ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 17

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Over time, what is a primary concern for data archiving?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
What concept does the "D" represent with the STRIDE threat model?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
The baseline should cover which of the following?
What is the data encapsulation used with the SOAP protocol referred to?

Question 161

Report
Export
Collapse

Which security concept is focused on the trustworthiness of data?

A.
Integrity
A.
Integrity
Answers
B.
Availability
B.
Availability
Answers
C.
Nonrepudiation
C.
Nonrepudiation
Answers
D.
Confidentiality
D.
Confidentiality
Answers
Suggested answer: A

Explanation:

Integrity is focused on the trustworthiness of data as well as the prevention of unauthorized modification or tampering of it. A prime consideration for maintaining integrity is an emphasis on the change management and configuration management aspects of operations, so that all modifications are predictable, tracked, logged, and verified, whether they are performed by actual human users or systems processes and scripts.

Question 162

Report
Export
Collapse

Which OSI layer does IPsec operate at?

A.
Network
A.
Network
Answers
B.
transport
B.
transport
Answers
C.
Application
C.
Application
Answers
D.
Presentation
D.
Presentation
Answers
Suggested answer: A

Explanation:

A major difference between IPsec and other protocols such as TLS is that IPsec operates at the Internet network layer rather than the application layer, allowing for complete end-to-end encryption of all communications and traffic.

Question 163

Report
Export
Collapse

Which of the cloud cross-cutting aspects relates to the requirements placed on the cloud provider by the cloud customer for minimum performance standards and requirements that must be met?

A.
Regulatory requirements
A.
Regulatory requirements
Answers
B.
SLAs
B.
SLAs
Answers
C.
Auditability
C.
Auditability
Answers
D.
Governance
D.
Governance
Answers
Suggested answer: B

Explanation:

Whereas a contract spells out general terms and costs for services, the SLA is where the real meat of the business relationship and concrete requirements come into play. The SLA spells out in clear terms the minimum requirements for uptime, availability, processes, customer service and support, security controls and requirements, auditing and reporting, and potentially many other areas that define the business relationship and the success of it.

Question 164

Report
Export
Collapse

Which of the following service capabilities gives the cloud customer the most control over resources and configurations?

A.
Desktop
A.
Desktop
Answers
B.
Platform
B.
Platform
Answers
C.
Infrastructure
C.
Infrastructure
Answers
D.
Software
D.
Software
Answers
Suggested answer: C

Explanation:

The infrastructure service capability gives the cloud customer substantial control in provisioning and configuring resources, including processing, storage, and network resources.

Question 165

Report
Export
Collapse

What concept does the "I" represent with the STRIDE threat model?

A.
Integrity
A.
Integrity
Answers
B.
Information disclosure
B.
Information disclosure
Answers
C.
IT security
C.
IT security
Answers
D.
Insider threat
D.
Insider threat
Answers
Suggested answer: B

Explanation:

Perhaps the biggest concern for any user is having their personal and sensitive information disclosed by an application. There are many aspects of an application to consider with security and protecting this information, and it is very difficult for any application to fully ensure security from start to finish. The obvious focus is on security within the application itself, as well as protecting and storing the data.

Question 166

Report
Export
Collapse

At which stage of the BCDR plan creation phase should security be included in discussions?

A.
Define scope
A.
Define scope
Answers
B.
Analyze
B.
Analyze
Answers
C.
Assess risk
C.
Assess risk
Answers
D.
Gather requirements
D.
Gather requirements
Answers
Suggested answer: A

Explanation:

Security should be included in discussions from the very first phase when defining the scope. Adding security later is likely to incur additional costs in time and money, or will result in an incomplete or inadequate plan.

Question 167

Report
Export
Collapse

Which approach is typically the most efficient method to use for data discovery?

A.
Metadata
A.
Metadata
Answers
B.
Content analysis
B.
Content analysis
Answers
C.
Labels
C.
Labels
Answers
D.
ACLs
D.
ACLs
Answers
Suggested answer: A

Explanation:

Metadata is data about data. It contains information about the type of data, how it is stored and organized, or information about its creation and use.

Question 168

Report
Export
Collapse

Which of the following features is a main benefit of PaaS over IaaS?

A.
Location independence
A.
Location independence
Answers
B.
High-availability
B.
High-availability
Answers
C.
Physical security requirements
C.
Physical security requirements
Answers
D.
Auto-scaling
D.
Auto-scaling
Answers
Suggested answer: D

Explanation:

With PaaS providing a fully configured and managed framework, auto-scaling can be implemented to programmatically adjust resources based on the current demands of the environment.

Question 169

Report
Export
Collapse

Which audit type has been largely replaced by newer approaches since 2011?

A.
SOC Type 1
A.
SOC Type 1
Answers
B.
SSAE-16
B.
SSAE-16
Answers
C.
SAS-70
C.
SAS-70
Answers
D.
SOC Type 2
D.
SOC Type 2
Answers
Suggested answer: C

Explanation:

SAS-70 reports were replaced in 2011 with the SSAE-16 reports throughout the industry.

Question 170

Report
Export
Collapse

Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?

A.
Reservations
A.
Reservations
Answers
B.
Measured service
B.
Measured service
Answers
C.
Limits
C.
Limits
Answers
D.
Shares
D.
Shares
Answers
Suggested answer: A

Explanation:

Reservations ensure that a minimum level of resources will always be available to a cloud customer for them to start and operate their services. In the event of a

DoS attack against one customer, they can guarantee that the other customers will still be able to operate.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms