Browse Exams Pricing

ExamsCCSPQuestions

CCSP Exam Questions

876 real CCSP exam questions with expert-verified answers and explanations. Page 17 of 18.

Question #811Cloud Data Security
Data labels could include all the following, except:
Data labelingData classificationMetadataData security
Question #812Legal, Risk and Compliance
What are the U.S. Commerce Department controls on technology exports known as?
Export ControlsTechnology ExportsRegulationsCompliance
Question #813Cloud Data Security
All of these are methods of data discovery, except:
Data DiscoveryData ClassificationData Security
Question #814Cloud Platform & Infrastructure Security
The various models generally available for cloud BC/DR activities include all of the following except:
Cloud BC/DRDisaster Recovery modelsBusiness ContinuityCloud architecture
Question #815Legal, Risk and Compliance
Which kind of SSAE audit reviews controls dealing with the organization's controls for assuring the confidentiality, integrity, and availability of data?
SOC ReportsAudit and AssuranceComplianceCIA Triad
Question #816Cloud Security Operations
To address shared monitoring and testing responsibilities in a cloud configuration, the provider might offer all these to the cloud customer except:
Shared Responsibility ModelCloud MonitoringCloud Provider ResponsibilitiesSecurity Operations
Question #817Legal, Risk and Compliance
Which kind of SSAE audit report is most beneficial for a cloud customer, even though it's unlikely the cloud provider will share it?
SOC reportsCloud auditComplianceThird-party risk
Question #818Legal, Risk and Compliance
When reviewing the BIA after a cloud migration, the organization should take into account new factors related to data breach impacts. One of these new factors is:
Legal LiabilityShared ResponsibilityData BreachBusiness Impact Analysis
Question #819Cloud Concepts, Architecture and Design
What is the term we use to describe the general ease and efficiency of moving data from one cloud provider either to another cloud provider or down from the cloud?
Cloud portabilityData migrationCloud concepts
Question #820Cloud Security Operations
Countermeasures for protecting cloud operations against internal threats include all of the following except:
Internal threatsSecurity controlsPersonnel securityCloud security operations
Question #821Cloud Concepts, Architecture and Design
The cloud customer will have the most control of their data and systems, and the cloud provider will have the least amount of responsibility, in which cloud computing arrangement?
Cloud Service ModelsShared Responsibility ModelIaaSCustomer Control
Question #822Cloud Security Operations
Countermeasures for protecting cloud operations against external attackers include all of the following except:
Cloud Security OperationsExternal Threat ProtectionSecurity ControlsPersonnel Security
Question #823Cloud Concepts, Architecture and Design
User access to the cloud environment can be administered in all of the following ways except:
Access ManagementCloud IAMAdministration ModelsShared Responsibility Model
Question #824Cloud Security Operations
Countermeasures for protecting cloud operations against internal threats include all of the following except:
Internal threatsPersonnel securitySecurity awarenessRisk mitigation
Question #825Legal, Risk and Compliance
Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except:
Business Impact Analysis (BIA)Cloud DependenciesSupply Chain Risk ManagementThird-Party Risk Management
Question #826Cloud Concepts, Architecture and Design
Because of multitenancy, specific risks in the public cloud that don't exist in the other cloud service models include all the following except:
MultitenancyPublic Cloud RisksCloud Service ModelsShared Responsibility Model
Question #827Cloud Concepts, Architecture and Design
What is the cloud service model in which the customer is responsible for administration of the OS?
Cloud Service ModelsIaaSShared Responsibility ModelOperating System Administration
Question #828Cloud Data Security
All of the following are techniques to enhance the portability of cloud data, in order to minimize the potential of vendor lock-in except:
Data PortabilityVendor Lock-inDRMDLP
Question #829Cloud Platform & Infrastructure Security
Hardening the operating system refers to all of the following except:
Operating System HardeningSystem SecurityAttack Surface ReductionEndpoint Security
Question #830Legal, Risk and Compliance
Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud provider?
SOC reportsCloud complianceAudit reportsVendor assessment
Question #831Legal, Risk and Compliance
The cloud customer's trust in the cloud provider can be enhanced by all of the following except:
Customer trustCloud provider relationsSLAsAudits
Question #832Legal, Risk and Compliance
As a result of scandals involving publicly traded corporations such as Enron, WorldCom, and Adelphi, Congress passed legislation known as:
SOXSarbanes-Oxley ActComplianceLegal Frameworks
Question #833Legal, Risk and Compliance
In addition to whatever audit results the provider shares with the customer, what other mechanism does the customer have to ensure trust in the provider's performance and duties?
Cloud ContractsService Level AgreementsProvider TrustLegal Obligations
Question #834Legal, Risk and Compliance
The application normative framework is best described as which of the following?
Normative FrameworksOrganizational Normative Framework (ONF)Application Security FrameworksFramework Relationships
Question #835Cloud Security Operations
Deviations from the baseline should be investigated and __________________.
Security BaselinesDocumentationConfiguration ManagementSecurity Operations
Question #836Cloud Application Security
Which of the following best describes the Organizational Normative Framework (ONF)?
Organizational Normative FrameworkApplication SecuritySecurity FrameworksBest Practices
Question #837Cloud Platform & Infrastructure Security
A UPS should have enough power to last how long?
UPSPower ManagementGraceful ShutdownInfrastructure Resilience
Question #838Cloud Application Security
Which of the following best describes the purpose and scope of ISO/IEC 27034-1?
ISO/IEC 27034-1Application SecuritySecurity Standards
Question #839Cloud Platform & Infrastructure Security
Which of the following best describes SAML?
SAMLFederated IdentityAuthenticationAuthorization
Question #840Cloud Application Security
Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like:
WAFWeb Application SecuritySQL InjectionXSS
Question #841Cloud Concepts, Architecture and Design
APIs are defined as which of the following?
API DefinitionApplication Programming InterfaceSoftware ConceptsCloud Architecture Components
Question #842Cloud Data Security
Which of the following best describes data masking?
Data MaskingData ProtectionTest Data Management
Question #843Cloud Application Security
Which of the following best describes a sandbox?
SandboxIsolationSecure developmentSecurity testing
Question #844Cloud Security Operations
A localized incident or disaster can be addressed in a cost-effective manner by using which of the following?
Disaster RecoveryBusiness ContinuityIncident ManagementMutual Aid Agreements
Question #845Cloud Platform & Infrastructure Security
In addition to battery backup, a UPS can offer which capability?
UPSPower ProtectionPhysical Infrastructure SecurityAvailability
Question #846Cloud Security Operations
For performance purposes, OS monitoring should include all of the following except:
OS monitoringPerformance metricsSystem performanceCloud security operations
Question #847Cloud Security Operations
Identity and access management (IAM) is a security discipline that ensures which of the following?
Identity and Access Management (IAM)AuthenticationAuthorizationAccess Control
Question #848Cloud Security Operations
Maintenance mode requires all of these actions except:
Maintenance ModeOperational ProceduresCloud OperationsSecurity Controls
Question #849Cloud Security Operations
What is one of the reasons a baseline might be changed?
Baseline managementChange managementConfiguration management
Question #850Cloud Concepts, Architecture and Design
In a federated identity arrangement using a trusted third-party model, who is the identity provider and who is the relying party?
Federated IdentityIdentity Provider (IdP)Relying Party (RP)Identity and Access Management (IAM)
Question #851Cloud Data Security
Database activity monitoring (DAM) can be:
Database Activity Monitoring (DAM)Data Security ControlsDeployment ModelsCloud Data Security
Question #852Cloud Security Operations
The BC/DR kit should include all of the following except:
BC/DRDisaster Recovery KitEmergency Preparedness
Question #853Cloud Platform & Infrastructure Security
The baseline should cover which of the following?
Security BaselineConfiguration ManagementSecurity ScopeOrganizational Security
Question #855Cloud Data Security
Which of the following storage types is most closely associated with a database-type storage implementation?
Storage typesDatabase conceptsStructured data
Question #856Cloud Data Security
A data custodian is responsible for which of the following?
Data custodianData roles and responsibilitiesData security rolesData governance
Question #857Legal, Risk and Compliance
Which of the following is the least challenging with regard to eDiscovery in the cloud?
eDiscoveryCloud ForensicsLegal ComplianceData Sovereignty
Question #858Cloud Concepts, Architecture and Design
Matthew's company is using a cloud service where the provider hosts virtual servers on shared hardware, but each server is dedicated to his company. Which cloud deployment model is...
Cloud deployment modelsPublic cloudCloud characteristics
Question #859Cloud Platform & Infrastructure Security
Which hypervisor type is considered most secure because it minimizes the attack surface by running directly on hardware?
Hypervisor typesVirtualization securityAttack surfaceBare-metal hypervisor
Question #860Cloud Concepts, Architecture and Design
Which of the following sources provides vendor-neutral design patterns and best practices for cloud security?
Cloud Security AllianceVendor-neutral standardsCloud security frameworksBest practices
Question #861Cloud Concepts, Architecture and Design
A company needs low-latency processing for IoT devices located in factories. Which cloud concept fits this need by moving computation closer to the devices?
Edge computingIoTLow latencyCloud architecture

PreviousPage 17 of 18Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.