CCSPFree trialFree trial

By isc
Aug, 2025

Verified

25Q per page

Question 1

Which of the following roles is responsible for creating cloud components and the testing and validation of services?

  • A: Cloud auditor
  • B: Inter-cloud provider
  • C: Cloud service broker
  • D: Cloud service developer

Question 2

What is the biggest concern with hosting a key management system outside of the cloud environment?

  • A: Confidentiality
  • B: Portability
  • C: Availability
  • D: Integrity

Question 3

What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?

  • A: Contractual
  • B: Regulated
  • C: Specific
  • D: Jurisdictional

Question 4

Which if the following is NOT one of the three components of a federated identity system transaction?

  • A: Relying party
  • B: Identity provider
  • C: User
  • D: Proxy relay

Question 5

Which value refers to the amount of time it takes to recover operations in a BCDR situation to meet management's objectives?

  • A: RSL
  • B: RPO
  • C: SRE
  • D: RTO

Question 6

Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?

  • A: Community
  • B: Hybrid
  • C: Private
  • D: Public

Question 7

What provides the information to an application to make decisions about the authorization level appropriate when granting access?

  • A: User
  • B: Relying party
  • C: Federation
  • D: Identity Provider

Question 8

What is a standard configuration and policy set that is applied to systems and virtual machines called?

  • A: Standardization
  • B: Baseline
  • C: Hardening
  • D: Redline

Question 9

Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?

  • A: Russia
  • B: France
  • C: Germany
  • D: United States

Question 10

Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?

  • A: Reversibility
  • B: Availability
  • C: Portability
  • D: Interoperability

Question 11

Which type of audit report is considered a "restricted use" report for its intended audience?

  • A: SAS-70
  • B: SSAE-16
  • C: SOC Type 1
  • D: SOC Type 2

Question 12

What is the concept of segregating information or processes, within the same system or application, for security reasons?

  • A: fencing
  • B: Sandboxing
  • C: Cellblocking
  • D: Pooling

Question 13

Which of the following approaches would NOT be considered sufficient to meet the requirements of secure data destruction within a cloud environment?

  • A: Cryptographic erasure
  • B: Zeroing
  • C: Overwriting
  • D: Deletion

Question 14

The European Union passed the first major regulation declaring data privacy to be a human right. In what year did it go into effect?

  • A: 2010
  • B: 2000
  • C: 1995
  • D: 1990

Question 15

Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

  • A: CPU
  • B: Users
  • C: Memory
  • D: Network

Question 16

Which of the following is the MOST important requirement and guidance for testing during an audit?

  • A: Stakeholders
  • B: Shareholders
  • C: Management
  • D: Regulations

Question 17

Which value refers to the amount of data an organization would need to recover in the event of a BCDR situation in order to reach an acceptable level of operations?

  • A: SRE
  • B: RTO
  • C: RPO
  • D: RSL

Question 18

What must SOAP rely on for security?

  • A: Encryption
  • B: Tokenization
  • C: TLS
  • D: SSL

Question 19

Which of the following is a commonly used tool for maintaining system configurations?

  • A: Maestro
  • B: Orchestrator
  • C: Puppet
  • D: Conductor

Question 20

What type of data does data rights management (DRM) protect?

  • A: Consumer
  • B: PII
  • C: Financial
  • D: Healthcare

Question 21

Which type of testing uses the same strategies and toolsets that hackers would use?

  • A: Penetration
  • B: Dynamic
  • C: Static
  • D: Malicious

Question 22

From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?

  • A: Access provisioning
  • B: Auditing
  • C: Jurisdictions
  • D: Authorization

Question 23

Which of the following is NOT a focus or consideration of an internal audit?

  • A: Certification
  • B: Design
  • C: Costs
  • D: Operational efficiency

Question 24

Which of the following cloud aspects complicates eDiscovery?

  • A: Resource pooling
  • B: On-demand self-service
  • C: Multitenancy
  • D: Measured service

Question 25

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

  • A: Infrastructure
  • B: Platform
  • C: Application
  • D: Data
Page 1 of 21 • Questions 1-25 of 511
12345

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!