ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 12

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Over time, what is a primary concern for data archiving?
Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
What concept does the "D" represent with the STRIDE threat model?
What is the data encapsulation used with the SOAP protocol referred to?
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?

Question 111

Report
Export
Collapse

Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

A.
CPU
A.
CPU
Answers
B.
Users
B.
Users
Answers
C.
Memory
C.
Memory
Answers
D.
Network
D.
Network
Answers
Suggested answer: B

Explanation:

An SLA requires performance monitoring of CPU, memory, storage, and networking. The number of users active on a system would not be part of an SLA specifically, other than in regard to the impact on the other four variables.

Question 112

Report
Export
Collapse

Which of the following is the MOST important requirement and guidance for testing during an audit?

A.
Stakeholders
A.
Stakeholders
Answers
B.
Shareholders
B.
Shareholders
Answers
C.
Management
C.
Management
Answers
D.
Regulations
D.
Regulations
Answers
Suggested answer: D

Explanation:

During any audit, regulations are the most important factor and guidelines for what must be tested. Although the requirements from management, stakeholders, and shareholders are also important, regulations are not negotiable and pose the biggest risk to any organization for compliance failure.

Question 113

Report
Export
Collapse

Which value refers to the amount of data an organization would need to recover in the event of a BCDR situation in order to reach an acceptable level of operations?

A.
SRE
A.
SRE
Answers
B.
RTO
B.
RTO
Answers
C.
RPO
C.
RPO
Answers
D.
RSL
D.
RSL
Answers
Suggested answer: C

Explanation:

The recovery point objective (RPO) is defined as the amount of data a company would need to maintain and recover in order to function at a level acceptable to management. This may or may not be a restoration to full operating capacity, depending on what management deems as crucial and essential.

Question 114

Report
Export
Collapse

What must SOAP rely on for security?

A.
Encryption
A.
Encryption
Answers
B.
Tokenization
B.
Tokenization
Answers
C.
TLS
C.
TLS
Answers
D.
SSL
D.
SSL
Answers
Suggested answer: A

Explanation:

Simple Object Access Protocol (SOAP) uses Extensible Markup Language (XML) for passing data, and it must rely on the encryption of those data packages for security.

Question 115

Report
Export
Collapse

Which of the following is a commonly used tool for maintaining system configurations?

A.
Maestro
A.
Maestro
Answers
B.
Orchestrator
B.
Orchestrator
Answers
C.
Puppet
C.
Puppet
Answers
D.
Conductor
D.
Conductor
Answers
Suggested answer: C

Explanation:

Puppet is a commonly used tool for maintaining system configurations based on policies, and done so from a centralized authority.

Question 116

Report
Export
Collapse

What type of data does data rights management (DRM) protect?

A.
Consumer
A.
Consumer
Answers
B.
PII
B.
PII
Answers
C.
Financial
C.
Financial
Answers
D.
Healthcare
D.
Healthcare
Answers
Suggested answer: A

Explanation:

DRM applies to the protection of consumer media, such as music, publications, video, movies, and soon.

Question 117

Report
Export
Collapse

Which type of testing uses the same strategies and toolsets that hackers would use?

A.
Penetration
A.
Penetration
Answers
B.
Dynamic
B.
Dynamic
Answers
C.
Static
C.
Static
Answers
D.
Malicious
D.
Malicious
Answers
Suggested answer: A

Explanation:

Penetration testing involves using the same strategies and toolsets that hackers would use against a system to discovery potential vulnerabilities.

Question 118

Report
Export
Collapse

From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?

A.
Access provisioning
A.
Access provisioning
Answers
B.
Auditing
B.
Auditing
Answers
C.
Jurisdictions
C.
Jurisdictions
Answers
D.
Authorization
D.
Authorization
Answers
Suggested answer: C

Explanation:

When a security professional is considering cloud solutions for BCDR, a top concern is the jurisdiction where the cloud systems are hosted. If the jurisdiction is different from where the production systems are hosted, they may be subjected to different regulations and controls, which would make a seamless BCDR solution far more difficult.

Question 119

Report
Export
Collapse

Which of the following is NOT a focus or consideration of an internal audit?

A.
Certification
A.
Certification
Answers
B.
Design
B.
Design
Answers
C.
Costs
C.
Costs
Answers
D.
Operational efficiency
D.
Operational efficiency
Answers
Suggested answer: A

Explanation:

In order to obtain and comply with certifications, independent external audits must be performed and satisfied. Although some testing of certification controls can be part of an internal audit, they will not satisfy requirements.

Question 120

Report
Export
Collapse

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

A.
Infrastructure
A.
Infrastructure
Answers
B.
Platform
B.
Platform
Answers
C.
Application
C.
Application
Answers
D.
Data
D.
Data
Answers
Suggested answer: D

Explanation:

Regardless of which cloud-hosting model is used, the cloud customer always has sole responsibility for the data and its security.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms