Up To Date CCSP Free Samples For Certified Cloud Security Professional Certification

NEW QUESTION 1

In attempting to provide a layered defense, the security practitioner should convince senior management to include security controls of which type?
Response:

• A. Technological
• B. Physical
• C. Administrative
• D. All of the above

Answer: D

NEW QUESTION 2

What type of redundancy can we expect to find in a datacenter of any tier?
Response:

• A. All operational components
• B. All infrastructure
• C. Emergency egress
• D. Full power capabilities

Answer: C

NEW QUESTION 3

It’s important to maintain a current asset inventory list, including surveying your environment on a regular basis, in order to ______ .
Response:

• A. Prevent unknown, unpatched assets from being used as back doors to the environment
• B. Ensure that any lost devices are automatically entered into the acquisition system for repurchasing and replacement
• C. Maintain user morale by having their devices properly catalogued and annotated
• D. Ensure that billing for all devices is handled by the appropriate departments

Answer: A

NEW QUESTION 4

You are the security manager for a small surgical center. Your organization is reviewing upgrade options for its current, on-premises data center. In order to best meet your needs, which one of the following options would you recommend to senior management?
Response:

• A. Building a completely new data center
• B. Leasing a data center that is currently owned by another firm
• C. Renting private cloud space in a Tier 2 data center
• D. Staying with the current data center

Answer: A

NEW QUESTION 5

What is used with a single sign-on system for authentication after the identity provider has successfully authenticated a user?
Response:

• A. Token
• B. Key
• C. XML
• D. SAML

Answer: A

NEW QUESTION 6

It is important to include ______ in the design of underfloor plenums if they are also used for wiring. Response:

• A. Mantraps
• B. Sequestered channels
• C. Heat sinks
• D. Tight gaskets

Answer: D

NEW QUESTION 7

You are the data manager for a retail company; you anticipate a much higher volume of sales activity in the final quarter of each calendar year than the other quarters.
In order to handle these increased transactions, and to accommodate the temporary sales personnel you will hire for only that time period, you consider augmenting your internal, on-premises production environment with a cloud capability for a specific duration, and will return to operating fully on-premises after the period of increased activity.
This is an example of ______.
Response:

• A. Cloud framing
• B. Cloud enhancement
• C. Cloud fragility
• D. Cloud bursting

Answer: D

NEW QUESTION 8

Who is ultimately responsible for a data breach that includes personally identifiable information (PII), in the event of negligence on the part of the cloud provider?

• A. The user
• B. The subject
• C. The cloud provider
• D. The cloud customer

Answer: D

NEW QUESTION 9

Which of the following best describes data masking? Response:

• A. A method where the last few numbers in a dataset are not obscure
• B. These are often used for authentication.
• C. A method for creating similar but inauthentic datasets used for software testing and user training.
• D. A method used to protect prying eyes from data such as social security numbers and credit card data.
• E. Data masking involves stripping out all similar digits in a string of numbers so as to obscure the original number.

Answer: B

NEW QUESTION 10

The physical layout of a cloud data center campus should include redundancies of all the following except
______ .
Response:

• A. Generators
• B. HVAC units
• C. Generator fuel storage
• D. Points of personnel ingress

Answer: D

NEW QUESTION 11

Which of the following is essential for getting full security value from your system baseline? Response:

• A. Capturing and storing an image of the baseline
• B. Keeping a copy of upcoming suggested modifications to the baseline
• C. Having the baseline vetted by an objective third party
• D. Using a baseline from another industry member so as not to engage in repetitious efforts

Answer: A

NEW QUESTION 12

Which of the following is perhaps the best method for reducing the risk of a specific application not delivering the proper level of functionality and performance when it is moved from the legacy environment into the cloud?
Response:

• A. Remove the application from the organization’s production environment, and replace it with something else.
• B. Negotiate and conduct a trial run in the cloud environment for that application before permanently migrating.
• C. Make sure the application is fully updated and patched according to all vendor specifications.
• D. Run the application in an emulator.

Answer: B

NEW QUESTION 13

When considering the option to migrate from an on-premises environment to a hosted cloud service, an organization should weigh the risks of allowing external entities to access the cloud data for collaborative purposes against ______.
Response:

• A. Not securing the data in the legacy environment
• B. Disclosing the data publicly
• C. Inviting external personnel into the legacy workspace in order to enhance collaboration
• D. Sending the data outside the legacy environment for collaborative purposes

Answer: D

NEW QUESTION 14

The cloud deployment model that features organizational ownership of the hardware and infrastructure, and usage only by members of that organization, is known as:
Response:

• A. Private
• B. Public
• C. Hybrid
• D. Motive

Answer: A

NEW QUESTION 15

You are in charge of creating the BCDR plan and procedures for your organization. Your organization has its production environment hosted by a cloud provider, and you have appropriate protections in place.
Which of the following is a significant consideration for your BCDR backup? Response:

• A. Enough personnel at the BCDR recovery site to ensure proper operations
• B. Good cryptographic key management
• C. Access to the servers where the BCDR backup is stored
• D. Forensic analysis capabilities

Answer: B

NEW QUESTION 16

The Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR) program has ______ tiers.
Response:

• A. Two
• B. Three
• C. Four
• D. Eight

Answer: B

NEW QUESTION 17

One of the security challenges of operating in the cloud is that additional controls must be placed on file storage systems because ______ .
Response:

• A. File stores are always kept in plain text in the cloud
• B. There is no way to sanitize file storage space in the cloud
• C. Virtualization necessarily prevents the use of application-based security controls
• D. Virtual machines are stored as snapshotted files when not in use

Answer: D

NEW QUESTION 18

Which concept of cloud computing pertains to the ability to reuse components and services of an application for other purposes?

• A. Portability
• B. Interoperability
• C. Resource pooling
• D. Elasticity

Answer: B

NEW QUESTION 19

Which kind of SSAE audit report is a cloud customer most likely to receive from a cloud provider? Response:

• A. SOC 1 Type 1
• B. SOC 2 Type 2
• C. SOC 1 Type 2
• D. SOC 3

Answer: D

NEW QUESTION 20

What is a data custodian responsible for? Response:

• A. The safe custody, transport, storage of the data, and implementation of business rules
• B. Data content, context, and associated business rules
• C. Logging and alerts for all data
• D. Customer access and alerts for all data

Answer: A

NEW QUESTION 21

Resolving resource contentions in the cloud will most likely be the job of the ______.
Response:

• A. Router
• B. Emulator
• C. Regulator
• D. Hypervisor

Answer: D

NEW QUESTION 22

Which standards body depends heavily on contributions and input from its open membership base?
Response:

• A. NIST
• B. ISO
• C. ICANN
• D. CSA

Answer: D

NEW QUESTION 23

Which of the following might make crypto-shredding difficult or useless? Response:

• A. Cloud provider also managing the organization’s keys
• B. Lack of physical access to the environment
• C. External attackers
• D. Lack of user training and awareness

Answer: A

NEW QUESTION 24

Of the following, which is probably the most significant risk in a managed cloud environment? Response:

• A. DDoS
• B. Management plane breach
• C. Guest escape
• D. Physical attack on the utility service lines

Answer: B

NEW QUESTION 25

You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment.
Which of these activities should you perform before deploying the tool? Response:

• A. Survey your company’s departments about the data under their control
• B. Reconstruct your firewalls
• C. Harden all your routers
• D. Adjust the hypervisors

Answer: A

NEW QUESTION 26

What is the cloud service model in which the customer is responsible for administration of the OS? Response:

• A. IaaS
• B. PaaS
• C. SaaS
• D. QaaS

Answer: A

NEW QUESTION 27

Which of the following is a method for apportioning resources that involves prioritizing resource requests to resolve contention situations?
Response:

• A. Reservations
• B. Shares
• C. Cancellations
• D. Limits

Answer: B

NEW QUESTION 28

You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment.
What should you not expect the tool to address? Response:

• A. Sensitive data sent inadvertently in user emails
• B. Sensitive data captured by screen shots
• C. Sensitive data moved to external devices
• D. Sensitive data in the contents of files sent via FTP

Answer: B

NEW QUESTION 29

In which of the following situations does the data owner have to administer the OS? Response:

• A. IaaS
• B. PaaS
• C. Offsite archive
• D. SaaS

Answer: A

NEW QUESTION 30
......