CCSP | Top Tips Of Up To Date CCSP Questions Pool

NEW QUESTION 1

The Transport Layer Security (TLS) protocol creates a secure communications channel over public media (such as the Internet). In a typical TLS session, what is the usual means for establishing trust between the parties?
Response:

• A. Out-of-band authentication
• B. Multifactor authentication
• C. PKI certificates
• D. Preexisting knowledge of each other

Answer: C

NEW QUESTION 2

Which of the following is not an enforceable governmental request? Response:

• A. Warrant
• B. Subpoena
• C. Court order
• D. Affidavit

Answer: D

NEW QUESTION 3

You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment.
Which of these activities should you perform before deploying the tool? Response:

• A. Survey your company’s departments about the data under their control
• B. Reconstruct your firewalls
• C. Harden all your routers
• D. Adjust the hypervisors

Answer: A

NEW QUESTION 4

Federation allows ______ across organizations.
Response:

• A. Role replication
• B. Encryption
• C. Policy
• D. Access

Answer: D

NEW QUESTION 5

A honeypot can be used for all the following purposes except ______.
Response:

• A. Gathering threat intelligence
• B. Luring attackers
• C. Distracting attackers
• D. Delaying attackers

Answer: B

NEW QUESTION 6

Which of the following is not a security concern related to archiving data for long-term storage? Response:

• A. Long-term storage of the related cryptographic keys
• B. Format of the data
• C. Media the data resides on
• D. Underground depth of the storage facility

Answer: D

NEW QUESTION 7

Which cloud service category is MOST likely to use a client-side key management system? Response:

• A. IaaS
• B. SaaS
• C. PaaS
• D. DaaS

Answer: B

NEW QUESTION 8

When an organization implements an SIEM solution and begins aggregating event data, the configured event sources are only valid at the time it was configured. Application modifications, patching, and other upgrades will change the events generated and how they are represented over time.
What process is necessary to ensure events are collected and processed with this in mind?

• A. Continual review
• B. Continuous optimization
• C. Aggregation updates
• D. Event elasticity

Answer: B

NEW QUESTION 9

Fiber-optic lines are considered part of layer ______ of the OSI model. Response:

• A. 1
• B. 3
• C. 5
• D. 7

Answer: A

NEW QUESTION 10

Each of the following are dependencies that must be considered when reviewing the BIA after cloud migration except:
Response:

• A. The cloud provider’s suppliers
• B. The cloud provider’s vendors
• C. The cloud provider’s utilities
• D. The cloud provider’s resellers

Answer: D

NEW QUESTION 11

Your application has been a continued target for SQL injection attempts. Which of the following technologies would be best used to combat the likeliness of a successful SQL injection exploit from occurring?
Response:

• A. XML accelerator
• B. WAF
• C. Sandbox
• D. Firewall

Answer: B

NEW QUESTION 12

A bare-metal hypervisor is Type ______.
Response:

• A. 1
• B. 2
• C. 3
• D. 4

Answer: A

NEW QUESTION 13

FM-200 has all the following properties except ______.
Response:

• A. It’s nontoxic at levels used for fire suppression
• B. It’s gaseous at room temperature
• C. It may deplete the Earth’s ozone layer
• D. It does not leave a film or coagulant after use

Answer: C

NEW QUESTION 14

What is the term used to describe loss of access to data because the cloud provider has ceased operation? Response:

• A. Closing
• B. Vendor lock-out
• C. Vendor lock-in
• D. Masking

Answer: B

NEW QUESTION 15

______ can often be the result of inadvertent activity. Response:

• A. DDoS
• B. Phishing
• C. Sprawl
• D. Disasters

Answer: C

NEW QUESTION 16

Under EU law, a cloud customer who gives sensitive data to a cloud provider is still legally responsible for the damages resulting from a data breach caused by the provider; the EU would say that it is the cloud customer’s fault for choosing the wrong provider.
This is an example of insufficient ______ .

• A. Proof
• B. Evidence
• C. Due diligence
• D. Application of reasonableness

Answer: C

NEW QUESTION 17

Which cloud service category brings with it the most expensive startup costs, but also the lowest costs for ongoing support and maintenance staff?
Response:

• A. IaaS
• B. SaaS
• C. PaaS
• D. DaaS

Answer: B

NEW QUESTION 18

Which of the following is a risk that stems from a virtualized environment? Response:

• A. Live virtual machines in the production environment are moved from one host to another in the clear.
• B. Cloud data centers can become a single point of failure.
• C. It is difficult to find and contract with multiple utility providers of the same type (electric, water, etc.).
• D. Modern SLA demands are stringent and very hard to meet.

Answer: A

NEW QUESTION 19

A web application firewall (WAF) can understand and act on ______ traffic.
Response:

• A. Malicious
• B. SMTP
• C. ICMP
• D. HTTP

Answer: D

NEW QUESTION 20

You are the security manager of a small firm that has just purchased a DLP solution to implement in your cloud-based production environment.
In order to get truly holistic coverage of your environment, you should be sure to include ______ as a step in the deployment process.
Response:

• A. Getting signed user agreements from all users
• B. Installation of the solution on all assets in the cloud data center
• C. Adoption of the tool in all routers between your users and the cloud provider
• D. All of your customers to install the tool

Answer: A

NEW QUESTION 21

Why might an organization choose to comply with the ISO 27001 standard?
Response:

• A. Price
• B. Ease of implementation
• C. International acceptance
• D. Speed

Answer: C

NEW QUESTION 22

Which of the following methods for the safe disposal of electronic records can always be used in a cloud
environment? Response:

• A. Physical destruction
• B. Encryption
• C. Overwriting
• D. Degaussing

Answer: B

NEW QUESTION 23

Log data should be protected ______.
Response:

• A. One level below the sensitivity level of the systems from which it was collected
• B. At least at the same sensitivity level as the systems from which it was collected
• C. With encryption in transit, at rest, and in use
• D. According to NIST guidelines

Answer: B

NEW QUESTION 24

What is a form of cloud storage where data is stored as objects, arranged in a hierarchal structure, like a file tree?
Response:

• A. Volume storage
• B. Databases
• C. Content delivery network (CDN)
• D. Object storage

Answer: D

NEW QUESTION 25

Which of the following is NOT a common component of a DLP implementation process? Response:

• A. Discovery
• B. Monitoring
• C. Revision
• D. Enforcement

Answer: C

NEW QUESTION 26
......