ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 15

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Over time, what is a primary concern for data archiving?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
What concept does the "D" represent with the STRIDE threat model?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
The baseline should cover which of the following?
What is the data encapsulation used with the SOAP protocol referred to?

Question 141

Report
Export
Collapse

Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?

A.
Virtualization
A.
Virtualization
Answers
B.
Multitenancy
B.
Multitenancy
Answers
C.
Resource pooling
C.
Resource pooling
Answers
D.
Dynamic optimization
D.
Dynamic optimization
Answers
Suggested answer: A

Explanation:

Cloud environments will regularly change virtual machines as patching and versions are changed. Unlike a physical environment, there is little continuity from one period of time to another. It is very unlikely that the same virtual machines would be in use during a repeat audit.

Question 142

Report
Export
Collapse

Which security concept would business continuity and disaster recovery fall under?

A.
Confidentiality
A.
Confidentiality
Answers
B.
Availability
B.
Availability
Answers
C.
Fault tolerance
C.
Fault tolerance
Answers
D.
Integrity
D.
Integrity
Answers
Suggested answer: B

Explanation:

Disaster recovery and business continuity are vital concerns with availability. If data is destroyed or compromised, having regular backup systems in place as well as being able to perform disaster recovery in the event of a major or widespread problem allows operations to continue with an acceptable loss of time and data to management. This also ensures that sensitive data is protected and persisted in the event of the loss or corruption of data systems or physical storage systems.

Question 143

Report
Export
Collapse

Which of the following is NOT an application or utility to apply and enforce baselines on a system?

A.
Chef
A.
Chef
Answers
B.
GitHub
B.
GitHub
Answers
C.
Puppet
C.
Puppet
Answers
D.
Active Directory
D.
Active Directory
Answers
Suggested answer: B

Explanation:

GitHub is an application for code collaboration, including versioning and branching of code trees. It is not used for applying or maintaining system configurations.

Question 144

Report
Export
Collapse

Which of the cloud cross-cutting aspects relates to the ability for a cloud customer to easily remove their applications and data from a cloud environment?

A.
Reversibility
A.
Reversibility
Answers
B.
Availability
B.
Availability
Answers
C.
Portability
C.
Portability
Answers
D.
Interoperability
D.
Interoperability
Answers
Suggested answer: A

Explanation:

Reversibility is the ability for a cloud customer to easily remove their applications or data from a cloud environment, as well as to ensure that all traces of their applications or data have been securely removed per a predefined agreement with the cloud provider.

Question 145

Report
Export
Collapse

Which of the following is NOT a function performed by the record protocol of TLS?

A.
Encryption
A.
Encryption
Answers
B.
Acceleration
B.
Acceleration
Answers
C.
Authentication
C.
Authentication
Answers
D.
Compression
D.
Compression
Answers
Suggested answer: B

Explanation:

The record protocol of TLS performs the authentication and encryption of data packets, and in some cases compression as well. It does not perform any acceleration functions.

Question 146

Report
Export
Collapse

What concept does the "R" represent with the DREAD model?

A.
Reproducibility
A.
Reproducibility
Answers
B.
Repudiation
B.
Repudiation
Answers
C.
Risk
C.
Risk
Answers
D.
Residual
D.
Residual
Answers
Suggested answer: A

Explanation:

Reproducibility is the measure of how easy it is to reproduce and successful use an exploit. Scoring within the DREAD model ranges from 0, signifying a nearly impossibly exploit, up to 10, which signifies something that anyone from a simple function call could exploit, such as a URL.

Question 147

Report
Export
Collapse

The SOC Type 2 reports are divided into five principles.

Which of the five principles must also be included when auditing any of the other four principles?

A.
Confidentiality
A.
Confidentiality
Answers
B.
Privacy
B.
Privacy
Answers
C.
Security
C.
Security
Answers
D.
Availability
D.
Availability
Answers
Suggested answer: C

Explanation:

Under the SOC guidelines, when any of the four principles other than security are being audited, which includes availability, confidentiality, processing integrity, and privacy, the security principle must also be included with the audit.

Question 148

Report
Export
Collapse

How many additional DNS queries are needed when DNSSEC integrity checks are added?

A.
Three
A.
Three
Answers
B.
Zero
B.
Zero
Answers
C.
One
C.
One
Answers
D.
Two
D.
Two
Answers
Suggested answer: B

Explanation:

DNSSEC does not require any additional DNS queries to be performed. The DNSSEC integrity checks and validations are all performed as part of the single DNS lookup resolution.

Question 149

Report
Export
Collapse

Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

A.
Platform
A.
Platform
Answers
B.
Infrastructure
B.
Infrastructure
Answers
C.
Governance
C.
Governance
Answers
D.
Application
D.
Application
Answers
Suggested answer: C

Explanation:

Regardless of which cloud-hosting model is used, the cloud customer always has sole responsibility for the governance of systems and data.

Question 150

Report
Export
Collapse

Which of the following service categories entails the least amount of support needed on the part of the cloud customer?

A.
SaaS
A.
SaaS
Answers
B.
IaaS
B.
IaaS
Answers
C.
DaaS
C.
DaaS
Answers
D.
PaaS
D.
PaaS
Answers
Suggested answer: A

Explanation:

With SaaS providing a fully functioning application that is managed and maintained by the cloud provider, cloud customers incur the least amount of support responsibilities themselves of any service category.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms