Browse Exams Pricing

ExamsCCSPQuestions

CCSP Exam Questions

876 real CCSP exam questions with expert-verified answers and explanations. Page 2 of 18.

Question #51Cloud Platform & Infrastructure Security
The Transport Layer Security (TLS) protocol creates a secure communications channel over public media (such as the Internet). In a typical TLS session, who initiates the protocol?
TLS handshakeClient-server interactionProtocol initiationNetwork security
Question #52Cloud Data Security
Which of the following is the best and only completely secure method of data destruction?
Data DestructionMedia SanitizationPhysical DestructionSecure Data Disposal
Question #53Legal, Risk and Compliance
You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment. In order to get truly holistic coverage...
DLP deploymentUser agreementsLegal compliancePrivacy
Question #54Cloud Application Security
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what is one reason...
CSA Notorious NineAPI SecurityCloud ThreatsInsecure Interfaces
Question #55Legal, Risk and Compliance
Which document will enforce uptime and availability requirements between the cloud customer and cloud provider?
Service Level AgreementCloud AgreementsUptimeAvailability
Question #56Cloud Data Security
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:
Data SecurityData ObfuscationData MaskingTokenization
Question #57Cloud Application Security
Because PaaS implementations are so often used for software development, what is one of the vulnerabilities that should always be kept in mind?
PaaS securityApplication development securityBackdoorsVulnerabilities
Question #58Cloud Platform & Infrastructure Security
Of the following, which is probably the most significant risk in a managed cloud environment?
Cloud Security RisksManagement Plane SecurityCloud Control PlaneCloud Breaches
Question #59Cloud Concepts, Architecture and Design
All of the following are usually nonfunctional requirements except ____________.
Functional RequirementsNonfunctional RequirementsSystem DesignCloud Architecture Principles
Question #60Cloud Data Security
You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment. What should you not expect the tool to...
DLPCloud Data SecurityData ProtectionSecurity Controls
Question #61Cloud Platform & Infrastructure Security
When a data center is configured such that the backs of the devices face each other and the ambient temperature in the work area is cool, it is called ___________.
Data Center CoolingHot Aisle ContainmentPhysical InfrastructureEnvironmental Controls
Question #62Cloud Platform and Infrastructure Security
One of the security challenges of operating in the cloud is that additional controls must be placed on file storage systems because ____________.
Cloud Storage SecurityVirtual Machine SecurityData at RestCloud Infrastructure
Question #63Cloud Data Security
DLP can be combined with what other security technology to enhance data controls?
DLPDRMData ProtectionSecurity Controls
Question #64Cloud Data Security
Which of the following best describes data masking?
Data MaskingData ProtectionTest Data ManagementData Obfuscation
Question #65Cloud Platform & Infrastructure Security
The Transport Layer Security (TLS) protocol creates a secure communications channel over public media (such as the Internet). In a typical TLS session, what is the usual means for...
TLSPKICertificatesTrust Establishment
Question #66Cloud Concepts, Architecture and Design
Which of the following are considered to be the building blocks of cloud computing?
Cloud fundamentalsCloud infrastructureCore componentsCompute resources
Question #67Cloud Security Operations
A honeypot should contain _________ data.
HoneypotsThreat IntelligenceSecurity MonitoringDecoy Systems
Question #68Legal, Risk and Compliance
Which of the following is a risk in the cloud environment that is not existing or is as prevalent in the legacy environment?
Cloud RisksLegal LiabilityJurisdictional Compliance
Question #69Cloud Application Security
You are the security manager for a software development firm. Your company is interested in using a managed cloud service provider for hosting its testing environment. Management i...
Agile DevelopmentSDLCIterative DevelopmentApplication Development
Question #70Cloud Application Security
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application developme...
OWASP Top TenSensitive Data ExposureUser TrainingApplication Security
Question #71Cloud Data Security
Data labels could include all the following, except:
Data classificationData labelingData security controlsAccess control
Question #72Legal, Risk and Compliance
Which of the following is not an enforceable governmental request?
Legal ConceptsComplianceGovernmental RequestsInvestigations
Question #74Cloud Concepts, Architecture and Design
Which of the following is characterized by a set maximum capacity?
Cloud architectureSystem couplingScalabilityTightly coupled systems
Question #75Cloud Concepts, Architecture and Design
What are the six components that make up the STRIDE threat model?
STRIDE Threat ModelThreat ModelingSecurity Assessment
Question #76Cloud Concepts, Architecture and Design
You are the security manager for a small application development company. Your company is considering the use of the cloud for software testing purposes. Which cloud service model...
Cloud service modelsPaaSApplication developmentSoftware testing
Question #77Cloud Application Security
What is the primary security mechanism used to protect SOAP and REST APIs?
API SecurityEncryptionData in TransitConfidentiality
Question #78Legal, Risk and Compliance
Which of the following is not one of the defined security controls domains within the Cloud Controls Matrix, published by the Cloud Security Alliance?
Cloud Controls Matrix (CCM)Cloud Security Alliance (CSA)Security Controls FrameworksCompliance
Question #79Cloud Concepts, Architecture and Design
The cloud deployment model that features joint ownership of assets among an affinity group is known as:
Cloud deployment modelsCommunity cloudNIST cloud modelsCloud characteristics
Question #80Cloud Concepts, Architecture and Design
Which cloud storage type uses an opaque value or descriptor to categorize and organize data?
Cloud storageUnstructured dataMetadataData organization
Question #81Legal, Risk and Compliance
While an audit is being conducted, which of the following could cause management and the auditors to change the original plan in order to continue with the audit?
Audit PlanningAudit ManagementResource ManagementCost Control
Question #82Cloud Security Operations
An organization could have many reasons that are common throughout the industry to activate a BCDR situation. Which of the following is NOT a typical reason to activate a BCDR plan...
Business ContinuityDisaster RecoveryIncident ManagementOperational Resilience
Question #83Cloud Security Operations
Which of the following is a risk associated with manual patching especially in the cloud?
Manual patchingHuman errorOperational riskVulnerability management
Question #84Legal, Risk and Compliance
What are SOCI/SOCII/SOCIII?
SOC reportsAuditingComplianceThird-party assessment
Question #85Cloud Application Security
Which type of threat is often used in conjunction with phishing attempts and is often viewed as greatly increasing the likeliness of success?
PhishingWeb Application VulnerabilitiesRedirect VulnerabilitiesSocial Engineering
Question #86Cloud Security Operations
Each of the following is an element of the Identification phase of the identity and access management (IAM) process except _____________.
IAMIdentity LifecycleProvisioningDeprovisioning
Question #87Legal, Risk and Compliance
What is a key component of GLBA?
GLBAComplianceInformation Security ProgramRegulations
Question #88Cloud Platform & Infrastructure Security
A denial of service (DoS) attack can potentially impact all customers within a cloud environment with the continued allocation of additional resources. Which of the following can b...
Cloud Resource ManagementMulti-tenancy SecurityDoS ProtectionResource Isolation
Question #89Cloud Data Security
Tokenization requires at least ____ database(s).
TokenizationData SecurityDatabase SecurityData Protection
Question #90Cloud Platform & Infrastructure Security
In a Lightweight Directory Access Protocol (LDAP) environment, each entry in a directory server is identified by a ___________.
LDAPDirectory ServicesDistinguished NameIdentity and Access Management
Question #91Cloud Data Security
Aside from the fact that the cloud customer probably cannot locate/reach the physical storage assets of the cloud provider, and that wiping an entire storage space would impact oth...
DegaussingData sanitizationCloud storage media
Question #92Cloud Data Security
Which phase of the cloud data lifecycle also typically entails the process of data classification?
Cloud Data LifecycleData ClassificationData Security
Question #93Cloud Platform & Infrastructure Security
What could be the result of failure of the cloud provider to secure the hypervisor in such a way that one user on a virtual machine can see the resource calls of another user's vir...
Hypervisor SecurityVirtualization SecurityInference AttacksSide-Channel Attacks
Question #94Cloud Concepts, Architecture and Design
Federation should be __________ to the users.
Identity FederationSingle Sign-On (SSO)Identity and Access Management (IAM)User Experience
Question #95Cloud Data Security
Which of the following is a possible negative aspect of bit-splitting?
Bit-splittingData fragmentationMulti-cloud securityThird-party trust
Question #96Cloud Data Security
Which of the following methods is often used to obscure data from production systems for use in test or development environments?
Data MaskingTest Data ManagementData ObfuscationCloud Data Protection
Question #97Cloud Security Operations
All of the following methods can be used to attenuate the harm caused by escalation of privilege except:
Escalation of PrivilegeMitigationSecurity ControlsSIEM
Question #98Cloud Data Security
DLP solutions typically involve all of the following aspects except ___________.
DLPData Loss PreventionData Security ControlsTokenization
Question #100Legal, Risk and Compliance
You are the security director for a chain of automotive repair centers across several states. Your company uses a cloud SaaS provider, for business functions that cross several of...
Intellectual PropertyTrademark OwnershipLegal Compliance
Question #101Cloud Platform & Infrastructure Security
Which of these characteristics of a virtualized network adds risks to the cloud environment?
Virtualized NetworksCloud RisksNetwork SecurityInfrastructure Complexity
Question #102Cloud Data Security
Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?
DRMIRMData ProtectionPersistence

PreviousPage 2 of 18Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.