0% found this document useful (0 votes)
70 views11 pages

GRT Institute of Engineering and Technology,: Tiruttani

Mcq

Uploaded by

kumari2004ramesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
70 views11 pages

GRT Institute of Engineering and Technology,: Tiruttani

Mcq

Uploaded by

kumari2004ramesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

DATE:15.11.

24
REG.NO.
GRT INSTITUTE OF
ENGINEERING AND
TECHNOLOGY, Tiruttani
(An Autonomous Institution)
Accredited by NBA (ECE), NAAC with “A++” Grade &An ISO 9001:2015 Certified Institution
Approved by AICTE, New Delhi& Affiliated to Anna University, Chennai.

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

MULTIPLE CHOICE QUESTIONS


ACADEMIC YEAR 2024-2025 (ODD SEMESTER) –NOV / DEC 2024
Third Year /Fifth Semester
CCS362 –SECURITY AND PRIVACY IN CLOUD (Regulations 2021)
UNIT I
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
What is the primary goal of cloud security?

 A) To ensure availability of cloud services


1  B) To protect data and applications in the cloud B 2
 C) To manage cloud costs
 D) To enhance user experience

Which of the following security services ensures that data is


only accessible to authorized users?

 A) Integrity
2  B) Confidentiality B 2
 C) Authentication
 D) Non-repudiation

What does the security service "Non-repudiation" ensure?

 A) Data is not altered or tampered with


3  B) Users cannot deny their actions B 2
 C) Users are who they claim to be
 D) Only authorized users have access

4 Which of the following is a characteristic of public-key B 2


cryptography?

 A) Uses a single key for encryption and decryption


 B) Uses separate keys for encryption and decryption
 C) Less secure than conventional cryptography
 D) Only used for digital signatures

What is the main function of a hash function in cryptography?

 A) Encrypt data
 B) Decrypt data
5  C) Generate a unique fixed-size output from variable- C 2
sized input
 D) Generate encryption keys

Which of the following is NOT a form of authentication?

 A) Passwords
 B) Digital signatures
6  C) Biometrics B 2
 D) Security questions

What is the primary purpose of a digital signature?

 A) Encrypt data
7  B) Verify the authenticity of a message or document B 2
 C) Provide confidentiality
 D) Control access

Which access control model assigns permissions based on the


user's role within an organization?

 A) Discretionary Access Control (DAC)


8  B) Mandatory Access Control (MAC) C 2
 C) Role-Based Access Control (RBAC)
 D) Attribute-Based Access Control (ABAC)

. Which security service ensures that data is accurate and has


not been altered?

 A) Confidentiality
9  B) Authentication C 2
 C) Integrity
 D) Non-repudiation

10 Which of the following is a characteristic of conventional B 2


(symmetric) cryptography?
 A) Uses a pair of keys for encryption and decryption
 B) Uses a single key for both encryption and
decryption
 C) Primarily used for digital signatures
 D) Less efficient than public-key cryptography

Total Marks (20 Marks)

UNIT II
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
What is the primary goal of security design principles in cloud
computing?

 A) To reduce the cost of cloud services


1  B) To ensure the scalability of cloud infrastructure C 2
 C) To protect data and resources from threats
 D) To enhance user interface design

Which of the following is a method used for comprehensive


data protection in the cloud?

 A) Data encryption
2  B) Network bandwidth management A 2
 C) Load balancing
 D) Data visualization

What does end-to-end access control aim to secure in cloud


computing?

 A) Only the data at rest


3  B) Data from the cloud provider to the end user B 2
 C) Only the data in transit
 D) User interfaces

4 Which of the following is a common attack vector in cloud B 2


computing?

 A) Performance bottlenecks
 B) Denial of Service (DoS) attacks
 C) User interface bugs
 D) Data redundancy
What is a key strategy to ensure network and storage security
in the cloud?

 A) Implementing strict access controls


5  B) Increasing storage capacity A 2
 C) Reducing network latency
 D) Enhancing user interface design

Why are secure isolation strategies important in a multi-tenant


cloud environment?

 A) To improve application performance


6  B) To prevent data breaches between tenants B 2
 C) To reduce storage costs
 D) To enhance user experience

Which of the following is a key consideration in securing


virtualized environments?

 A) User interface customization


7  B) Hypervisor security B 2
 C) Data visualization
 D) Application performance tuning

What is the main purpose of inter-tenant network


segmentation in cloud environments?

 A) To optimize network performance


8  B) To separate and secure different tenants' network B 2
traffic
 C) To increase data storage efficiency
 D) To enhance user interface design

Which process involves removing data that is no longer


needed while ensuring compliance with legal and regulatory
requirements?

9  A) Data encryption D 2
 B) Data retention
 C) Data archiving
 D) Data deletion

10 What is the main function of Public Key Infrastructure (PKI) B 2


in cloud security?
 A) To manage user interfaces
 B) To secure communications through encryption and
digital signatures
 C) To optimize application performance
 D) To improve network speed

Total Marks (20 Marks)

UNIT-III
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
Which of the following is NOT a common factor used in
Multi-Factor Authentication (MFA)?

 A) Something you know (password)


1  B) Something you have (security token) D 2
 C) Something you are (biometrics)
 D) Something you like (favorite color)

Role-Based Access Control (RBAC) primarily assigns


permissions based on:

 A) User preferences
2  B) User roles within an organization B 2
 C) Network performance
 D) User physical locations

The main benefit of Single Sign-On (SSO) is:

 A) Reducing storage costs


3  B) Simplifying user access to multiple applications B 2
 C) Enhancing network speed
 D) Improving data encryption methods

4 Identity Federation allows: B 2

 A) Users to manage their own encryption keys


 B) Sharing of identity information across different
systems and organizations
 C) Real-time monitoring of network performance
 D) Users to create personalized dashboards

Which of the following is a key aspect of storage access


control in cloud environments?

 A) Data redundancy
5  B) Assigning permissions to access data storage B 2
resources
 C) Optimizing data transfer speeds
 D) Reducing data storage costs

Network access control in cloud computing involves:

 A) Securing network resources from unauthorized


access
6  B) Enhancing user interface designs A 2
 C) Managing physical network cables
 D) Improving application load times

The primary goal of OS hardening is to:

 A) Increase system performance


7  B) Reduce the attack surface of the operating system B 2
 C) Enhance user experience
 D) Optimize storage capacity

Verified and Measured Boot ensures:

 A) Fast system startup times


 B) Integrity of the boot process and software
8 verification B 2
 C) Increased data storage
 D) Enhanced user interface design

What is the purpose of an Intruder Detection System (IDS) in


cloud security?

 A) To encrypt data in transit


9  B) To monitor and detect unauthorized access or B 2
attacks
 C) To enhance user experience
 D) To manage storage resources

10 In the context of cloud computing, identity providers are B 2


responsible for:

 A) Storing user preferences


 B) Verifying user identities and managing
authentication
 C) Increasing network bandwidth
 D) Designing user interfaces

Total Marks (20 Marks)

UNIT IV
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
Which cloud deployment model is typically used for cloud
bursting?

 A) Private Cloud
1  B) Public Cloud C 2
 C) Hybrid Cloud
 D) Community Cloud

What information does geo-tagging add to data?

 A) User preferences
2  B) Geographical location information B 2
 C) Encryption keys
 D) Network latency details

Which protocol is commonly used to secure cloud interfaces?

 A) HTTP
3  B) FTP D 2
 C) SMTP
 D) HTTPS

Which of the following is NOT a method of access control for


cloud resources?

 A) Role-Based Access Control (RBAC)


4  B) Discretionary Access Control (DAC) D 2
 C) Mandatory Access Control (MAC)
 D) Network Address Translation (NAT)
Secure on-premise internet access typically involves which of
the following?

 A) Public Wi-Fi
5  B) Unsecured VPNs C 2
 C) Corporate firewalls
 D) Open networks

Which of the following is a common strategy for securing


external cloud services?

 A) Using a single authentication method


6  B) Encrypting data in transit and at rest B 2
 C) Relying solely on physical security
 D) Ignoring data backup procedures

Tokenization is primarily used to:

 A) Improve network performance


 B) Replace sensitive data with non-sensitive
7 equivalents B 2
 C) Increase storage capacity
 D) Enhance user interface design

Data redaction is the process of:

 A) Encrypting data
8  B) Masking sensitive information B 2
 C) Compressing data files
 D) Enhancing data retrieval speeds

Public Key Infrastructure (PKI) is used in cloud security for:

 A) Data compression
9  B) User interface design C 2
 C) Encryption and digital signatures
 D) Network load balancing

10 Which of the following is essential for securing virtualized B 2


environments in the cloud?

 A) Increased physical security


 B) Hypervisor security
 C) Enhanced user interface
 D) Data redundancy

Total Marks (20 Marks)

UNIT V

OPTIO
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks MARKS
N
What is the main purpose of proactive activity monitoring in
cloud security?

 A) To reduce storage costs


1  B) To detect and respond to security threats before they B 2
cause damage
 C) To improve user interface design
 D) To enhance data transfer speeds

Which of the following is a key component of an incident response plan?

 A) User interface enhancements


2  B) Steps for identifying, managing, and mitigating security incidents
B 2
 C) Increasing data storage capacity
 D) Reducing network latency

What is the primary goal of monitoring for unauthorized access


in a cloud environment?

 A) Improving application performance


3  B) Detecting and preventing unauthorized access to B 2
resources
 C) Enhancing user experience
 D) Reducing data redundancy

Which of the following is an example of malicious traffic that should be monitored in a cloud envir

 A) Regular data backups


4  B) Denial of Service (DoS) attacks B 2
 C) Routine maintenance tasks
 D) Data compression activities

5 What is the purpose of events and alerts in cloud security B 2


monitoring?
 A) To increase storage capacity
 B) To notify administrators of potential security issues in
real-time
 C) To enhance network performance
 D) To improve data visualization

Auditing in cloud security primarily involves:

 A) Enhancing user interfaces


6  B) Generating records and reports of system activities B 2
 C) Optimizing network speed
 D) Increasing data storage

Why is tamper-proofing audit logs important in cloud security?

 A) To improve application performance


7  B) To ensure the integrity and reliability of audit data B 2
 C) To reduce data transfer costs
 D) To enhance user experience

In cloud security, Quality of Services (QoS) typically refers to:

 A) Measures to ensure optimal performance and


availability of cloud services
8  B) Enhancing user interfaces A 2
 C) Reducing data redundancy
 D) Increasing storage capacity

Secure management in the context of cloud computing involves:

9
 A) Optimizing data compression B 2
 B) Ensuring secure administrative access and controls
 C) Increasing network bandwidth
 D) Enhancing user interface design

10 What is the primary function of Security Information and Event B 2


Management (SIEM) systems?

 A) To manage data storage


 B) To provide real-time analysis and reporting of security
events
 C) To improve application load times
 D) To enhance user experience

Total Marks (20 Marks)

You might also like