Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

CCSP by ISC - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?

A Contractual
B Regulated
C Specific
D Jurisdictional

Question 4

Which if the following is NOT one of the three components of a federated identity system transaction?

A Relying party
B Identity provider
C User
D Proxy relay

Question 5

Which value refers to the amount of time it takes to recover operations in a BCDR situation to meet management's objectives?

A RSL
B RPO
C SRE
D RTO

Question 6

Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?

A Community
B Hybrid
C Private
D Public

Question 7

What provides the information to an application to make decisions about the authorization level appropriate when granting access?

A User
B Relying party
C Federation
D Identity Provider

Question 8

What is a standard configuration and policy set that is applied to systems and virtual machines called?

A Standardization
B Baseline
C Hardening
D Redline

Question 9

Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?

A Russia
B France
C Germany
D United States

Question 10

Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?

A Reversibility
B Availability
C Portability
D Interoperability

Question 11

Which type of audit report is considered a "restricted use" report for its intended audience?

A SAS-70
B SSAE-16
C SOC Type 1
D SOC Type 2

Question 12

What is the concept of segregating information or processes, within the same system or application, for security reasons?

A fencing
B Sandboxing
C Cellblocking
D Pooling

Question 13

Which of the following approaches would NOT be considered sufficient to meet the requirements of secure data destruction within a cloud environment?

A Cryptographic erasure
B Zeroing
C Overwriting
D Deletion

Question 14

The European Union passed the first major regulation declaring data privacy to be a human right. In what year did it go into effect?

A 2010
B 2000
C 1995
D 1990

Question 15

Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

A CPU
B Users
C Memory
D Network

Question 16

Which of the following is the MOST important requirement and guidance for testing during an audit?

A Stakeholders
B Shareholders
C Management
D Regulations

Question 17

Which value refers to the amount of data an organization would need to recover in the event of a BCDR situation in order to reach an acceptable level of operations?

A SRE
B RTO
C RPO
D RSL

Question 18

What must SOAP rely on for security?

A Encryption
B Tokenization
C TLS
D SSL

Question 19

Which of the following is a commonly used tool for maintaining system configurations?

A Maestro
B Orchestrator
C Puppet
D Conductor

Question 20

What type of data does data rights management (DRM) protect?

A Consumer
B PII
C Financial
D Healthcare

Question 21

Which type of testing uses the same strategies and toolsets that hackers would use?

A Penetration
B Dynamic
C Static
D Malicious

Question 22

From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?

A Access provisioning
B Auditing
C Jurisdictions
D Authorization

Question 23

Which of the following is NOT a focus or consideration of an internal audit?

A Certification
B Design
C Costs
D Operational efficiency

Question 24

Which of the following cloud aspects complicates eDiscovery?

A Resource pooling
B On-demand self-service
C Multitenancy
D Measured service

Question 25

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

A Infrastructure
B Platform
C Application
D Data

Page 1 of 21 • Questions 1-25 of 511

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which of the following roles is responsible for creating cloud components and the testing and validation of services?

A Cloud auditor
B Inter-cloud provider
C Cloud service broker
D Cloud service developer

What is the biggest concern with hosting a key management system outside of the cloud environment?

A Confidentiality
B Portability
C Availability
D Integrity

CCSPPreview