• Home
  • Articles
  • Guide (New 2021) Actual ISC CCSP Exam Questions [Q328-Q345]

Guide (New 2021) Actual ISC CCSP Exam Questions [Q328-Q345]

Share

Guide (New 2021) Actual ISC CCSP Exam Questions

CCSP Exam Dumps Pass with Updated 2021 Certified Exam Questions


The Certified Cloud Security Professional certification exam, best known as the CCSP, fulfills the growing demands for experienced and specialized Cloud Security specialists. This test was introduced in 2015 and is available in more than 800 locations and 114 countries across the globe. Particularly, such a certification is focused on specialists working with cloud technologies to ensure that data is not only safer, but that security vulnerability is recognized to overcome those risks. Also, the CCSP certification is suitable for IT security leaders seeking to demonstrate their knowledge of cybersecurity and cloud computing. As a rule, the CCSP trained specialists can identify the issues and challenges faced by several cloud computing companies around the world.


Exam Content

The (ISC)2 CCSP certification is associated with a 3-hour test containing 125 multiple-choice questions. The exam can only be taken in English, and scheduling of the test is done through Pearson VUE, the official administrator of the (ISC)2 exams. You must achieve at least 700 points if you want to qualify for the certificate. The test costs $559.

The CCSP certification exam measures the skills and knowledge of the potential candidates across six security domains of (ISC)2. Those who complete the test demonstrate that they possess the technical skills and advanced knowledge required to effectively design, secure, and manage data, infrastructure, and application within the Cloud using policies, procedures, and best practices. Therefore, you need to know the topics it covers.

 

NEW QUESTION 328
What concept does the "I" represent with the STRIDE threat model?

  • A. IT security
  • B. Insider threat
  • C. Integrity
  • D. Information disclosure

Answer: D

Explanation:
Explanation
Perhaps the biggest concern for any user is having their personal and sensitive information disclosed by an application. There are many aspects of an application to consider with security and protecting this information, and it is very difficult for any application to fully ensure security from start to finish. The obvious focus is on security within the application itself, as well as protecting and storing the data.

 

NEW QUESTION 329
Egress monitoring solutions usually include a function that ____________.
Response:

  • A. Resides on client machines
  • B. Uses biometrics to scan users
  • C. Uses stateful inspection
  • D. Inspects incoming packets

Answer: A

 

NEW QUESTION 330
Which cloud service category most commonly uses client-side key management systems?

  • A. Software as a Service
  • B. Desktop as a Service
  • C. Infrastructure as a Service
  • D. Platform as a Service

Answer: A

Explanation:
Explanation
SaaS most commonly uses client-side key management. With this type of implementation, the software for doing key management is supplied by the cloud provider, but is hosted and run by the cloud customer. This allows for full integration with the SaaS implementation, but also provides full control to the cloud customer.
Although the cloud provider may offer software for performing key management to the cloud customers, with the Infrastructure, Platform, and Desktop as a Service categories, the customers would largely be responsible for their own options and implementations and would not be bound by the offerings from the cloud provider.

 

NEW QUESTION 331
Your organization is developing software for wide use by the public. You have decided to test it in a cloud environment, in a PaaS model. Which of the following should be of particular concern to your organization for this situation?

  • A. High-speed network connectivity
  • B. Vendor lock-in
  • C. Backdoors
  • D. Regulatory compliance

Answer: C

 

NEW QUESTION 332
Which is the appropriate phase of the cloud data lifecycle for determining the data's classification?

  • A. Share
  • B. Store
  • C. Use
  • D. Create

Answer: D

Explanation:
Any time data is created, modified, or imported, the classification needs to be evaluated and set from the earliest phase to ensure security is always properly maintained for the duration of its lifecycle.

 

NEW QUESTION 333
Which of the following APIs are most commonly used within a cloud environment?

  • A. XML and SAML
  • B. REST and XML
  • C. REST and SAML
  • D. SOAP and REST

Answer: D

Explanation:
Simple Object Access Protocol (SOAP) and Representational State Transfer (REST) are the most commonly used APIs within a cloud environment. Extensible Markup Language (XML) and Security Assertion Markup Language (SAML) are both standards for exchanging encoded data between two parties, with XML being for more general use and SAML focused on authentication and authorization data.

 

NEW QUESTION 334
As a result of scandals involving publicly traded corporations such as Enron, WorldCom, and Adelphi, Congress passed legislation known as:

  • A. SOX
  • B. FERPA
  • C. HIPAA
  • D. GLBA

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Sarbanes-Oxley was a direct response to corporate scandals. FERPA is related to education. GLBA is about the financial industry. HIPAA is about health care.

 

NEW QUESTION 335
What does the "SOC" acronym refer to with audit reports?

  • A. Service Origin Confidentiality
  • B. Service Organizational Control
  • C. System Organization Control
  • D. System Organization Confidentiality

Answer: B

Explanation:
Explanation

 

NEW QUESTION 336
Although much of the attention given to data security is focused on keeping data private and only accessible by authorized individuals, of equal importance is the trustworthiness of the data.
Which concept encapsulates this?

  • A. Confidentiality
  • B. Accessibility
  • C. Integrity
  • D. Validity

Answer: C

Explanation:
Explanation
Integrity refers to the trustworthiness of data and whether its format and values are true and have not been corrupted or otherwise altered through unauthorized means. Confidentiality refers to keeping data from being access or viewed by unauthorized parties. Accessibility means that data is available and ready when needed by a user or service. Validity can mean a variety of things that are somewhat similar to integrity, but it's not the most appropriate answer in this case.

 

NEW QUESTION 337
What does a cloud customer purchase or obtain from a cloud provider?

  • A. Customers
  • B. Servers
  • C. Services
  • D. Hosting

Answer: C

Explanation:
No matter what form they come in, "services" are obtained or purchased by a cloud customer from a cloud service provider. Services can come in many forms--virtual machines, network configurations, hosting setups, and software access, just to name a few. Hosting and servers--or, with a cloud, more appropriately virtual machines--are just two examples of "services" that a customer would purchase from a cloud provider. "Customers" would never be a service that's purchased.

 

NEW QUESTION 338
What concept does the "A" represent in the DREAD model?

  • A. Affected users
  • B. Affinity
  • C. Authentication
  • D. Authorization

Answer: A

Explanation:
Affected users refers to the percentage of users who would be impacted by a successful exploit. Scoring ranges from 0, which means no users are impacted, to 10, which means all users are impacted.

 

NEW QUESTION 339
Which of the following in a federated environment is responsible for consuming authentication tokens?
Response:

  • A. Authentication provider
  • B. Relying party
  • C. Cloud services broker
  • D. Identity provider

Answer: B

 

NEW QUESTION 340
What is the term we use to describe the general ease and efficiency of moving data from one cloud provider either to another cloud provider or down from the cloud?

  • A. Obfuscation
  • B. Mobility
  • C. Portability
  • D. Elasticity

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Elasticity is the name for the benefit of cloud computing where resources can be apportioned as necessary to meet customer demand. Obfuscation is a technique to hide full raw datasets, either from personnel who do not have need to know or for use in testing. Mobility is not a term pertinent to the CBK.

 

NEW QUESTION 341
Which of the following concepts is NOT one of the core components to an encryption system architecture?

  • A. Network
  • B. Software
  • C. Keys
  • D. Data

Answer: A

Explanation:
Explanation
The network utilized is not one of the key components of an encryption system architecture. In fact, a network is not even required for encryption systems or the processing and protection of data. The data, software used for the encryption engine itself, and the keys used to implement the encryption are all core components of an encryption system architecture.

 

NEW QUESTION 342
Which cloud service category offers the most customization options and control to the cloud customer?

  • A. DaaS
  • B. SaaS
  • C. IaaS
  • D. PaaS

Answer: C

 

NEW QUESTION 343
Bob is staging an attack against Alice's website. He is able to embed a link on her site that will execute malicious code on a visitor's machine, if the visitor clicks on the link. This is an example of which type of attack?
Response:

  • A. Broken authentication/session management
  • B. Security misconfiguration
  • C. Cross-site scripting
  • D. Insecure cryptographic storage

Answer: C

 

NEW QUESTION 344
What concept does the "I" represent with the STRIDE threat model?

  • A. IT security
  • B. Insider threat
  • C. Integrity
  • D. Information disclosure

Answer: D

Explanation:
Explanation
Explanation:
Perhaps the biggest concern for any user is having their personal and sensitive information disclosed by an application. There are many aspects of an application to consider with security and protecting this information, and it is very difficult for any application to fully ensure security from start to finish. The obvious focus is on security within the application itself, as well as protecting and storing the data.

 

NEW QUESTION 345
......


Target Audience

The target candidates for this certification are Cloud professionals. These individuals have the prerequisite skills and knowledge in the Cloud security design, architecture, implementation, controls, compliance, and operations with specific regulatory frameworks. The intended audience has the expertise required to apply information security competence to the Cloud computing environments. The specialists can also demonstrate their skills in the Cloud security design, operations, architecture, and service orchestration.

 

Pass Guaranteed Quiz 2021 Realistic Verified Free ISC: https://www.testkingfree.com/ISC/CCSP-practice-exam-dumps.html

CCSP Exam Questions - Real & Updated Questions PDF: https://drive.google.com/open?id=1hHvymnJ4pjbFiaNtm5Weg6OZGauJoVcD 

Related Articles

more
ISC CCSP Certification Practice Exam