Which methodology encompasses conducting tests around the interaction of end users with new code that is intended for a patch?

A group of DevOps engineers adopted the network-as-code methodology to manage network infrastructure. During a code release, the engineers find a bug that is causing issues on a production site. Which safeguard will allow the engineers to restore functionality to the production site?

A governmental data storage organization plans to relocate its primary North American data center to a new property with larger acreage. Which defense should the organization deploy at this location to prevent vehicles from causing harm to the data center?

An organization experienced an unplanned event. As a result, the customers using the web application face a loss of service. What does the incident generated in this situation seek to resolve?

Which component allows customers to transfer data into and out of a cloud computing vendor’s environment?

Which testing standard is currently used to guide Service Organization Control (SOC) audits outside the United States?

Which tool should a developer use to describe the requirements they have gathered for a code improvement they are tasked with making as part of a current release?

Which activity is within the scope of the cloud provider’s role in the chain of custody?

Which data destruction technique involves encrypting the data, followed by encrypting the resulting keys with a different engine, and then destroying the keys resulting from the second encryption round?

An organization wants to track how often a file is accessed and by which users. Which information rights management (IRM) solution should the organization implement?

Which design pillar encompasses the ability to support development and run workloads effectively, gain insights into operations, and continuously improve supporting processes to deliver business value?

An organization is reviewing a contract from a cloud service provider and wants to ensure that all aspects of the contract are adhered to by the cloud service provider. Which control will allow the organization to verify that the cloud provider is meeting its obligations?

An organization is considering using vendor-specific application programming interfaces (APIs) and internal tools to set up a new service. However, the engineers are against this plan and are advocating for a new policy to prevent issues that could arise. Which common concern in cloud applications are the engineers concerned about?

An organization is implementing a new hybrid cloud deployment. Before granting access to any of the resources, the security team wants to ensure that all employees are checked against a database to see if they are allowed to access the requested resource. Which type of security control is the organization leveraging for its employees?

Which tool provides a dedicated environment to contain and analyze malware?

An organization creates a plan for long-term cloud storage of its backup data. What should the organization address to avoid losing access to its data?

Which type of data sanitization should be used to destroy data on a USB thumb drive while keeping the drive intact?

Which term describes data elements that, when combined with other information, are used to single out an individual?

Developers need to be aware of a common application programming interface (API) threat that occurs when attackers send malicious code through a form input to a web application so that it may then be executed. Which type of attack represents this API threat?

Which characteristic of cloud computing refers to sharing physical assets among multiple customers?

An organization is implementing a new hybrid cloud deployment and wants all employees to provide a username, password, and security token before accessing any of the cloud resources. Which type of security control is the organization leveraging for its employees?

A customer service representative needs to verify a customer's private information, but the representative does not need to see all the information. Which technique should the service provider use to protect the privacy of the customer?

After selecting a new vendor, what should an organization do next as part of the vendor onboarding process?

A user creates new financial documents that will be stored in the cloud. Which action should the user take before uploading the documents to protect them against threats such as packet capture and on-path attacks?