Valid CCSP Test Answers & ISC CCSP Exam PDF [Q164-Q184]

Share

Valid CCSP Test Answers & ISC CCSP Exam PDF

ISC CCSP Certification Real 2024 Mock Exam

NEW QUESTION # 164
Data labels could include all the following, except:

  • A. Confidentiality level
  • B. Multifactor authentication
  • C. Distribution limitations
  • D. Access restrictions

Answer: B

Explanation:
All the others might be included in data labels, but multifactor authentication is a procedure used for access control, not a label.


NEW QUESTION # 165
Which of the following would NOT be considered part of resource pooling with an Infrastructure as a Service implementation?

  • A. Application
  • B. CPU
  • C. Mamory
  • D. Storage

Answer: A

Explanation:
Infrastructure as a Service pools the compute resources for platforms and applications to build upon, including CPU, memory, and storage. Applications are not part of an IaaS offering from the cloud provider.


NEW QUESTION # 166
You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers.
Which of the following would be the most appropriate action to take first?

  • A. Notify the customer
  • B. Escrow the encryption keys
  • C. Copy the data
  • D. Take a shapshot of the virtual machines

Answer: A

Explanation:
Explanation
When a cloud service provider receives an eDiscovery order pertaining to one of their customers, the first action they must take is to notify the customer. This allows the customer to be aware of what was received, as well as to conduct a review to determine if any challenges are necessary or warranted. Taking snapshots of virtual machines, copying data, and escrowing encryption keys are all processes involved in the actual collection of data and should not be performed until the customer has been notified of the request.


NEW QUESTION # 167
Which United States law is focused on accounting and financial practices of organizations?

  • A. HIPAA
  • B. GLBA
  • C. SOX
  • D. Safe Harbor

Answer: C

Explanation:
Explanation/Reference:
Explanation:
The Sarbanes-Oxley (SOX) Act is not an act that pertains to privacy or IT security directly, but rather regulates accounting and financial practices used by organizations. It was passed to protect stakeholders and shareholders from improper practices and errors, and it sets forth rules for compliance, regulated and enforced by the Securities and Exchange Commission (SEC). The main influence on IT systems and operations is the requirements it sets for data retention, specifically in regard to what types of records must be preserved and for how long.


NEW QUESTION # 168
Who should be the only entity allowed to declare that an organization can return to normal following contingency or BCDR operations?

  • A. Law enforcement
  • B. Regulators
  • C. Senior management
  • D. The incident manager

Answer: C


NEW QUESTION # 169
For performance purposes, OS monitoring should include all of the following except:

  • A. CPU usage
  • B. Disk I/O usage
  • C. Disk space
  • D. Print spooling

Answer: D

Explanation:
Print spooling is not a metric for system performance; all the rest are.


NEW QUESTION # 170
Static software security testing typically uses __________ as a measure of how thorough the testing was.

  • A. Malware hits
  • B. Code coverage
  • C. Flaws detected
  • D. Number of testers

Answer: B


NEW QUESTION # 171
Cryptographic keys for encrypted data stored in the cloud should be ______________.
Response:

  • A. Generated with redundancy
  • B. Not stored with the cloud provider
  • C. Split into groups
  • D. At least 128 bits long

Answer: B


NEW QUESTION # 172
Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?

  • A. WS-Federation
  • B. HTML
  • C. XML
  • D. SAML

Answer: D

Explanation:
The Security Assertion Markup Language (SAML) is the most widely used method for encoding and sending attributes and other information from an identity provider to a relying party.WS- Federation, which is used by Active Directory Federation Services (ADFS), is the second most used method for sending information to a relying party, but it is not a better choice than SAML.
XML is similar to SAML in the way it encodes and labels data, but it does not have all of the required extensions that SAML does. HTML is not used within federated systems at all.


NEW QUESTION # 173
Which of the following pertains to a macro level approach to data center design rather than the traditional tiered approach to data centers?

  • A. IDCA
  • B. Uptime Institute
  • C. BICSI
  • D. NFPA

Answer: A

Explanation:
The standards put out by the International Data Center Authority (IDCA) have established the Infinity Paradigm, which is intended to be a comprehensive data center design and operations framework. The Infinity Paradigm shifts away from many models that rely on tiered architecture for data centers, where each successive tier increases redundancy. Instead, it emphasizes data centers being approached at a macro level, without a specific and isolated focus on certain aspects to achieve tier status.


NEW QUESTION # 174
The share phase of the cloud data lifecycle involves allowing data to leave the application, to be shared with external systems, services, or even other vendors/contractors.
What technology would be useful for protecting data at this point?

  • A. IPS
  • B. WAF
  • C. IDS
  • D. DLP

Answer: D

Explanation:
Data loss prevention (DLP) solutions allow for control of data outside of the application or original system.
They can enforce granular control such as printing, copying, and being read by others, as well as forcing expiration of access. Intrusion detection system (IDS) and intrusion prevention system (IPS) solutions are used for detecting and blocking suspicious and malicious traffic, respectively, whereas a web application firewall (WAF) is used for enforcing security or other controls on web- based applications.


NEW QUESTION # 175
Federation should be __________ to the users.
Response:

  • A. Hostile
  • B. Proportional
  • C. Transparent
  • D. Expensive

Answer: C


NEW QUESTION # 176
Different certifications and standards take different approaches to data center design and operations. Although many traditional approaches use a tiered methodology, which of the following utilizes a macro-level approach to data center design?

  • A. IDCA
  • B. Uptime Institute
  • C. BICSI
  • D. NFPA

Answer: A

Explanation:
Explanation
The Infinity Paradigm of the International Data Center Authority (IDCA) takes a macro-level approach to data center design. The IDCA does not use a specific, focused approach on specific components to achieve tier status. Building Industry Consulting Services International (BICSI) issues certifications for data center cabling. The National Fire Protection Association (NFPA) publishes a broad range of fire safety and design standards for many different types of facilities. The Uptime Institute publishes the most widely known and used standard for data center topologies and tiers.


NEW QUESTION # 177
Which of the following is considered a technological control?

  • A. Firing personnel
  • B. Fireproof safe
  • C. Fire extinguisher
  • D. Firewall software

Answer: D

Explanation:
Explanation/Reference:
Explanation:
A firewall is a technological control. The safe and extinguisher are physical controls and firing someone is an administrative control.


NEW QUESTION # 178
The BIA can be used to provide information about all the following, except:
Response:

  • A. Risk analysis
  • B. Secure acquisition
  • C. BC/DR planning
  • D. Selection of security controls

Answer: B


NEW QUESTION # 179
The Restatement (Second) Conflict of Law refers to which of the following?

  • A. Whether local or federal laws apply in a situation
  • B. When judges restate the law in an opinion
  • C. The basis for deciding which laws are most appropriate in a situation where conflicting laws exist
  • D. How jurisdictional disputes are settled

Answer: C


NEW QUESTION # 180
When reviewing the BIA after a cloud migration, the organization should take into account new factors related to data breach impacts. One of these new factors is:

  • A. Many states have data breach notification laws.
  • B. Breaches can cause the loss of proprietary data.
  • C. Breaches can cause the loss of intellectual property.
  • D. Legal liability can't be transferred to the cloud provider.

Answer: D

Explanation:
Explanation
State notification laws and the loss of proprietary data/intellectual property pre-existed the cloud; only the lack of ability to transfer liability is new.


NEW QUESTION # 181
An organization could have many reasons that are common throughout the industry to activate a BCDR situation. Which of the following is NOT a typical reason to activate a BCDR plan?

  • A. Staff loss
  • B. Utility outage
  • C. Terrorist attack
  • D. Natural disaster

Answer: A


NEW QUESTION # 182
Which process serves to prove the identity and credentials of a user requesting access to an application or data?

  • A. Identification
  • B. Authentication
  • C. Authorization
  • D. Repudiation

Answer: B

Explanation:
Authentication is the process of proving whether the identity presented by a user is true and valid. This can be done through common mechanisms such as user ID and password combinations or with more secure methods such as multifactor authentication.


NEW QUESTION # 183
Which of these characteristics of a virtualized network adds risks to the cloud environment?
Response:

  • A. Redundancy
  • B. Self-service
  • C. Pay-per-use
  • D. Scalability

Answer: A


NEW QUESTION # 184
......


The CCSP Certification Exam is a valuable credential that demonstrates a professional's expertise in cloud security. It is recognized by organizations around the world and can help professionals advance their careers in the field of cloud security. Certified Cloud Security Professional certification is valid for three years and requires that professionals maintain their knowledge and skills through continuing education and professional development activities.

 

CCSP Exam Questions and Valid CCSP Dumps PDF: https://www.vceengine.com/CCSP-vce-test-engine.html

CCSP Brain Dump: A Study Guide with Tips & Tricks for passing Exam: https://drive.google.com/open?id=1aGKX4ovYLfA9_Pi3wMltB2djhuatfg3j