ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 13

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Over time, what is a primary concern for data archiving?
Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
What concept does the "D" represent with the STRIDE threat model?
What is the data encapsulation used with the SOAP protocol referred to?
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?

Question 121

Report
Export
Collapse

What process is used within a clustered system to provide high availability and load balancing?

A.
Dynamic balancing
A.
Dynamic balancing
Answers
B.
Dynamic clustering
B.
Dynamic clustering
Answers
C.
Dynamic optimization
C.
Dynamic optimization
Answers
D.
Dynamic resource scheduling
D.
Dynamic resource scheduling
Answers
Suggested answer: D

Explanation:

Dynamic resource scheduling (DRS) is used within all clustering systems as the method for clusters to provide high availability, scaling, management, and workload distribution and balancing of jobs and processes. From a physical infrastructure perspective, DRS is used to balance compute loads between physical hosts in a cloud to maintain the desired thresholds and limits on the physical hosts.

Question 122

Report
Export
Collapse

Which of the following is NOT a function performed by the handshake protocol of TLS?

A.
Key exchange
A.
Key exchange
Answers
B.
Encryption
B.
Encryption
Answers
C.
Negotiation of connection
C.
Negotiation of connection
Answers
D.
Establish session ID
D.
Establish session ID
Answers
Suggested answer: B

Explanation:

The handshake protocol negotiates and establishes the connection as well as handles the key exchange and establishes the session ID. It does not perform the actual encryption of data packets.

Question 123

Report
Export
Collapse

Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time. What is the minimum span of time for a SOC Type 2 report?

A.
Six months
A.
Six months
Answers
B.
One month
B.
One month
Answers
C.
One year
C.
One year
Answers
D.
One week
D.
One week
Answers
Suggested answer: A

Explanation:

SOC Type 2 reports are focused on the same policies and procedures, as well as their effectiveness, as SOC Type 1 reports, but are evaluated over a period of at least six consecutive months, rather than a finite point in time.

Question 124

Report
Export
Collapse

What changes are necessary to application code in order to implement DNSSEC?

A.
Adding encryption modules
A.
Adding encryption modules
Answers
B.
Implementing certificate validations
B.
Implementing certificate validations
Answers
C.
Additional DNS lookups
C.
Additional DNS lookups
Answers
D.
No changes are needed.
D.
No changes are needed.
Answers
Suggested answer: D

Explanation:

To implement DNSSEC, no additional changes are needed to applications or their code because the integrity checks are all performed at the system level.

Question 125

Report
Export
Collapse

Which type of controls are the SOC Type 1 reports specifically focused on?

A.
Integrity
A.
Integrity
Answers
B.
PII
B.
PII
Answers
C.
Financial
C.
Financial
Answers
D.
Privacy
D.
Privacy
Answers
Suggested answer: C

Explanation:

SOC Type 1 reports are focused specifically on internal controls as they relate to financial reporting.

Question 126

Report
Export
Collapse

Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?

A.
Integrity
A.
Integrity
Answers
B.
Availability
B.
Availability
Answers
C.
Confidentiality
C.
Confidentiality
Answers
D.
Nonrepudiation
D.
Nonrepudiation
Answers
Suggested answer: C

Explanation:

The main goal of confidentiality is to ensure that sensitive information is not made available or leaked to parties that should not have access to it, while at the same time ensuring that those with appropriate need and authorization to access it can do so in a manner commensurate with their needs and confidentiality requirements.

Question 127

Report
Export
Collapse

Which of the following is NOT a domain of the Cloud Controls Matrix (CCM)?

A.
Data center security
A.
Data center security
Answers
B.
Human resources
B.
Human resources
Answers
C.
Mobile security
C.
Mobile security
Answers
D.
Budgetary and cost controls
D.
Budgetary and cost controls
Answers
Suggested answer: D

Explanation:

Budgetary and cost controls is not one of the domains outlined in the CCM.

Question 128

Report
Export
Collapse

Which security concept, if implemented correctly, will protect the data on a system, even if a malicious actor gains access to the actual system?

A.
Sandboxing
A.
Sandboxing
Answers
B.
Encryption
B.
Encryption
Answers
C.
Firewalls
C.
Firewalls
Answers
D.
Access control
D.
Access control
Answers
Suggested answer: B

Explanation:

In any environment, data encryption is incredibly important to prevent unauthorized exposure of data either internally or externally. If a system is compromised by an attack, having the data encrypted on the system will prevent its unauthorized exposure or export, even with the system itself being exposed.

Question 129

Report
Export
Collapse

Which of the following is the sole responsibility of the cloud provider, regardless of which cloud model is used?

A.
Platform
A.
Platform
Answers
B.
Data
B.
Data
Answers
C.
Physical environment
C.
Physical environment
Answers
D.
Infrastructure
D.
Infrastructure
Answers
Suggested answer: C

Explanation:

Regardless of which cloud-hosting model is used, the cloud provider always has sole responsibility for the physical environment.

Question 130

Report
Export
Collapse

Which of the following is NOT a factor that is part of a firewall configuration?

A.
Encryption
A.
Encryption
Answers
B.
Port
B.
Port
Answers
C.
Protocol
C.
Protocol
Answers
D.
Source IP
D.
Source IP
Answers
Suggested answer: A

Explanation:

Firewalls take into account source IP, destination IP, the port the traffic is using, as well as the network protocol (UDP/TCP). Whether or not the traffic is encrypted is not something a firewall is concerned with.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms