ExamGecko
Search Search Login
Home Home / ECCouncil / 112-51
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following algorithms uses a sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertible permutes?
Identify the UBA tool that collects user activity details from multiple sources and uses artificial intelligence and machine learning algorithms to perform user behavior analysis to prevent and detect various threats before the fraud is perpetrated.
Which of the following types of network traffic flow does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text?
A major fire broke out in the storeroom of CyberSol Inc. It first gutted the equipment in the storeroom and then started spreading to other areas in the company. The officials of the company informed the fire department. The fire rescue team reached the premises and used a distribution piping system to suppress the fire, thereby preventing any human or asset loss. Identify the type of fire-fighting system used by the rescue team in the above scenario.
Which of the following types of network cable is made up of a single copper conductor at its center and a plastic layer that provides an insulated center conductor with a braided metal shield?
Sarah was accessing confidential office files from a remote location via her personal computer connected to the public Internet. Accidentally, a malicious file was downloaded onto Sarah's computer without her knowledge. This download might be due to the free Internet access and the absence of network defense solutions. Identify the Internet access policy demonstrated in the above scenario.
Which of the following algorithms is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits?
Steve was sharing his confidential file with John via an email that was digitally signed and encrypted. The digital signature was made using the 'Diffie-Hellman (X9.42) with DSS' algorithm, and the email was encrypted using triple DES. Which of the following protocols employs the above features to encrypt an email message?
Below is the list of encryption modes used in a wireless network. 1.WPA2 Enterprise with RADIUS 2.WPA3 3.WPA2 PSK 4.WPA2 Enterprise Identify the correct order of wireless encryption modes in terms of security from high to low.
Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications. Identify the type of cloud service requested by Cibel.org in the above scenario.

Question 31 - 112-51 discussion

Report
Export

Which of the following ISO standards provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer's clients by securing personally identifiable information entrusted to them?

A.
ISO/IEC 27001
Answers
A.
ISO/IEC 27001
B.
ISO/IEC 27018
Answers
B.
ISO/IEC 27018
C.
ISO/IEC 27011
Answers
C.
ISO/IEC 27011
D.
ISO/IEC 27007
Answers
D.
ISO/IEC 27007
Suggested answer: B

Explanation:

ISO/IEC 27018 is the ISO standard that provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer's clients by securing personally identifiable information entrusted to them. ISO/IEC 27018 is a code of practice for protecting personal information in cloud storage. The term for the personal data it covers is Personally Identifiable Information or PII. ISO/IEC 27018 is an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process PII to assess risk and implement controls for protecting PII. ISO/IEC 27018 was created in 2014 and updated in 2019. It has the following objectives:

Help the public cloud service provider to comply with applicable obligations when acting as a PII processor, whether such obligations fall on the PII processor directly or through contract.

Enable the public cloud PII processor to be transparent in relevant matters so that cloud service customers can select well-governed cloud-based PII processing services.

Assist the cloud service customer and the public cloud PII processor in entering into a contractual agreement.

Provide cloud service customers with a mechanism for exercising audit and compliance rights and responsibilities in cases where individual cloud service customer audits of data hosted in a multiparty, virtualized server (cloud) environment can be impractical technically and can increase risks to those physical and logical network security controls in place123.

ISO/IEC 27018: Protecting PII in Public Clouds - ISMS.online, ISMS.online, 2019

ISO/IEC 27018 - Wikipedia, Wikipedia, 2021

ISO/IEC 27018:2019 - Information technology --- Security techniques --- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, ISO, 2019

Show Answer
asked 18/09/2024
Mithun E
50 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms