CCSP Exam Questions
876 real CCSP exam questions with expert-verified answers and explanations. Page 3 of 18.
- Question #103Cloud Concepts, Architecture and Design
Which of the following is a method for apportioning resources that involves setting maximum usage amounts for all tenants/customers within the environment?
Resource ManagementCloud Resource AllocationMulti-tenancyLimits - Question #104Legal, Risk and Compliance
Which of the following contract terms most incentivizes the cloud provider to meet the requirements listed in the SLA?
SLACloud contractsFinancial penaltiesContractual incentives - Question #105Legal, Risk and Compliance
The Cloud Security Alliance's (CSA's) Cloud Controls Matrix (CCM) addresses all the following security architecture elements except ____________.
CSA CCMCloud Controls MatrixSecurity frameworksCloud security controls - Question #106Legal, Risk and Compliance
What is the intellectual property protection for the logo of a new video game?
Intellectual PropertyTrademarkLegal Compliance - Question #107Cloud Platform and Infrastructure Security
All of the following are identity federation standards commonly found in use today except ____________.
Identity FederationAuthentication StandardsAuthorization StandardsIAM - Question #108Cloud Data Security
Which of the following characteristics is associated with digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM)?
Digital Rights Management (DRM)Information Rights Management (IRM)Access Control Lists (ACLs)Data Security - Question #109Cloud Data Security
Which of the following involves assigning an opaque value to sensitive data fields to protect confidentiality?
TokenizationData protectionConfidentialityData security methods - Question #110Cloud Application Security
According to OWASP recommendations, active software security testing should include all of the following except ____________.
OWASPApplication Security TestingDynamic Application Security TestingWeb Application Security - Question #111Legal, Risk and Compliance
Which type of report is considered for "general" use and does not contain any sensitive information?
SOC reportsCompliance reportsAuditing standardsGeneral use reports - Question #112Cloud Security Operations
Who should be involved in review and maintenance of user accounts/access?
Access ManagementUser Account ReviewRoles and ResponsibilitiesLeast Privilege - Question #113Cloud Data Security
Which type of cloud service category would having a vendor-neutral encryption scheme for data at rest (DAR) be the MOST important?
Cloud EncryptionData at RestHybrid CloudVendor Neutrality - Question #114Legal, Risk and Compliance
Which standards body depends heavily on contributions and input from its open membership base?
Standards bodiesCloud Security Alliance (CSA)Organizational structure - Question #115Cloud Platform & Infrastructure Security
Before deploying a specific brand of virtualization toolset, it is important to configure it according to ____________.
Virtualization securitySecure configurationVendor best practicesCloud platform security - Question #116Cloud Data Security
All of the following might be used as data discovery characteristics in a content-analysis-based data discovery effort except ____________.
Data DiscoveryContent AnalysisData ClassificationData Loss Prevention - Question #117Cloud Platform & Infrastructure Security
The physical layout of a cloud data center campus should include redundancies of all the following except ____________.
Data Center DesignPhysical SecurityRedundancyHigh Availability - Question #118Cloud Security Operations
Which of the following are not examples of personnel controls?
Personnel SecuritySecurity ControlsAccess ControlSecurity Operations - Question #119Cloud Security Operations
You are the IT security manager for a video game software development company. Which of the following is most likely to be your primary concern on a daily basis?
Organizational securitySecurity managementDaily operationsVulnerability management - Question #120Cloud Concepts, Architecture and Design
Which of the following in a federated environment is responsible for consuming authentication tokens?
Federated IdentityRelying PartyAuthentication TokensIAM - Question #121Cloud Security Operations
Which of the following is NOT a core component of an SIEM solution?
SIEMSecurity MonitoringIncident DetectionLog Management - Question #122Cloud Data Security
You are the security subject matter expert (SME) for an organization considering a transition from the legacy environment into a hosted cloud provider's data center. One of the cha...
Data portabilityVendor lock-inCloud data controlCloud migration challenges - Question #123Cloud Platform & Infrastructure Security
Firewalls can detect attack traffic by using all these methods except ____________.
Firewall functionsNetwork attack detectionSecurity controlsNetwork security devices - Question #124Legal, Risk and Compliance
Why does the physical location of your data backup and/or BCDR failover environment matter?
Data residencyRegulatory complianceBCDRGeographic location - Question #125Cloud Application Security
Single sign-on systems work by authenticating users from a centralized location or using a centralized method, and then allowing applications that trust the system to grant those u...
SSOAuthenticationTokensIdentity and Access Management - Question #126Legal, Risk and Compliance
You are the security policy lead for your organization, which is considering migrating from your on- premises, legacy environment into the cloud. You are reviewing the Cloud Securi...
CSA CCMCloud Security FrameworksControl MappingCompliance - Question #127Legal, Risk and Compliance
What principle must always been included with an SOC 2 report?
SOC 2Trust Service CriteriaSecurityCompliance - Question #128Cloud Application Security
At which phase of the SDLC process should security begin participating?
Secure SDLCSecurity IntegrationRequirements Phase - Question #129Cloud Application Security
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application developme...
OWASP Top TenVulnerability ManagementSoftware Supply Chain SecurityRisk Acceptance - Question #130Legal, Risk and Compliance
Your organization is considering a move to a cloud environment and is looking for certifications or audit reports from cloud providers to ensure adequate security controls and proc...
Cloud complianceCloud security certificationsAudit reportsVendor assessment - Question #131Cloud Concepts, Architecture and Design
What is a cloud storage architecture that manages the data in a hierarchy of files?
Cloud StorageFile-based StorageStorage ArchitecturesHierarchical Data - Question #133Cloud Application Security
Which type of testing tends to produce the best and most comprehensive results for discovering system vulnerabilities?
Security Testing MethodologiesStatic Application Security Testing (SAST)Vulnerability DiscoveryApplication Security - Question #134Legal, Risk and Compliance
The destruction of a cloud customer's data can be required by all of the following except ___________.
Data destructionLegal mandatesContractual agreementsCloud compliance - Question #135Cloud Application Security
In application-level encryption, where does the encryption engine reside?
Application-level encryptionData encryption methodsEncryption engine placementApplication security controls - Question #137Cloud Concepts, Architecture and Design
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. According to the CSA, what aspect of man...
MultitenancyMalicious Insider ThreatCloud Security RisksCSA Notorious Nine - Question #138Cloud Data Security
Although encryption can help an organization to effectively decrease the possibility of data breaches, which other type of threat can it increase the chances of?
EncryptionKey ManagementData LossRisk Management - Question #139Cloud Concepts, Architecture and Design
Resolving resource contentions in the cloud will most likely be the job of the ____________.
HypervisorVirtualizationResource ManagementCloud Infrastructure - Question #140Cloud Platform & Infrastructure Security
When designing a cloud data center, which of the following aspects is not necessary to ensure continuity of operations during contingency operations?
Cloud Data Center DesignBusiness Continuity PlanningDisaster RecoveryInfrastructure Resilience - Question #141Legal, Risk and Compliance
Which SSAE 16 report is purposefully designed for public release (for instance, to be posted on a company's website)?
SOC ReportsComplianceAuditingSSAE - Question #142Cloud Application Security
Designers making applications for the cloud have to take into consideration risks and operational constraints that did not exist or were not as pronounced in the legacy environment...
Cloud Application DesignData EncryptionData at RestData in Motion - Question #143Cloud Application Security
Which of the following is not a feature of SAST?
SASTApplication SecuritySoftware TestingWhite-box testing - Question #144Cloud Concepts, Architecture and Design
You are the IT director for a small contracting firm. Your company is considering migrating to a cloud production environment. Which service model would best fit your needs if you...
Cloud Service ModelsVendor Lock-inCloud AdministrationCloud Migration Strategy - Question #145Cloud Application Security
Which of the following would NOT be included as input into the requirements gathering for an application or system?
Requirements GatheringSDLCStakeholder AnalysisApplication Development - Question #146Cloud Data Security
TLS provides and ________ for ________ communications.
TLSConfidentialityData IntegrityNetwork Security - Question #147Legal, Risk and Compliance
Which security certification serves as a general framework that can be applied to any type of system or application?
Security StandardsInformation Security Management SystemCompliance FrameworksISO 27001 - Question #148Legal, Risk and Compliance
The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program has __________ tiers.
CSA STARCloud Security AllianceComplianceTrust Services - Question #149Cloud Concepts, Architecture and Design
A bare-metal hypervisor is Type ____________.
HypervisorVirtualizationType 1 HypervisorBare-metal - Question #150Cloud Platform & Infrastructure Security
There are two general types of smoke detectors. Which type uses a small portion of radioactive material?
Smoke detectorsPhysical securityEnvironmental controlsIonization detectors - Question #151Cloud Data Security
In a cloud environment, encryption should be used for all the following, except:
EncryptionData securityCloud security controlsData protection - Question #152Cloud Platform & Infrastructure Security
Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology?
Uptime Institute TiersData Center InfrastructureRedundancySite Infrastructure Topology - Question #154Cloud Application Security
Which type of software is most likely to be reviewed by the most personnel, with the most varied perspectives?
Open Source SoftwareSoftware Development LifecycleSecurity ReviewApplication Security - Question #155Legal, Risk and Compliance
What is the risk to the organization posed by dashboards that display data discovery results?
Organizational RiskData IntegrityManagement DecisionsData Presentation Risk