15.

Cloud developers are experiencing a delay caused by the static code review before each deployment. The security operator and developer must address the issue without cutting corners with security routing. Which of the following would BEST address the delay issue?

1. Replace the static code analysis with hardening techniques

2. Perform the static code analysis earlier in the SDLC

3. Perform a penetration test instead of a static code analysis

4. Replace the static code analysis with a vulnerability analysis

16.

During troubleshooting of a performance problem with an all-flash array that is used to store the primary production data of multiple virtualization clusters in a private cloud, the storage vendor wants to perform an upgrade of the array firmware. Which of the following should be done NEXT?

1. Open a change request and ask for approval

2. Establish a plan of action and implement it

3. Download the array firmware and apply it on the affected arry

4. Document the findings

17.

The end users of SaaS applications use multiple services from the same application. A unique login ID and password are required for each user to access each service. Which of the following access control methods should be implemented by the SaaS application vendor to simplify the access to its services?

1. RBAC

2. SAML

3. SSO

4. MFA

18.

An administrator has virtualized four database servers in a private cloud. The DBA is concerned that a failure of one host will take down all four servers. Which of the following should the administrator do FIRST to alleviate the DBAs concerns?

1. Install a load balancer in front of the database server

2. Establish anti-affinity rules for each virtualized server

3. Define affinity rules for each host

4. Migrate two servers to a public cloud

19.

One of the IaaS production web servers has a critical OS vulnerability that requires remediation. The vulnerability report indicates it is a zero-day exploit. Which of the following is the BEST course of action to remediate the vulnerability?

1. Schedule the update via the patch management system to be applied in the next standard change window

2. Turn off the VM, build a new server, and apply patches with a patch management system

3. Submit an emergency change request to the CAB and apply the update via the patch management system

4. Submit an emergency change request to the CAB, test the patch, and the update via the patch management system

20.

A cloud administrator has implemented a cost-savings policy to reduce the number of servers running at a given time. This policy will shut down all servers at 3.30a.m and restart them at 8.30 a.m every morning. The management team has recently communicated that the daily reports are no longer available for the 9.00a.m meeting?

Batch job name	duration	Schedule time
Sales import	45 mins	1.00 a.m daily
Financial summary	45 mins	3.00a.m daily
Inventory updates	45 mins	2.00 a.m daily

Which of the following would be BEST for the administrator to implement?

1. Add more resources to reduce the duration for the batch jobs

2. Change the shutdown policy to begin at 4.00a.m

3. Reschedule the financial_summary batch job to run at 9.00a.m

4. Disable the policy to shut down and restart the servers.

21.

During the cloud provisioning process, a misconfiguration results in the requester being granted privileges to the underlying IaaS infrastructure. Which of the following security principles has been violated?

1. Authentication

2. Authorization

3. Privilege escalation

4. Identification