
Latest CCSP Study Guides 2021 - With Test Engine PDF
Get New CCSP Practice Test Questions Answers
For more info visit:
NEW QUESTION 209
The physical layout of a cloud data center campus should include redundancies of all the following except
____________.
Response:
- A. HVAC units
- B. Points of personnel ingress
- C. Generators
- D. Generator fuel storage
Answer: B
NEW QUESTION 210
What is the experimental technology that might lead to the possibility of processing encrypted data without having to decrypt it first?
- A. AES
- B. One-time pads
- C. Link encryption
- D. Homomorphic encryption
Answer: D
Explanation:
Explanation/Reference:
Explanation:
AES is an encryption standard. Link encryption is a method for protecting communications traffic. One-time pads are an encryption method.
NEW QUESTION 211
Which protocol, as a part of TLS, handles negotiating and establishing a connection between two parties?
- A. Handshake
- B. Record
- C. Negotiation
- D. Binding
Answer: A
Explanation:
Explanation
The TLS handshake protocol is what negotiates and establishes the TLS connection between two parties and enables a secure communications channel to then handle data transmissions. The TLS record protocol is the actual secure communications method for transmitting data; it's responsible for the encryption and authentication of packets throughout their transmission between the parties, and in some cases it also performs compression. Negotiation and binding are not protocols under TLS.
NEW QUESTION 212
Configurations and policies for a system can come from a variety of sources and take a variety of formats.
Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?
- A. Baselines
- B. Standards
- C. Hardening
- D. Leveling
Answer: A
Explanation:
Explanation
Baselines are a set of configurations and policies applied to all new systems or services, and they serve as the basis for deploying any other services on top of them. Although standards often form the basis for baselines, the term is applicable in this case. Hardening is the process of securing a system, often through the application of baselines. Leveling is an extraneous but similar term to baselining.
NEW QUESTION 213
What is the term used to describe loss of access to data because the cloud provider has ceased operation?
Response:
- A. Vendor lock-in
- B. Masking
- C. Vendor lock-out
- D. Closing
Answer: C
NEW QUESTION 214
Gap analysis is performed for what reason?
- A. To assure proper accounting practices are being used
- B. To begin the benchmarking process
- C. To ensure all controls are in place and working properly
- D. To provide assurances to cloud customers
Answer: B
Explanation:
Explanation
The primary purpose of the gap analysis is to begin the benchmarking process against risk and security standards and frameworks.
NEW QUESTION 215
Which of the following methods of addressing risk is most associated with insurance?
- A. Mitigation
- B. Acceptance
- C. Avoidance
- D. Transference
Answer: D
Explanation:
Explanation/Reference:
Explanation:
Avoidance halts the business process, mitigation entails using controls to reduce risk, acceptance involves taking on the risk, and transference usually involves insurance.
NEW QUESTION 216
During which phase of the cloud data lifecycle is it possible for the classification of data to change?
- A. Share
- B. Use
- C. Archive
- D. Create
Answer: D
Explanation:
The create phase encompasses any time data is created, imported, or modified. With any change in the content or value of data, the classification may also change. It must be continually reevaluated to ensure proper security. During the use, share, and archive phases, the data is not modified in any way, so the original classification is still relevant.
NEW QUESTION 217
When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time.
What process is necessary to ensure events are collected and processed with this in mind?
- A. Event elasticity
- B. Aggregation updates
- C. Continuous optimization
- D. Continual review
Answer: C
NEW QUESTION 218
Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?
- A. Limits
- B. Shares
- C. Reservations
- D. Measured service
Answer: C
Explanation:
Explanation
Reservations ensure that a minimum level of resources will always be available to a cloud customer for them to start and operate their services. In the event of a DoS attack against one customer, they can guarantee that the other customers will still be able to operate.
NEW QUESTION 219
With data in transit, which of the following will be the MOST major concern in order for a DLP solution to properly work?
Response:
- A. Redundancy
- B. Integrity
- C. Scalability
- D. Encryption
Answer: D
NEW QUESTION 220
Which of the cloud cross-cutting aspects relates to the requirements placed on a system or application by law, policy, or requirements from standards?
- A. regulatory requirements
- B. Service-level agreements
- C. Auditability
- D. Governance
Answer: A
Explanation:
Explanation
Regulatory requirements are those imposed upon businesses and their operations either by law, regulation, policy, or standards and guidelines. These requirements are specific either to the locality in which the company or application is based or to the specific nature of the data and transactions conducted.
NEW QUESTION 221
You were recently hired as a project manager at a major university to implement cloud services for the academic and administrative systems. Because the load and demand for services at a university are very cyclical in nature, commensurate with the academic calendar, which of the following aspects of cloud computing would NOT be a primary benefit to you?
- A. Resource pooling
- B. On-demand self-service
- C. Measured service
- D. Broad network access
Answer: D
Explanation:
Broad network access to cloud services, although it is an integral aspect of cloud computing, would not being a specific benefit to an organization with cyclical business needs. The other options would allow for lower costs during periods of low usage as well as provide the ability to expand services quickly and easily when needed for peak periods. Measured service allows a cloud customer to only use the resources it needs at the time, and resource pooling allows a cloud customer to access resources as needed. On- demand self-service enables the cloud customer to change its provisioned resources on its own, without the need to interact with the staff from the cloud provider.
NEW QUESTION 222
Which of the following best describes the Organizational Normative Framework (ONF)?
- A. A container for components of an application's security, best practices catalogued and leveraged by the organization
- B. A framework of containers for all components of application security, best practices, catalogued and leveraged by the organization.
- C. A set of application security, and best practices, catalogued and leveraged by the organization
- D. A framework of containers for some of the components of application security, best practices, catalogued and leveraged by the organization
Answer: B
Explanation:
Option B is incorrect, because it refers to a specific applications security elements, meaning it is about an ANF, not the ONF. C is true, but not as complete as D, making D the better choice. C suggests that the framework contains only "some" of the components, which is why B (which describes "all" components) is better
NEW QUESTION 223
Which security concept would business continuity and disaster recovery fall under?
- A. Confidentiality
- B. Availability
- C. Integrity
- D. Fault tolerance
Answer: B
Explanation:
Explanation/Reference:
Explanation:
Disaster recovery and business continuity are vital concerns with availability. If data is destroyed or compromised, having regular backup systems in place as well as being able to perform disaster recovery in the event of a major or widespread problem allows operations to continue with an acceptable loss of time and data to management. This also ensures that sensitive data is protected and persisted in the event of the loss or corruption of data systems or physical storage systems.
NEW QUESTION 224
Setting thermostat controls by measuring the temperature will result in the ________ highest energy costs.
Response:
- A. Server inlet
- B. Under-floor
- C. Return air
- D. External ambient
Answer: C
NEW QUESTION 225
Which of the following is NOT an application or utility to apply and enforce baselines on a system?
- A. Chef
- B. Active Directory
- C. Puppet
- D. GitHub
Answer: D
Explanation:
GitHub is an application for code collaboration, including versioning and branching of code trees. It is not used for applying or maintaining system configurations.
NEW QUESTION 226
What is an often overlooked concept that is essential to protecting the confidentiality of data?
- A. Security controls
- B. Strong password
- C. Policies
- D. Training
Answer: D
Explanation:
While the main focus of confidentiality revolves around technological requirements or particular security methods, an important and often overlooked aspect of safeguarding data confidentiality is appropriate and comprehensive training for those with access to it. Training should be focused on the safe handling of sensitive information overall, including best practices for network activities as well as physical security of the devices or workstations used to access the application.
NEW QUESTION 227
One of the main components of system audits is the ability to track changes over time and to match these changes with continued compliance and internal processes.
Which aspect of cloud computing makes this particular component more challenging than in a traditional data center?
- A. Portability
- B. Resource pooling
- C. Virtualization
- D. Elasticity
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Cloud services make exclusive use of virtualization, and systems change over time, including the addition, subtraction, and reimaging of virtual machines. It is extremely unlikely that the exact same virtual machines and images used in a previous audit would still be in use or even available for a later audit, making the tracking of changes over time extremely difficult, or even impossible. Elasticity refers to the ability to add and remove resources from a system or service to meet current demand, and although it plays a factor in making the tracking of virtual machines very difficult over time, it is not the best answer in this case.
Resource pooling pertains to a cloud environment sharing a large amount of resources between different customers and services. Portability refers to the ability to move systems or services easily between different cloud providers.
NEW QUESTION 228
What is a data custodian responsible for?
Response:
- A. Data content, context, and associated business rules
- B. Logging and alerts for all data
- C. Customer access and alerts for all data
- D. The safe custody, transport, storage of the data, and implementation of business rules
Answer: D
NEW QUESTION 229
Which cloud service category is MOST likely to use a client-side key management system?
Response:
- A. DaaS
- B. IaaS
- C. SaaS
- D. PaaS
Answer: C
NEW QUESTION 230
......
CCSP Dumps and Exam Test Engine: https://www.troytecdumps.com/CCSP-troytec-exam-dumps.html
ISC CCSP DUMPS WITH REAL EXAM QUESTIONS: https://drive.google.com/open?id=1l7ecEgxAs1auBoNb_dNUoLvcORxCLtE5