DATE:15.11.

24
REG.NO.
GRT INSTITUTE OF
ENGINEERING AND
TECHNOLOGY, Tiruttani
(An Autonomous Institution)
Accredited by NBA (ECE), NAAC with “A++” Grade &An ISO 9001:2015 Certified Institution
Approved by AICTE, New Delhi& Affiliated to Anna University, Chennai.

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

MULTIPLE CHOICE QUESTIONS

ACADEMIC YEAR 2024-2025 (ODD SEMESTER) –NOV / DEC 2024
Third Year /Fifth Semester
CCS362 –SECURITY AND PRIVACY IN CLOUD (Regulations 2021)
UNIT I
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
What is the primary goal of cloud security?

 A) To ensure availability of cloud services

1  B) To protect data and applications in the cloud B 2
 C) To manage cloud costs
 D) To enhance user experience

Which of the following security services ensures that data is

only accessible to authorized users?

 A) Integrity
2  B) Confidentiality B 2
 C) Authentication
 D) Non-repudiation

What does the security service "Non-repudiation" ensure?

 A) Data is not altered or tampered with

3  B) Users cannot deny their actions B 2
 C) Users are who they claim to be
 D) Only authorized users have access

4 Which of the following is a characteristic of public-key B 2

cryptography?

 A) Uses a single key for encryption and decryption

 B) Uses separate keys for encryption and decryption
  C) Less secure than conventional cryptography
 D) Only used for digital signatures

What is the main function of a hash function in cryptography?

 A) Encrypt data
 B) Decrypt data
5  C) Generate a unique fixed-size output from variable- C 2
sized input
 D) Generate encryption keys

Which of the following is NOT a form of authentication?

 A) Passwords
 B) Digital signatures
6  C) Biometrics B 2
 D) Security questions

What is the primary purpose of a digital signature?

 A) Encrypt data
7  B) Verify the authenticity of a message or document B 2
 C) Provide confidentiality
 D) Control access

Which access control model assigns permissions based on the

user's role within an organization?

 A) Discretionary Access Control (DAC)

8  B) Mandatory Access Control (MAC) C 2
 C) Role-Based Access Control (RBAC)
 D) Attribute-Based Access Control (ABAC)

. Which security service ensures that data is accurate and has

not been altered?

 A) Confidentiality
9  B) Authentication C 2
 C) Integrity
 D) Non-repudiation

10 Which of the following is a characteristic of conventional B 2

(symmetric) cryptography?
  A) Uses a pair of keys for encryption and decryption
 B) Uses a single key for both encryption and
decryption
 C) Primarily used for digital signatures
 D) Less efficient than public-key cryptography

Total Marks (20 Marks)

UNIT II
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
What is the primary goal of security design principles in cloud
computing?

 A) To reduce the cost of cloud services

1  B) To ensure the scalability of cloud infrastructure C 2
 C) To protect data and resources from threats
 D) To enhance user interface design

Which of the following is a method used for comprehensive

data protection in the cloud?

 A) Data encryption
2  B) Network bandwidth management A 2
 C) Load balancing
 D) Data visualization

What does end-to-end access control aim to secure in cloud

computing?

 A) Only the data at rest

3  B) Data from the cloud provider to the end user B 2
 C) Only the data in transit
 D) User interfaces

4 Which of the following is a common attack vector in cloud B 2

computing?

 A) Performance bottlenecks
 B) Denial of Service (DoS) attacks
 C) User interface bugs
 D) Data redundancy
 What is a key strategy to ensure network and storage security
in the cloud?

 A) Implementing strict access controls

5  B) Increasing storage capacity A 2
 C) Reducing network latency
 D) Enhancing user interface design

Why are secure isolation strategies important in a multi-tenant

cloud environment?

 A) To improve application performance

6  B) To prevent data breaches between tenants B 2
 C) To reduce storage costs
 D) To enhance user experience

Which of the following is a key consideration in securing

virtualized environments?

 A) User interface customization

7  B) Hypervisor security B 2
 C) Data visualization
 D) Application performance tuning

What is the main purpose of inter-tenant network

segmentation in cloud environments?

 A) To optimize network performance

8  B) To separate and secure different tenants' network B 2
traffic
 C) To increase data storage efficiency
 D) To enhance user interface design

Which process involves removing data that is no longer

needed while ensuring compliance with legal and regulatory
requirements?

9  A) Data encryption D 2
 B) Data retention
 C) Data archiving
 D) Data deletion

10 What is the main function of Public Key Infrastructure (PKI) B 2

in cloud security?
  A) To manage user interfaces
 B) To secure communications through encryption and
digital signatures
 C) To optimize application performance
 D) To improve network speed

Total Marks (20 Marks)

UNIT-III
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
Which of the following is NOT a common factor used in
Multi-Factor Authentication (MFA)?

 A) Something you know (password)

1  B) Something you have (security token) D 2
 C) Something you are (biometrics)
 D) Something you like (favorite color)

Role-Based Access Control (RBAC) primarily assigns

permissions based on:

 A) User preferences
2  B) User roles within an organization B 2
 C) Network performance
 D) User physical locations

The main benefit of Single Sign-On (SSO) is:

 A) Reducing storage costs

3  B) Simplifying user access to multiple applications B 2
 C) Enhancing network speed
 D) Improving data encryption methods

4 Identity Federation allows: B 2

 A) Users to manage their own encryption keys

 B) Sharing of identity information across different
systems and organizations
 C) Real-time monitoring of network performance
  D) Users to create personalized dashboards

Which of the following is a key aspect of storage access

control in cloud environments?

 A) Data redundancy
5  B) Assigning permissions to access data storage B 2
resources
 C) Optimizing data transfer speeds
 D) Reducing data storage costs

Network access control in cloud computing involves:

 A) Securing network resources from unauthorized

access
6  B) Enhancing user interface designs A 2
 C) Managing physical network cables
 D) Improving application load times

The primary goal of OS hardening is to:

 A) Increase system performance

7  B) Reduce the attack surface of the operating system B 2
 C) Enhance user experience
 D) Optimize storage capacity

Verified and Measured Boot ensures:

 A) Fast system startup times

 B) Integrity of the boot process and software
8 verification B 2
 C) Increased data storage
 D) Enhanced user interface design

What is the purpose of an Intruder Detection System (IDS) in

cloud security?

 A) To encrypt data in transit

9  B) To monitor and detect unauthorized access or B 2
attacks
 C) To enhance user experience
 D) To manage storage resources

10 In the context of cloud computing, identity providers are B 2

 responsible for:

 A) Storing user preferences

 B) Verifying user identities and managing
authentication
 C) Increasing network bandwidth
 D) Designing user interfaces

Total Marks (20 Marks)

UNIT IV
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks OPTION MARKS
Which cloud deployment model is typically used for cloud
bursting?

 A) Private Cloud
1  B) Public Cloud C 2
 C) Hybrid Cloud
 D) Community Cloud

What information does geo-tagging add to data?

 A) User preferences
2  B) Geographical location information B 2
 C) Encryption keys
 D) Network latency details

Which protocol is commonly used to secure cloud interfaces?

 A) HTTP
3  B) FTP D 2
 C) SMTP
 D) HTTPS

Which of the following is NOT a method of access control for

cloud resources?

 A) Role-Based Access Control (RBAC)

4  B) Discretionary Access Control (DAC) D 2
 C) Mandatory Access Control (MAC)
 D) Network Address Translation (NAT)
 Secure on-premise internet access typically involves which of
the following?

 A) Public Wi-Fi
5  B) Unsecured VPNs C 2
 C) Corporate firewalls
 D) Open networks

Which of the following is a common strategy for securing

external cloud services?

 A) Using a single authentication method

6  B) Encrypting data in transit and at rest B 2
 C) Relying solely on physical security
 D) Ignoring data backup procedures

Tokenization is primarily used to:

 A) Improve network performance

 B) Replace sensitive data with non-sensitive
7 equivalents B 2
 C) Increase storage capacity
 D) Enhance user interface design

Data redaction is the process of:

 A) Encrypting data
8  B) Masking sensitive information B 2
 C) Compressing data files
 D) Enhancing data retrieval speeds

Public Key Infrastructure (PKI) is used in cloud security for:

 A) Data compression
9  B) User interface design C 2
 C) Encryption and digital signatures
 D) Network load balancing

10 Which of the following is essential for securing virtualized B 2

environments in the cloud?

 A) Increased physical security

 B) Hypervisor security
 C) Enhanced user interface
  D) Data redundancy

Total Marks (20 Marks)

UNIT V

OPTIO
Q.NO ANSWER ALL QUESTIONS (10x2) =20 Marks MARKS
N
What is the main purpose of proactive activity monitoring in
cloud security?

 A) To reduce storage costs

1  B) To detect and respond to security threats before they B 2
cause damage
 C) To improve user interface design
 D) To enhance data transfer speeds

Which of the following is a key component of an incident response plan?

 A) User interface enhancements

2  B) Steps for identifying, managing, and mitigating security incidents
B 2
 C) Increasing data storage capacity
 D) Reducing network latency

What is the primary goal of monitoring for unauthorized access

in a cloud environment?

 A) Improving application performance

3  B) Detecting and preventing unauthorized access to B 2
resources
 C) Enhancing user experience
 D) Reducing data redundancy

Which of the following is an example of malicious traffic that should be monitored in a cloud envir

 A) Regular data backups

4  B) Denial of Service (DoS) attacks B 2
 C) Routine maintenance tasks
 D) Data compression activities

5 What is the purpose of events and alerts in cloud security B 2

monitoring?
  A) To increase storage capacity
 B) To notify administrators of potential security issues in
real-time
 C) To enhance network performance
 D) To improve data visualization

Auditing in cloud security primarily involves:

 A) Enhancing user interfaces

6  B) Generating records and reports of system activities B 2
 C) Optimizing network speed
 D) Increasing data storage

Why is tamper-proofing audit logs important in cloud security?

 A) To improve application performance

7  B) To ensure the integrity and reliability of audit data B 2
 C) To reduce data transfer costs
 D) To enhance user experience

In cloud security, Quality of Services (QoS) typically refers to:

 A) Measures to ensure optimal performance and

availability of cloud services
8  B) Enhancing user interfaces A 2
 C) Reducing data redundancy
 D) Increasing storage capacity

Secure management in the context of cloud computing involves:

9
 A) Optimizing data compression B 2
 B) Ensuring secure administrative access and controls
 C) Increasing network bandwidth
 D) Enhancing user interface design

10 What is the primary function of Security Information and Event B 2

Management (SIEM) systems?

 A) To manage data storage

 B) To provide real-time analysis and reporting of security
events
 C) To improve application load times
 D) To enhance user experience

Total Marks (20 Marks)