as well as critical system files and configurations.

- (Exam Topic 3)
For service provisioning and support, what is the ideal amount of interaction between a cloud customer and cloud provider?

1. A. Half
2. B. Full
3. C. Minimal
4. D. Depends on the contract

Correct Answer: C
The goal with any cloud-hosting setup is for the cloud customer to be able to perform most or all its functions for service provisioning and configuration without any need for support from or interaction with the cloud provider beyond the automated tools provided. To fulfill the tenants of on-demand self-service, required interaction with the cloud provider--either half time, full time, or a commensurate amount of time based on the contract--would be in opposition to a cloud's intended use. As such, these answers are incorrect.

- (Exam Topic 4)
In a federated identity arrangement using a trusted third-party model, who is the identity provider and who is the relying party?

1. A. The users of the various organizations within the federations within the federation/a CASB
2. B. Each member organization/a trusted third party
3. C. Each member organization/each member organization
4. D. A contracted third party/the various member organizations of the federation

Correct Answer: D
In a trusted third-party model of federation, each member organization outsources the review and approval task to a third party they all trust. This makes the third party the identifier (it issues and manages identities for all users in all organizations in the federation), and the various member organizations are the relying parties (the resource providers that share resources based on approval from the third party).

- (Exam Topic 2)
Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?

1. A. Software
2. B. Desktop
3. C. Platform
4. D. Infrastructure

Correct Answer: C
The platform service capability provides programming languages and libraries from the cloud provider, where the customer can deploy their own code and applications into a managed and controlled framework.