ISC2 CCSP Training Tools 2019
Master the CCSP Certified Cloud Security Professional content and be ready for exam day success quickly with this Testking CCSP vce. We guarantee it!We make it a reality and give you real CCSP questions in our ISC2 CCSP braindumps.Latest 100% VALID ISC2 CCSP Exam Questions Dumps at below page. You can use our ISC2 CCSP braindumps and pass your exam.
NEW QUESTION 1
Fiber-optic lines are considered part of layer ______ of the OSI model. Response:
- A. 1
- B. 3
- C. 5
- D. 7
NEW QUESTION 2
Typically, SSDs are ______.
- A. More expensive than spinning platters
- B. Larger than tape backup
- C. Heavier than tape libraries
- D. More subject to malware than legacy drives
NEW QUESTION 3
The BCDR plan/process should be written and documented in such a way that it can be used by ______.
- A. Users
- B. Essential BCDR team members
- C. Regulators
- D. Someone with the requisite skills
NEW QUESTION 4
Which of the following is perhaps the best method for reducing the risk of a specific application not delivering the proper level of functionality and performance when it is moved from the legacy environment into the cloud?
- A. Remove the application from the organization’s production environment, and replace it with something else.
- B. Negotiate and conduct a trial run in the cloud environment for that application before permanently migrating.
- C. Make sure the application is fully updated and patched according to all vendor specifications.
- D. Run the application in an emulator.
NEW QUESTION 5
The physical layout of a cloud data center campus should include redundancies of all the following except
- A. Generators
- B. HVAC units
- C. Generator fuel storage
- D. Points of personnel ingress
NEW QUESTION 6
Which of the following is a file server that provides data access to multiple, heterogeneous machines/users on the network?
- A. Storage area network (SAN)
- B. Network-attached storage (NAS)
- C. Hardware security module (HSM)
- D. Content delivery network (CDN)
NEW QUESTION 7
There are two general types of smoke detectors. Which type uses a small portion of radioactive material? Response:
- A. Photoelectric
- B. Ionization
- C. Electron pulse
- D. Integral field
NEW QUESTION 8
You work for a government research facility. Your organization often shares data with other government research organizations.
You would like to create a single sign-on experience across the organizations, where users at each organization can sign in with the user ID/authentication issued by that organization, then access research data in all the other organizations.
Instead of replicating the data stores of each organization at every other organization (which is one way of accomplishing this goal), you instead want every user to have access to each organization’s specific storage resources.
In order to pass the user IDs and authenticating credentials of each user among the organizations, what
protocol/language/motif will you most likely utilize? Response:
- A. Representational State Transfer (REST)
- B. Security Assertion Markup Language (SAML)
- C. Simple Object Access Protocol (SOAP)
- D. Hypertext Markup Language (HTML)
NEW QUESTION 9
Which of the following is the correct name for Tier II of the Uptime Institute Data Center Site Infrastructure Tier Standard Topology?
- A. Concurrently Maintainable Site Infrastructure
- B. Fault-Tolerant Site Infrastructure
- C. Basic Site Infrastructure
- D. Redundant Site Infrastructure Capacity Components
NEW QUESTION 10
In a Lightweight Directory Access Protocol (LDAP) environment, each entry in a directory server is identified by a ______.
- A. Domain name (DN)
- B. Distinguished name (DN)
- C. Directory name (DN)
- D. Default name (DN)
NEW QUESTION 11
Which of the following aspects of the BC/DR process poses a risk to the organization? Response:
- A. Threat intelligence gathering
- B. Preplacement of response assets
- C. Budgeting for disaster
- D. Full testing of the plan
NEW QUESTION 12
The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats to organizations participating in cloud computing. A cloud customer that does not perform sufficient due diligence can suffer harm if the cloud provider they’ve selected goes out of business.
What do we call this problem? Response:
- A. Vendor lock-in
- B. Vendor lock-out
- C. Vendor incapacity
- D. Unscaled
NEW QUESTION 13
All of the following are terms used to described the practice of obscuring original raw data so that only a portion is displayed for operational purposes, except:
- A. Tokenization
- B. Data discovery
- C. Obfuscation
- D. Masking
NEW QUESTION 14
During the assessment phase of a risk evaluation, what are the two types of tests that are performed? Response:
- A. Internal and external
- B. Technical and managerial
- C. Physical and logical
- D. Qualitative and quantitative
NEW QUESTION 15
A user signs on to a cloud-based social media platform. In another browser tab, the user finds an article worth posting to the social media platform. The user clicks on the platform’s icon listed on the article’s website, and the article is automatically posted to the user’s account on the social media platform.
This is an example of what?
- A. Single sign-on
- B. Insecure direct identifiers
- C. Identity federation
- D. Cross-site scripting
NEW QUESTION 16
What are the four cloud deployment models? Response:
- A. Public, Internal, Hybrid, and Community
- B. External, Private, Hybrid, and Community
- C. Public, Private, Joint, and Community
- D. Public, Private, Hybrid, and Community
NEW QUESTION 17
______ can often be the result of inadvertent activity. Response:
- A. DDoS
- B. Phishing
- C. Sprawl
- D. Disasters
NEW QUESTION 18
Which of the following types of software is a Type 2 hypervisor dependent on that a Type 1 hypervisor isn’t? Response:
- A. VPN
- B. Firewall
- C. Operating system
- D. IDS
NEW QUESTION 19
While an audit is being conducted, which of the following could cause management and the auditors to change the original plan in order to continue with the audit?
- A. Cost overruns
- B. Impact on systems
- C. Regulatory changes
- D. Software version changes
NEW QUESTION 20
Who is the entity identified by personal data? Response:
- A. The data owner
- B. The data processor
- C. The data custodian
- D. The data subject
NEW QUESTION 21
What is the cloud service model in which the customer is responsible for administration of the OS? Response:
- A. IaaS
- B. PaaS
- C. SaaS
- D. QaaS
NEW QUESTION 22
Which of the following are not examples of personnel controls? Response:
- A. Background checks
- B. Reference checks
- C. Strict access control mechanisms
- D. Continuous security training
NEW QUESTION 23
What sort of legal enforcement may the Payment Card Industry (PCI) Security Standards Council not bring to bear against organizations that fail to comply with the Payment Card Industry Data Security Standard (PCI DSS)?
- A. Fines
- B. Jail time
- C. Suspension of credit card processing privileges
- D. Subject to increased audit frequency and scope
NEW QUESTION 24
DRM solutions should generally include all the following functions, except:
- A. Persistency
- B. Automatic self-destruct
- C. Automatic expiration
- D. Dynamic policy control
NEW QUESTION 25
During which stage of the SDLC process should security be consulted and begin its initial involvement?
- A. Testing
- B. Design
- C. Development
- D. Requirement gathering
NEW QUESTION 26
Using one cloud provider for your operational environment and another for your BCDR backup will also give you the additional benefit of ______.
- A. Allowing any custom VM builds you use to be instantly ported to another environment
- B. Avoiding vendor lock-in/lockout
- C. Increased performance
- D. Lower cost
NEW QUESTION 27
P.S. Easily pass CCSP Exam with 353 Q&As Passcertsure Dumps & pdf Version, Welcome to Download the Newest Passcertsure CCSP Dumps: https://www.passcertsure.com/CCSP-test/ (353 New Questions)