90 likes | 121 Views
Are you planning to take ISC2 CCSP certification exam? Then you must be in need of best study material for your certification exam. Come and join Dumpshq to find the best ISC2 CCSP for preparation , and pass the exam at the first attempt.
E N D
Questions & Answers PDF Page 1 ISC2 CCSP Braindumps Certified Cloud Security Professional Exam Questions & Answers (Demo Version – Limited Content) Thank you for Downloading CCSP exam PDF Demo You can also try our CCSP practice exam software Download Free Demo: https://www.dumpshq.com/isc2/CCSP-braindumps.html https://www.dumpshq.com
Questions & Answers PDF Page 2 Version: 6.0 Question: 1 Which of the following best describes a cloud carrier? A. A person or entity responsible for making a cloud service available to consumers B. The intermediary who provides connectivity and transport of cloud services between cloud providers and cloud consumers C. The person or entity responsible for keeping cloud services running for customers D. The person or entity responsible for transporting data across the Internet Answer: B Question: 2 Which security certification serves as a general framework that can be applied to any type of system or application? A. ISO/IEC 27001 B. PCI DSS C. FIPS 140-2 D. NIST SP 800-53 Answer: A Question: 3 At which phase of the SDLC process should security begin participating? A. Requirements gathering B. Requirements analysis C. Design D. Testing Answer: A Question: 4 Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology? A. Concurrently Maintainable Site Infrastructure B. Fault-Tolerant Site Infrastructure C. Basic Site Infrastructure https://www.dumpshq.com
Questions & Answers PDF Page 3 D. Redundant Site Infrastructure Capacity Components Answer: D Question: 5 You have been tasked with creating an audit scope statement and are making your project outline. Which of the following is NOT typically included in an audit scope statement? A. Statement of purpose B. Deliverables C. Classification D. Costs Answer: D Question: 6 Different types of cloud deployment models use different types of storage from traditional data centers, along with many new types of software platforms for deploying applications and configurations. Which of the following is NOT a storage type used within a cloud environment? A. Docker B. Object C. Structured D. Volume Answer: A Question: 7 Who is ultimately responsible for a data breach that includes personally identifiable information (PII), in the event of negligence on the part of the cloud provider? A. The user B. The subject C. The cloud provider D. The cloud customer Answer: D Question: 8 Which of the following is not a reason for conducting audits? A. Regulatory compliance B. User satisfaction C. Determination of service quality D. Security assurance https://www.dumpshq.com
Questions & Answers PDF Page 4 Answer: B Question: 9 Under EU law, a cloud customer who gives sensitive data to a cloud provider is still legally responsible for the damages resulting from a data breach caused by the provider; the EU would say that it is the cloud customer’s fault for choosing the wrong provider. This is an example of insufficient ____________. A. Proof B. Evidence C. Due diligence D. Application of reasonableness Answer: C Question: 10 Which ISO standard refers to addressing security risks in a supply chain? A. ISO 27001 B. ISO/IEC 28000:2007 C. ISO 18799 D. ISO 31000:2009 Answer: B Question: 11 When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time. What process is necessary to ensure events are collected and processed with this in mind? A. Continual review B. Continuous optimization C. Aggregation updates D. Event elasticity Answer: B Question: 12 Which of the following are contractual components that the CSP should review and understand fully when contracting with a cloud service provider? (Choose two.) https://www.dumpshq.com
Questions & Answers PDF Page 5 A. Concurrently maintainable site infrastructure B. Use of subcontractors C. Redundant site infrastructure capacity components D. Scope of processing Answer: B, D Question: 13 TLS uses ___________ to authenticate a connection and create a shared secret for the duration of the session. A. SAML 2.0 B. X.509 certificates C. 802.11X D. The Diffie-Hellman process Answer: B Question: 14 Why are PaaS environments at a higher likelihood of suffering backdoor vulnerabilities? A. They rely on virtualization. B. They are often used for software development. C. They have multitenancy. D. They are scalable. Answer: B Question: 15 Impact resulting from risk being realized is often measured in terms of ____________. A. Amount of data lost B. Money C. Amount of property lost D. Number of people affected Answer: B Question: 16 Which of the following is a possible negative aspect of bit-splitting? A. Greater chance of physical theft of assets B. Loss of public image C. Some risk to availability, depending on the implementation D. A small fire hazard https://www.dumpshq.com
Questions & Answers PDF Page 6 Answer: C Question: 17 What is the amount of fuel that should be on hand to power generators for backup datacenter power, in all tiers, according to the Uptime Institute? A. 1 B. 1,000 gallons C. 12 hours D. As much as needed to ensure all systems may be gracefully shut down and data securely stored Answer: C Question: 18 DRM solutions should generally include all the following functions, except: A. Persistency B. Automatic self-destruct C. Automatic expiration D. Dynamic policy control Answer: B Question: 19 Which of the following is considered an administrative control? A. Access control process B. Keystroke logging C. Door locks D. Biometric authentication Answer: A Question: 20 The Cloud Security Alliance (CSA) publishes, the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, all of the following activity can result in data loss except ____________. A. Misplaced crypto keys B. Improper policy C. Ineffectual backup procedures D. Accidental overwrite https://www.dumpshq.com
Questions & Answers PDF Page 7 Answer: B Question: 21 You are the security manager for a software development firm. Your company is interested in using a managed cloud service provider for hosting its testing environment. Previous releases have shipped with major flaws that were not detected in the testing phase; leadership wants to avoid repeating that problem. What tool/technique/technology might you suggest to aid in identifying programming errors? A. Vulnerability scans B. Open source review C. SOC audits D. Regulatory review Answer: B Question: 22 _______ is the most prevalent protocol used in identity federation. A. HTTP B. SAML C. FTP D. WS-Federation Answer: B https://www.dumpshq.com
Questions & Answers PDF Page 8 Thank You for trying CCSP PDF Demo To try our CCSP practice exam software visit link below https://www.dumpshq.com/isc2/CCSP-braindumps.html Start Your CCSP Preparation Use Coupon “20OFF” for extra 20% discount on the purchase of Practice Test Software. Test your CCSP preparation with actual exam questions. https://www.dumpshq.com