Crowdly
Add to Chrome
CSIT970 (IA25) Security Essentials
Looking for CSIT970 (IA25) Security Essentials test answers and solutions? Browse our comprehensive collection of verified answers for CSIT970 (IA25) Security Essentials at moodle.uowplatform.edu.au.
Get instant access to accurate answers and detailed explanations for your course questions. Our community-driven platform helps students succeed!
What is a “man trap” in the context of cloud security?
A company can collect sensitive data (e.g., health records) only if:
A) It’s "interesting for marketing"
B) The individual consents, or it’s legally required
C) The CEO approves it
D) It’s publicly available
Which of the following is the most appropriate example of a SaaS (Software as a Service) application?
E. Docker
Engine
Which of the following best describes “elasticity” in cloud computing?
A. The ability to store data across different locations
B. The process of making cloud infrastructure publicly accessible
C. The capability to dynamically scale computing resources based on demand
D. The method of securing cloud storage through encryption
E. A pricing model that charges a fixed monthly fee
In which cloud deployment model is infrastructure shared with the general public and owned by a third-party provider?
A. Private Cloud
B. Hybrid Cloud
C. Public Cloud
D. Community Cloud
E.
Multi-tenant Cloud
What is a defining feature of Infrastructure as a Service (IaaS)?
A.The user manages only the application and
data while the provider handles everything else
B.The platform is designed exclusively for
desktop environments
C.The user controls the operating system
and storage but not the physical infrastructure
D.It only supports web-based email servicesE.Applications are accessed without any
programming interface
What must an organization include in its APP privacy policy?
A) Only contact details of the CEO
B) Types of personal data collected and how it’s used
C) Employee salary information
D) Future business expansion plans
A ride-sharing app collects location data to: Match riders with drivers, Calculate fares, and Improve its routing algorithm.
Six months later, the app wants to: Sell aggregated location trends to urban planners, and Use individual trip data for targeted ads.
Which combination would comply with Purpose Limitation?
A) Only selling aggregated data
B) Only using data for ads with user consent
C) Both uses if properly disclosed in the original privacy policy
D) Neither use without additional measures
E) Only if data is first anonymized for both purposes
Under GDPR’s "Purpose Limitation" principle, when can an organization reuse collected personal data for a new purpose?
A) Only if the new purpose is more profitable than the original one.
B) If the data is anonymized first, regardless of the original purpose.
C) If the new purpose is compatible with the original purpose or new consent is obtained.
D) After 1 year has passed since the original data collection.
E) Only if the organization is a government entity.
A fitness tracker collects:
•Exact GPS coordinates (for
"community heatmaps")
Which action best complies with Data Minimisation?
A) Keep all data for "future
features"
B) Anonymize GPS data and let users
disable tracking
C) Require all data points for basic
functionality
D) Store GPS data indefinitely for
R&D
E)
Sell sleep data to research firms with consent