- (Exam Topic 4)
What is the experimental technology that might lead to the possibility of processing encrypted data without having to decrypt it first?

1. A. AES
2. B. Link encryption
3. C. One-time pads
4. D. Homomorphic encryption

Correct Answer: D
AES is an encryption standard. Link encryption is a method for protecting communications traffic. One-time pads are an encryption method.

- (Exam Topic 4)
Hardening the operating system refers to all of the following except:

1. A. Limiting administrator access
2. B. Closing unused ports
3. C. Removing antimalware agents
4. D. Removing unnecessary services and libraries

Correct Answer: C
Removing antimalware agents. Hardening the operating system means making it more secure. Limiting administrator access, closing unused ports, and removing unnecessary services and libraries all have the potential to make an OS more secure. But removing antimalware agents would actually make the system less secure. If anything, antimalware agents should be added, not removed.

- (Exam Topic 3)
Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.
Which of the following is NOT a technology for securing data in transit?

1. A. VPN
2. B. TLS
3. C. DNSSEC
4. D. HTTPS

Correct Answer: C
DNSSEC is an extension of the normal DNS protocol that enables a system to verify the integrity of a DNS query resolution by signing it from the authoritative source and verifying the signing chain. It is not used for
securing data transmissions or exchanges. HTTPS is the most common method for securing web service and data calls within a cloud, and TLS is the current standard for encrypting HTTPS traffic. VPNs are widely used for securing data transmissions and service access.

- (Exam Topic 2)
Which type of audit report is considered a "restricted use" report for its intended audience?

1. A. SAS-70
2. B. SSAE-16
3. C. SOC Type 1
4. D. SOC Type 2

Correct Answer: C
SOC Type 1 reports are considered "restricted use" reports. They are intended for management and stakeholders of an organization, clients of the service organization, and auditors of the organization. They are not intended for release beyond those audiences.

- (Exam Topic 4)
In which cloud service model is the customer required to maintain the OS?

1. A. Iaas
2. B. CaaS
3. C. PaaS
4. D. SaaS

Correct Answer: A
In IaaS, the service is bare metal, and the customer has to install the OS and the software; the customer then is responsible for maintaining that OS. In the other models, the provider installs and maintains the OS.