CCSP Exam Questions
876 real CCSP exam questions with expert-verified answers and explanations. Page 6 of 18.
- Question #260Cloud Application Security
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application developme...
OWASP Top TenCross-Site Scripting (XSS)Application SecurityOutput Encoding - Question #261Legal, Risk and Compliance
Which kind of SSAE report comes with a seal of approval from a certified auditor? Response:
SOC ReportsSSAE 18Cloud ComplianceAuditing Reports - Question #262Legal, Risk and Compliance
Cloud vendors are held to contractual obligations with specified metrics by: Response:
SLAsContractual obligationsCloud service agreementsPerformance metrics - Question #263Cloud Security Operations
Virtual machine (VM) configuration management (CM) tools should probably include ____________. Response:
Configuration ManagementLoggingVirtual Machine SecurityOperational Security - Question #264Cloud Concepts, Architecture and Design
You work for a government research facility. Your organization often shares data with other government research organizations. You would like to create a single sign-on experience...
SAMLSingle Sign-On (SSO)Federated IdentityIdentity and Access Management (IAM) - Question #265Cloud Concepts, Architecture and Design
Typically, SSDs are ____________. Response:
SSDsStorage TechnologyCost ComparisonCloud Infrastructure - Question #266Legal, Risk and Compliance
Why might an organization choose to comply with the ISO 27001 standard? Response:
ISO 27001ComplianceInformation Security StandardsISMS - Question #267Cloud Application Security
Web application firewalls (WAFs) are designed primarily to protect applications from common attacks like: Response:
WAFApplication SecurityXSSSQL Injection - Question #268Cloud Security Operations
When a customer performs a penetration test in the cloud, why isn't the test an optimum simu- lation of attack conditions? Response:
Penetration TestingCloud Security TestingAttack SimulationSecurity Operations - Question #269Cloud Concepts, Architecture and Design
When using an Infrastructure as a Service (IaaS) solution, what is the capability provided to the customer? Response:
IaaSCloud Service ModelsResource ProvisioningCloud Capabilities - Question #270Cloud Application Security
Which type of web application monitoring most closely measures actual activity? Response:
Web Application MonitoringReal User Monitoring (RUM)Application Performance ManagementSecurity Monitoring - Question #271Cloud Concepts, Architecture and Design
In which of the following situations does the data owner have to administer the OS? Response:
Cloud Service ModelsShared Responsibility ModelIaaSOperating System Administration - Question #272Cloud Platform & Infrastructure Security
FM-200 has all the following properties except ___________. Response:
Fire Suppression SystemsClean AgentsEnvironmental ControlsData Center Security - Question #273Cloud Platform & Infrastructure Security
Which network protocol is essential for allowing automation and orchestration within a cloud environment? Response:
Cloud NetworkingDHCPAutomationOrchestration - Question #274Cloud Data Security
With data in transit, which of the following will be the MOST major concern in order for a DLP solution to properly work? Response:
DLPData in transitEncryptionSSL/TLS inspection - Question #275Cloud Data Security
Which of the following methods for the safe disposal of electronic records can always be used in a cloud environment? Response:
Data disposalCloud data securityEncryptionData sanitization - Question #276Cloud Data Security
Digital rights management (DRM) tools can be combined with ___________, to enhance security capabilities. Response:
DRMDLPData SecurityContent Protection - Question #277Cloud Concepts, Architecture and Design
Managed cloud services exist because the service is less expensive for each customer than creating the same services for themselves in a legacy environment. Using a managed service...
Managed cloud servicesCost savingsCloud benefitsOperational efficiency - Question #278Cloud Concepts, Architecture and Design
In general, a cloud BCDR solution will be _________ than a physical solution. Response:
Cloud BCDRCost-effectivenessDisaster RecoveryCloud benefits - Question #279Cloud Security Operations
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application developme...
OWASP Top TenSecurity MisconfigurationVulnerability ManagementSecurity Auditing - Question #280Cloud Concepts, Architecture and Design
In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type? Response:
Layered DefenseDefense in DepthSecurity ControlsTypes of Security Controls - Question #281Cloud Data Security
Which of the following might make crypto-shredding difficult or useless? Response:
Crypto-shreddingData sanitizationKey managementCloud data security - Question #282Cloud Application Security
The Open Web Application Security Project (OWASP) Top Ten is a list of web application security threats that is composed by a member-driven OWASP committee of application developme...
OWASP Top TenInjection attacksInput validationApplication security - Question #283Cloud Security Operations
Which characteristic of automated patching makes it attractive? Response:
Automated PatchingVulnerability ManagementSecurity AutomationCloud Operations - Question #284Cloud Data Security
In a data retention policy, what is perhaps the most crucial element? Response:
Data Retention PolicyData RecoveryInformation Lifecycle ManagementBusiness Continuity - Question #285Cloud Platform & Infrastructure Security
Which of the following is a risk that stems from a virtualized environment? Response:
virtualization securityVM migrationhypervisor securitydynamic infrastructure - Question #286Cloud Platform & Infrastructure Security
Fiber-optic lines are considered part of layer __________ of the OSI model. Response:
OSI ModelPhysical LayerNetwork InfrastructureFiber Optics - Question #287Cloud Concepts, Architecture and Design
What is the main reason virtualization is used in the cloud? Response:
VirtualizationCloud ArchitectureResource SharingCloud Computing Fundamentals - Question #288Cloud Concepts, Architecture and Design
What type of redundancy can we expect to find in a datacenter of any tier? Response:
Datacenter TiersRedundancyPhysical SecurityEmergency Egress - Question #289Cloud Application Security
When a user accesses a system, what process determines the roles and privileges that user is granted within the application? Response:
AuthorizationAccess ControlIAMRoles and Privileges - Question #290Cloud Data Security
Which of the following data-sanitation approaches are always available within a cloud environment? Response:
Data sanitationCryptographic erasureCloud data securityData disposal - Question #291Cloud Data Security
Which type of cloud-based storage is IRM typically associated with? Response:
IRMCloud storage typesObject storageData protection - Question #292Cloud Platform and Infrastructure Security
Which technology is most associated with tunneling? Response:
TunnelingNetworking ProtocolsGREEncapsulation - Question #293Cloud Application Security
Which of the following is not included in the OWASP Top Ten web application security threats? Response:
OWASP Top TenWeb application securityApplication vulnerabilities - Question #294Cloud Security Operations
Which of the following is perhaps the best method for reducing the risk of a specific application not delivering the proper level of functionality and performance when it is moved...
Cloud MigrationApplication PerformanceRisk ManagementCloud Deployment Strategy - Question #295Cloud Concepts, Architecture and Design
You work for a company that operates a production environment in the cloud. Another company using the same cloud provider is under investigation by law enforcement for racketeering...
Pooled resourcesMulti-tenancyCloud characteristicsCo-tenancy risk - Question #296Cloud Concepts, Architecture and Design
All of these are reasons an organization may want to consider cloud migration except: Response:
Cloud Migration BenefitsCloud Business DriversCloud Risk ManagementCloud Adoption - Question #297Legal, Risk and Compliance
Your company has just been served with an eDiscovery order to collect event data and other pertinent information from your application during a specific period of time, to be used...
eDiscoveryChain of CustodyLegal ComplianceEvidence Handling - Question #298Cloud Application Security
Which of the following is not a component of the of the STRIDE model? Response:
STRIDE modelThreat modelingApplication securitySecurity threats - Question #299Legal, Risk and Compliance
Which of the following is NOT one of the security domains presented within the Cloud Controls Matrix? Response:
Cloud Controls MatrixCCM domainsCloud security frameworksCSA CCM - Question #300Cloud Platform & Infrastructure Security
You are the security manager for a small retail business involved mainly in direct e-commerce transactions with individual customers (members of the public). The bulk of your marke...
Data Center TiersHigh AvailabilityCloud Infrastructure ReliabilityBusiness Criticality - Question #301Cloud Data Security
You are developing a new process for data discovery for your organization and are charged with ensuring that all applicable data is included. Which of the following is NOT one of t...
Data DiscoveryData SecurityData ClassificationInformation Governance - Question #302Legal, Risk and Compliance
What is the term used to describe loss of access to data because the cloud provider has ceased operation? Response:
Vendor lock-outCloud provider risksBusiness continuityExit strategy - Question #303Cloud Concepts, Architecture and Design
Which ISO/IEC standards set documents the cloud definitions for staffing and official roles? Response:
Cloud standardsISO/IEC 17788Cloud rolesCloud vocabulary - Question #304Legal, Risk and Compliance
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. A cloud customer that does not perform s...
Vendor lock-outCloud risksProvider failureCSA Notorious Nine - Question #305Cloud Concepts, Architecture and Design
A loosely coupled storage cluster will have performance and capacity limitations based on the ____________. Response:
Storage ClustersDistributed SystemsPerformance LimitationsNode Architecture - Question #306Cloud Data Security
Digital rights management (DRM) solutions (sometimes referred to as information rights management, or IRM) often protect unauthorized distribution of what type of intellectual prop...
Digital Rights ManagementCopyright ProtectionIntellectual Property - Question #307Cloud Security Operations
There are two reasons to conduct a test of the organization's recovery from backup in an environment other than the primary production environment. Which of the following is one of...
Backup and Recovery TestingDisaster RecoveryBusiness ContinuityOperational Resilience - Question #308Cloud Concepts, Architecture and Design
You are the security manager for a small surgical center. Your organization is reviewing upgrade options for its current, on-premises data center. In order to best meet your needs,...
Data Center StrategyInfrastructure PlanningCloud Deployment ModelsArchitectural Choices - Question #309Cloud Data Security
Proper ________ need to be assigned to each data classification/category. Response:
Data ClassificationSecurity ControlsData ProtectionInformation Security