Browse Exams Pricing

ExamsCCSPQuestions

CCSP Exam Questions

876 real CCSP exam questions with expert-verified answers and explanations. Page 13 of 18.

Question #610Legal, Risk and Compliance
You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers. Which of the following would be the most appropriate action to tak...
eDiscoveryLegal ComplianceCSP ResponsibilitiesCustomer Notification
Question #611Cloud Concepts, Architecture and Design
If a cloud computing customer wishes to guarantee that a minimum level of resources will always be available, which of the following set of services would compromise the reservatio...
Cloud Resource ManagementResource ReservationCompute Resources
Question #612Cloud Platform & Infrastructure Security
Which of the following threat types can occur when baselines are not appropriately applied or when unauthorized changes are made?
Security misconfigurationBaselinesVulnerability managementChange management
Question #613Cloud Platform & Infrastructure Security
Which of the following is considered an internal redundancy for a data center?
Data centerRedundancyCoolingInfrastructure
Question #614Cloud Application Security
Which of the following threat types involves the sending of invalid and manipulated requests through a user's client to execute commands on the application under their own credenti...
Cross-Site Request ForgeryWeb Application SecurityApplication VulnerabilitiesOWASP Top 10
Question #615Cloud Platform and Infrastructure Security
With finite resources available within a cloud, even the largest cloud providers will at times need to determine which customers will receive additional resources first. What is th...
Cloud Resource ManagementResource AllocationCloud Capacity PlanningMulti-tenancy
Question #616Cloud Data Security
In order to comply with regulatory requirements, which of the following secure erasure methods would be available to a cloud customer using volume storage within the IaaS service m...
Cloud Data ErasureIaaSCryptographic ErasureData Lifecycle Management
Question #617Cloud Data Security
Where is a DLP solution generally installed when utilized for monitoring data in use?
DLP (Data Loss Prevention)Data in useEndpoint securityData protection controls
Question #618Legal, Risk and Compliance
Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?
MultitenancyCloud CertificationsCompliance Challenges
Question #619Cloud Data Security
Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?
DLPCloud Data LifecycleData Protection
Question #620Cloud Data Security
During which phase of the cloud data lifecycle is it possible for the classification of data to change?
Cloud Data LifecycleData ClassificationData Security
Question #621Cloud Concepts, Architecture and Design
If a key feature of cloud computing that your organization desires is the ability to scale and expand without limit or concern about available resources, which cloud deployment mod...
Cloud Deployment ModelsPublic CloudScalabilityCloud Characteristics
Question #622Legal, Risk and Compliance
What is a serious complication an organization faces from the compliance perspective with international operations?
International ComplianceJurisdictional ChallengesLegal RiskCross-border Regulations
Question #623Legal, Risk and Compliance
ISO/IEC has established international standards for many aspects of computing and any processes or procedures related to information technology. Which ISO/IEC standard has been est...
ISO/IEC StandardseDiscoveryComplianceInformation Governance
Question #624Cloud Concepts, Architecture and Design
If a company needed to guarantee through contract and SLAs that a cloud provider would always have available sufficient resources to start their services and provide a certain leve...
Cloud Resource ManagementSLAResource ProvisioningCloud Contracts
Question #625Legal, Risk and Compliance
Many aspects and features of cloud computing can make eDiscovery compliance more difficult or costly. Which aspect of cloud computing would be the MOST complicating factor?
eDiscoveryComplianceMultitenancyCloud challenges
Question #626Cloud Concepts, Architecture and Design
A crucial decision any company must make is in regard to where it hosts the data systems it depends on. A debate exists as to whether it's best to lease space in a data center or b...
Cloud vs. ColocationInfrastructure controlHosting modelsShared responsibility
Question #627Cloud Security Operations
Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?
IDSThreat DetectionNetwork SecuritySecurity Monitoring
Question #628Legal, Risk and Compliance
Which is the lowest level of the CSA STAR program?
CSA STARCloud Security AllianceCompliance frameworksSelf-assessment
Question #629Legal, Risk and Compliance
In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?
Cloud Data LifecycleData ArchivingCompliance TestingRegulatory Requirements
Question #630Cloud Application Security
Which of the following threat types involves leveraging a user's browser to send untrusted data to be executed with legitimate access via the user's valid credentials?
Cross-site Request ForgeryWeb Application SecurityBrowser SecurityAttack Vectors
Question #631Cloud Security Operations
Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries. What term pertains to the application of scient...
Digital ForensicsInvestigationsEvidence HandlingIncident Response
Question #632Cloud Concepts, Architecture and Design
Within a federated identity system, which entity accepts tokens from the identity provider?
Federated IdentityIdentity ProviderRelying PartySecurity Tokens
Question #633Legal, Risk and Compliance
Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on. Which of the following audits are considered "restricted use" ver...
Audit typesSOC reportsComplianceRestricted use reports
Question #634Cloud Platform & Infrastructure Security
Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based IDS over a host-based...
IDSHIDSNIDSSecurity Monitoring
Question #635Cloud Platform & Infrastructure Security
DNSSEC was designed to add a layer of security to the DNS protocol. Which type of attack was the DNSSEC extension designed to mitigate?
DNSSECDNS SecuritySpoofingNetwork Security
Question #636Cloud Concepts, Architecture and Design
Which aspect of cloud computing pertains to cloud customers only paying for the resources and services they actually use?
Cloud characteristicsMeasured servicePay-per-use
Question #637Cloud Concepts, Architecture and Design
Many of the traditional concepts of systems and services for a traditional data center also apply to the cloud. Both are built around key computing concepts. Which of the following...
Computer architectureCore computing conceptsCPUMemory
Question #638Cloud Concepts, Architecture and Design
With a cloud service category where the cloud customer is provided a full application framework into which to deploy their code and services, which storage types are MOST likely to...
PaaSCloud Storage TypesApplication FrameworkStorage Services
Question #639Cloud Platform & Infrastructure Security
Firewalls are used to provide network security throughout an enterprise and to control what information can be accessed--and to a certain extent, through what means. Which of the f...
FirewallNetwork SecurityAccess Control ListsTraffic Filtering
Question #640Cloud Concepts, Architecture and Design
Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?
IaaSCloud BillingResource MeteringCloud Service Models
Question #641Cloud Application Security
Many different common threats exist against web-exposed services and applications. One attack involves attempting to leverage input fields to execute queries in a nested fashion th...
Web application securityInjection attacksSQL injectionApplication threats
Question #642Cloud Concepts, Architecture and Design
For service provisioning and support, what is the ideal amount of interaction between a cloud customer and cloud provider?
Cloud characteristicsService provisioningSelf-service
Question #643Cloud Concepts, Architecture and Design
What does a cloud customer purchase or obtain from a cloud provider?
Cloud servicesCloud computing conceptsCloud service modelsCloud provider
Question #644Cloud Data Security
Which phase of the cloud data lifecycle represents the first instance where security controls can be implemented?
Cloud Data LifecycleData Security ControlsData at Rest
Question #645Cloud Concepts, Architecture and Design
You were recently hired as a project manager at a major university to implement cloud services for the academic and administrative systems. Because the load and demand for services...
NIST Cloud CharacteristicsCloud BenefitsCloud Computing FundamentalsScalability
Question #646Cloud Concepts, Architecture and Design
Which cloud deployment model is MOST likely to offer free or very cheap services to users?
Cloud Deployment ModelsPublic CloudCloud Service CostsCloud Characteristics
Question #647Cloud Data Security
Where is a DLP solution generally installed when utilized for monitoring data in transit?
DLP (Data Loss Prevention)Network SecurityData in TransitSecurity Architecture
Question #648Cloud Concepts, Architecture and Design
With IaaS, what is responsible for handling the security and control over the volume storage space?
IaaS securityShared responsibility modelVolume storage securityOperating system responsibility
Question #649Cloud Platform & Infrastructure Security
Configurations and policies for a system can come from a variety of sources and take a variety of formats. Which concept pertains to the application of a set of configurations and...
Security BaselinesConfiguration ManagementSecurity Policy
Question #650Cloud Concepts, Architecture and Design
Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?
SaaSShared Responsibility ModelCustomer ResponsibilitiesAuthentication
Question #651Legal, Risk and Compliance
An SLA contains the official requirements for contract performance and satisfaction between the cloud provider and cloud customer. Which of the following would NOT be a component w...
SLAService Level AgreementCloud Performance MetricsContract Management
Question #652Cloud Concepts, Architecture and Design
Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?
Federated IdentitySAMLIdentity and Access ManagementAuthentication Protocols
Question #653Cloud Data Security
Which data state would be most likely to use digital signatures as a security protection mechanism?
Digital SignaturesData in Use SecurityData StatesIntegrity and Authenticity
Question #654Legal, Risk and Compliance
There is a large gap between the privacy laws of the United States and those of the European Union. Bridging this gap is necessary for American companies to do business with Europe...
Safe HarborEU-US data transferPrivacy lawsCompliance frameworks
Question #655Legal, Risk and Compliance
Audits are either done based on the status of a system or application at a specific time or done as a study over a period of time that takes into account changes and processes. Whi...
SOC reportsAudit typesComplianceService Organization Controls
Question #656Cloud Platform & Infrastructure Security
With software-defined networking (SDN), which two types of network operations are segregated to allow for granularity and delegation of administrative access and functions?
SDNControl PlaneData PlaneNetwork Segregation
Question #657Cloud Platform & Infrastructure Security
Along with humidity, temperature is crucial to a data center for optimal operations and protection of equipment. Which of the following is the optimal temperature range as set by A...
Data Center Environmental ControlsASHRAE StandardsPhysical InfrastructureTemperature Management
Question #658Cloud Platform and Infrastructure Security
Which of the following statements best describes a Type 1 hypervisor?
Hypervisor typesType 1 hypervisorVirtualizationBare metal
Question #659Cloud Concepts, Architecture and Design
Which cloud storage type resembles a virtual hard drive and can be utilized in the same manner and with the same type of features and capabilities?
Cloud storageBlock storageVirtual hard driveCloud infrastructure

PreviousPage 13 of 18Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.