Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CCSPFree trial

By isc

Verified

25Q per page

Question 51

Which of the cloud cross-cutting aspects relates to the ability for a cloud customer to easily remove their applications and data from a cloud environment?

A: Reversibility
B: Availability
C: Portability
D: Interoperability

—

Question 52

Which of the following is NOT a function performed by the record protocol of TLS?

A: Encryption
B: Acceleration
C: Authentication
D: Compression

—

Question 53

What concept does the "R" represent with the DREAD model?

A: Reproducibility
B: Repudiation
C: Risk
D: Residual

—

Question 54

The SOC Type 2 reports are divided into five principles.
Which of the five principles must also be included when auditing any of the other four principles?

A: Confidentiality
B: Privacy
C: Security
D: Availability

—

Question 55

How many additional DNS queries are needed when DNSSEC integrity checks are added?

A: Three
B: Zero
C: One
D: Two

—

Question 56

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

A: Platform
B: Infrastructure
C: Governance
D: Application

—

Question 57

Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?

A: PLAN
B: WAN
C: LAN
D: VLAN

—

Question 58

Which of the following service categories entails the least amount of support needed on the part of the cloud customer?

A: SaaS
B: IaaS
C: DaaS
D: PaaS

—

Question 59

Which of the following would NOT be a reason to activate a BCDR strategy?

A: Staffing loss
B: Terrorism attack
C: Utility disruptions
D: Natural disaster

—

Question 60

Which of the cloud cross-cutting aspects relates to the oversight of processes and systems, as well as to ensuring their compliance with specific policies and regulations?

A: Governance
B: Regulatory requirements
C: Service-level agreements
D: Auditability

—

Question 61

Which of the cloud cross-cutting aspects relates to the ability to reuse or move components of an application or service?

A: Availability
B: Interoperability
C: Reversibility
D: Portability

—

Question 62

Which of the following is a restriction that can be enforced by information rights management (IRM) that is not possible for traditional file system controls?

A: Delete
B: Modify
C: Read
D: Print

—

Question 63

What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?

A: Anonymization
B: Tokenization
C: Masking
D: Obfuscation

—

Question 64

What type of security threat is DNSSEC designed to prevent?

A: Account hijacking
B: Snooping
C: Spoofing
D: Injection

—

Question 65

Which European Union directive pertains to personal data privacy and an individual's control over their personal data?

A: 99/9/EC
B: 95/46/EC
C: 2000/1/EC
D: 2013/27001/EC

—

Question 66

Which of the cloud cross-cutting aspects relates to the requirements placed on a system or application by law, policy, or requirements from standards?

A: regulatory requirements
B: Auditability
C: Service-level agreements
D: Governance

—

Question 67

Which data point that auditors always desire is very difficult to provide within a cloud environment?

A: Access policy
B: Systems architecture
C: Baselines
D: Privacy statement

—

Question 68

Which of the following standards primarily pertains to cabling designs and setups in a data center?

A: IDCA
B: BICSI
C: NFPA
D: Uptime Institute

—

Question 69

What type of host is exposed to the public Internet for a specific reason and hardened to perform only that function for authorized users?

A: Proxy
B: Bastion
C: Honeypot
D: WAF

—

Question 70

Which security concept is focused on the trustworthiness of data?

A: Integrity
B: Availability
C: Nonrepudiation
D: Confidentiality

—

Question 71

Which OSI layer does IPsec operate at?

A: Network
B: transport
C: Application
D: Presentation

—

Question 72

Which of the cloud cross-cutting aspects relates to the requirements placed on the cloud provider by the cloud customer for minimum performance standards and requirements that must be met?

A: Regulatory requirements
B: SLAs
C: Auditability
D: Governance

—

Question 73

Which of the following service capabilities gives the cloud customer the most control over resources and configurations?

A: Desktop
B: Platform
C: Infrastructure
D: Software

—

Question 74

What concept does the "I" represent with the STRIDE threat model?

A: Integrity
B: Information disclosure
C: IT security
D: Insider threat

—

Question 75

At which stage of the BCDR plan creation phase should security be included in discussions?

A: Define scope
B: Analyze
C: Assess risk
D: Gather requirements

—

Page 3 of 21 • Questions 51-75 of 511

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!