It is impossible to pass ISC2 CCSP exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed ISC2 CCSP practice questions. You will get a surprising result by our Replace Certified Cloud Security Professional practice guides.
NEW QUESTION 1
DRM solutions should generally include all the following functions, except:
- A. Persistency
- B. Automatic self-destruct
- C. Automatic expiration
- D. Dynamic policy control
Answer: B
NEW QUESTION 2
In general, a cloud BCDR solution will be ______ than a physical solution. Response:
- A. Slower
- B. Less expensive
- C. Larger
- D. More difficult to engineer
Answer: B
NEW QUESTION 3
The cloud deployment model that features organizational ownership of the hardware and infrastructure, and usage only by members of that organization, is known as:
Response:
- A. Private
- B. Public
- C. Hybrid
- D. Motive
Answer: A
NEW QUESTION 4
TLS uses ______ to authenticate a connection and create a shared secret for the duration of the session.
- A. SAML 2.0
- B. X.509 certificates
- C. 802.11X
- D. The Diffie-Hellman process
Answer: B
NEW QUESTION 5
A web application firewall (WAF) can understand and act on ______ traffic.
Response:
- A. Malicious
- B. SMTP
- C. ICMP
- D. HTTP
Answer: D
NEW QUESTION 6
Which concept pertains to cloud customers paying only for the resources they use and consume, and only for the duration they are using them?
Response:
- A. Measured service
- B. Auto-scaling
- C. Portability
- D. Elasticity
Answer: A
NEW QUESTION 7
Although performing BCDR tests at regular intervals is a best practice to ensure processes and documentation are still relevant and efficient, which of the following represents a reason to conduct a BCDR review outside of the regular interval?
Response:
- A. Staff changes
- B. Application changes
- C. Regulatory changes
- D. Management changes
Answer: B
NEW QUESTION 8
Which of the following methods for the safe disposal of electronic records can always be used in a cloud
environment? Response:
- A. Physical destruction
- B. Encryption
- C. Overwriting
- D. Degaussing
Answer: B
NEW QUESTION 9
Cloud environments are based entirely on virtual machines and virtual devices, and those images are also in need of storage within the environment. What type of storage is typically used for virtual images?
Response:
- A. Volume
- B. Structured
- C. Unstructured
- D. Object
Answer: D
NEW QUESTION 10
All of the following are identity federation standards commonly found in use today except ______.
Response:
- A. WS-Federation
- B. OpenID
- C. OAuth
- D. PGP
Answer: D
NEW QUESTION 11
An audit against the ______ will demonstrate that an organization has a holistic, comprehensive security program.
Response:
- A. SAS 70 standard
- B. SSAE 16 standard
- C. SOC 2, Type 2 report matrix
- D. ISO 27001 certification requirements
Answer: D
NEW QUESTION 12
The Brewer-Nash security model is also known as which of the following? Response:
- A. MAC
- B. The Chinese Wall model
- C. Preventive measures
- D. RBAC
Answer: B
NEW QUESTION 13
According to OWASP recommendations, active software security testing should include all of the following except ______ .
Response:
- A. Session initiation testing
- B. Input validation testing
- C. Testing for error handling
- D. Testing for weak cryptography
Answer: A
NEW QUESTION 14
Resolving resource contentions in the cloud will most likely be the job of the ______.
Response:
- A. Router
- B. Emulator
- C. Regulator
- D. Hypervisor
Answer: D
NEW QUESTION 15
Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology?
- A. Concurrently Maintainable Site Infrastructure
- B. Fault-Tolerant Site Infrastructure
- C. Basic Site Infrastructure
- D. Redundant Site Infrastructure Capacity Components
Answer: D
NEW QUESTION 16
Who should be involved in review and maintenance of user accounts/access? Response:
- A. The user’s manager
- B. The security manager
- C. The accounting department
- D. The incident response team
Answer: A
NEW QUESTION 17
Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology?
Response:
- A. Concurrently Maintainable Site Infrastructure
- B. Fault-Tolerant Site Infrastructure
- C. Basic Site Infrastructure
- D. Redundant Site Infrastructure Capacity Components
Answer: D
NEW QUESTION 18
Which one of the following is not one of the three common threat modeling techniques? Response:
- A. Focused on assets
- B. Focused on attackers
- C. Focused on software
- D. Focused on social engineering
Answer: D
NEW QUESTION 19
Which SSAE 16 report is purposefully designed for public release (for instance, to be posted on a company’s website)?
Response:
- A. SOC 1
- B. SOC 2, Type 1
- C. SOC 2, Type 2
- D. SOC 3
Answer: D
NEW QUESTION 20
Which of the following is not a feature of SAST? Response:
- A. Source code review
- B. Team-building efforts
- C. “White-box” testing
- D. Highly skilled, often expensive outside consultants
Answer: B
NEW QUESTION 21
Static software security testing typically uses ______ as a measure of how thorough the testing was. Response:
- A. Number of testers
- B. Flaws detected
- C. Code coverage
- D. Malware hits
Answer: C
NEW QUESTION 22
Which of the following is a method for apportioning resources that involves setting maximum usage amounts for all tenants/customers within the environment?
Response:
- A. Reservations
- B. Shares
- C. Cancellations
- D. Limits
Answer: D
NEW QUESTION 23
Because PaaS implementations are so often used for software development, what is one of the vulnerabilities that should always be kept in mind?
Response:
- A. Malware
- B. Loss/theft of portable devices
- C. Backdoors
- D. DoS/DDoS
Answer: C
NEW QUESTION 24
You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment.
What should you not expect the tool to address? Response:
- A. Sensitive data sent inadvertently in user emails
- B. Sensitive data captured by screen shots
- C. Sensitive data moved to external devices
- D. Sensitive data in the contents of files sent via FTP
Answer: B
NEW QUESTION 25
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing.
According to the CSA, what is one reason the threat of insecure interfaces and APIs is so prevalent in cloud computing?
Response:
- A. Most of the cloud customer’s interaction with resources will be performed through APIs.
- B. APIs are inherently insecure.
- C. Attackers have already published vulnerabilities for all known APIs.
- D. APIs are known carcinogens.
Answer: A
NEW QUESTION 26
Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except:
Response:
- A. The cloud provider’s suppliers
- B. The cloud provider’s vendors
- C. The cloud provider’s utilities
- D. The cloud provider’s resellers
Answer: D
NEW QUESTION 27
The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program has ______ tiers.
Response:
- A. Two
- B. Three
- C. Four
- D. Eight
Answer: B
NEW QUESTION 28
......
100% Valid and Newest Version CCSP Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/CCSP/ (New 353 Q&As)