ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 19

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Over time, what is a primary concern for data archiving?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
What concept does the "D" represent with the STRIDE threat model?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
The baseline should cover which of the following?
Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

Question 181

Report
Export
Collapse

Which aspect of security is DNSSEC designed to ensure?

A.
Integrity
A.
Integrity
Answers
B.
Authentication
B.
Authentication
Answers
C.
Availability
C.
Availability
Answers
D.
Confidentiality
D.
Confidentiality
Answers
Suggested answer: A

Explanation:

DNSSEC is a security extension to the regular DNS protocol and services that allows for the validation of the integrity of DNS lookups. It does not address confidentiality or availability at all. It allows for a DNS client to perform DNS lookups and validate both their origin and authority via the cryptographic signature that accompanies the DNS response.

Question 182

Report
Export
Collapse

Which process serves to prove the identity and credentials of a user requesting access to an application or data?

A.
Repudiation
A.
Repudiation
Answers
B.
Authentication
B.
Authentication
Answers
C.
Identification
C.
Identification
Answers
D.
Authorization
D.
Authorization
Answers
Suggested answer: B

Explanation:

Authentication is the process of proving whether the identity presented by a user is true and valid. This can be done through common mechanisms such as user ID and password combinations or with more secure methods such as multifactor authentication.

Question 183

Report
Export
Collapse

Who would be responsible for implementing IPsec to secure communications for an application?

A.
Developers
A.
Developers
Answers
B.
Systems staff
B.
Systems staff
Answers
C.
Auditors
C.
Auditors
Answers
D.
Cloud customer
D.
Cloud customer
Answers
Suggested answer: B

Explanation:

Because IPsec is implemented at the system or network level, it is the responsibility of the systems staff. IPsec removes the responsibility from developers, whereas other technologies such as TLS would be implemented by developers.

Question 184

Report
Export
Collapse

What is the minimum regularity for testing a BCDR plan to meet best practices?

A.
Once year
A.
Once year
Answers
B.
Once a month
B.
Once a month
Answers
C.
Every six months
C.
Every six months
Answers
D.
When the budget allows it
D.
When the budget allows it
Answers
Suggested answer: A

Explanation:

Best practices and industry standards dictate that a BCDR solution should be tested at least once a year, though specific regulatory requirements may dictate more regular testing. The BCDR plan should also be tested whenever a major modification to a system occurs.

Question 185

Report
Export
Collapse

Other than cost savings realized due to measured service, what is another facet of cloud computing that will typically save substantial costs in time and money for an organization in the event of a disaster?

A.
Broad network access
A.
Broad network access
Answers
B.
Interoperability
B.
Interoperability
Answers
C.
Resource pooling
C.
Resource pooling
Answers
D.
Portability
D.
Portability
Answers
Suggested answer: A

Explanation:

With a typical BCDR solution, an organization would need some number of staff to quickly travel to the location of the BCDR site to configure systems and applications for recovery. With a cloud environment, everything is done over broad network access, with no need (or even possibility) to travel to a remote site at any time.

Question 186

Report
Export
Collapse

Which of the following is NOT part of a retention policy?

A.
Format
A.
Format
Answers
B.
Costs
B.
Costs
Answers
C.
Accessibility
C.
Accessibility
Answers
D.
Duration
D.
Duration
Answers
Suggested answer: B

Explanation:

The data retention policy covers the duration, format, technologies, protection, and accessibility of archives, but does not address the specific costs of its implementation and maintenance.

Question 187

Report
Export
Collapse

Which aspect of cloud computing would make the use of a cloud the most attractive as a BCDR solution?

A.
Interoperability
A.
Interoperability
Answers
B.
Resource pooling
B.
Resource pooling
Answers
C.
Portability
C.
Portability
Answers
D.
Measured service
D.
Measured service
Answers
Suggested answer: D

Explanation:

Measured service means that costs are only incurred when a cloud customer is actually using cloud services. This is ideal for a business continuity and disaster recovery (BCDR) solution because it negates the need to keep hardware or resources on standby in case of a disaster. Services can be initiated when needed and without costs unless needed.

Question 188

Report
Export
Collapse

Which of the cloud deployment models offers the easiest initial setup and access for the cloud customer?

A.
Hybrid
A.
Hybrid
Answers
B.
Community
B.
Community
Answers
C.
Private
C.
Private
Answers
D.
Public
D.
Public
Answers
Suggested answer: D

Explanation:

Because the public cloud model is available to everyone, in most instances all a customer will need to do to gain access is set up an account and provide a credit card number through the service's web portal. No additional contract negotiations, agreements, or specific group memberships are typically needed to get started.

Question 189

Report
Export
Collapse

Which of the following is NOT something that an HIDS will monitor?

A.
Configurations
A.
Configurations
Answers
B.
User logins
B.
User logins
Answers
C.
Critical system files
C.
Critical system files
Answers
D.
Network traffic
D.
Network traffic
Answers
Suggested answer: B

Explanation:

A host intrusion detection system (HIDS) monitors network traffic as well as critical system files and configurations.

Question 190

Report
Export
Collapse

Which of the following technologies is used to monitor network traffic and notify if any potential threats or attacks are noticed?

A.
IPS
A.
IPS
Answers
B.
WAF
B.
WAF
Answers
C.
Firewall
C.
Firewall
Answers
D.
IDS
D.
IDS
Answers
Suggested answer: D

Explanation:

An intrusion detection system (IDS) is designed to analyze network packets, compare their contents or characteristics against a set of configurations or signatures, and alert personnel if anything is detected that could constitute a threat or is otherwise designated for alerting.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms