CCSP Exam Questions
876 real CCSP exam questions with expert-verified answers and explanations. Page 18 of 18.
- Question #862Cloud Concepts, Architecture and Design
Which of the following is NOT one of NIST's five essential characteristics of cloud computing?
NIST Cloud DefinitionCloud CharacteristicsEssential CharacteristicsCloud Fundamentals - Question #863Cloud Data Security
An email is an example of what type of data?
Data ClassificationUnstructured DataData Types - Question #864Cloud Data Security
A company replaces customers' credit card numbers with non-sensitive surrogate values so that the original data isn't exposed. Which technique is this?
TokenizationData ProtectionSensitive DataData Security Techniques - Question #865Cloud Data Security
What is the most effective method to ensure sensitive data on old hard drives cannot be recovered?
Data SanitizationData DisposalMedia DestructionData Recovery Prevention - Question #866Cloud Data Security
Which cryptographic method allows computations to be performed on data without first decrypting it?
Homomorphic EncryptionCryptographyData PrivacyData in Use - Question #867Cloud Data Security
Which solution monitors and prevents unauthorized transfer of sensitive data in and out of the cloud environment?
Data Loss Prevention (DLP)Cloud Data SecurityData ProtectionData Exfiltration Prevention - Question #868Cloud Concepts, Architecture and Design
In the IaaS (Infrastructure-as-a-Service) model, who is responsible for patching and configuring the guest operating system on a virtual machine?
IaaSShared Responsibility ModelGuest OSPatch Management - Question #869Cloud Data Security
Which device is specifically designed to protect and manage cryptographic keys for maximum security?
Hardware Security Module (HSM)Key ManagementCryptographyData Security - Question #870Cloud Platform & Infrastructure Security
Traditional firewalls mainly protect north-south traffic. Which solution is most appropriate for isolating east-west traffic (server-to-server) inside a cloud?
Micro-segmentationEast-west trafficCloud network securityHost-based firewalls - Question #871Cloud Concepts, Architecture and Design
What is an Availability Zone in cloud architecture?
Availability ZoneCloud ArchitectureHigh AvailabilityResilience - Question #872Cloud Concepts, Architecture and Design
Which cloud service model gives the consumer the most control over the guest operating system and applications?
Cloud Service ModelsIaaSConsumer ControlShared Responsibility - Question #873Cloud Application Security
Which of the following is NOT part of the OWASP Top 10 (web application vulnerabilities)?
OWASP Top 10Web application vulnerabilitiesApplication securityCloud security best practices - Question #874Cloud Application Security
Which testing method examines application source code without executing it to find security flaws?
SASTApplication Security TestingSource Code AnalysisSoftware Development Security - Question #875Cloud Platform & Infrastructure Security
Docker is an example of what type of technology?
ContainerizationDockerCloud InfrastructureVirtualization - Question #876Cloud Concepts, Architecture and Design
A SaaS vendor supports enterprise SSO using SAML. What does SAML primarily provide for the user?
SAMLSSOFederated IdentityIdentity and Access Management - Question #877Cloud Application Security
Which practice helps prevent SQL injection vulnerabilities?
SQL InjectionApplication SecurityParameterized QueriesInput Validation - Question #878Cloud Security Operations
In an incident response framework, what is typically the first phase?
Incident ResponseIncident Response FrameworkPreparation PhaseSecurity Operations - Question #879Cloud Security Operations
What system is used to collect, correlate, and analyze logs from multiple cloud sources for threat monitoring?
SIEMLog ManagementThreat MonitoringSecurity Operations - Question #880Cloud Security Operations
In disaster recovery planning, what does RTO (Recovery Time Objective) represent?
RTODisaster Recovery PlanningBusiness ContinuityRecovery Time Objective - Question #881Cloud Data Security
Which backup strategy will minimize downtime (fastest recovery) after a failure?
Backup StrategiesDisaster RecoveryRTOData Resilience - Question #882Cloud Security Operations
What does an organization usually do first when starting a formal incident response?
Incident Response ProcessIncident DetectionIncident ManagementSecurity Operations - Question #883Legal, Risk and Compliance
Under the EU GDPR, within how many hours must a data breach be reported once it is discovered?
GDPRData Breach NotificationCompliance - Question #884Legal, Risk and Compliance
Which U.S. regulation specifically governs the protection of personal health information in the cloud?
HIPAAHealthcare DataRegulationsCompliance - Question #885Legal, Risk and Compliance
Which of the following risk management strategies involves shifting the risk to a third party (e.g., via insurance)?
Risk management strategiesRisk transferenceGRC - Question #886Legal, Risk and Compliance
After applying security controls, the remaining risk that an organization still faces is known as:
Risk managementResidual riskSecurity controls - Question #887Cloud Security Operations
What is an Operational Level Agreement (OLA) in IT service management?
Operational Level Agreement (OLA)IT Service Management (ITSM)Service DeliveryInternal Agreements