ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Over time, what is a primary concern for data archiving?
Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which United States law is focused on accounting and financial practices of organizations?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?
What concept does the "D" represent with the STRIDE threat model?
What is the data encapsulation used with the SOAP protocol referred to?
What is one of the reasons a baseline might be changed?

Question 11

Report
Export
Collapse

Which of the following approaches would NOT be considered sufficient to meet the requirements of secure data destruction within a cloud environment?

A.
Cryptographic erasure
A.
Cryptographic erasure
Answers
B.
Zeroing
B.
Zeroing
Answers
C.
Overwriting
C.
Overwriting
Answers
D.
Deletion
D.
Deletion
Answers
Suggested answer: D

Explanation:

Deletion merely removes the pointers to data on a system; it does nothing to actually remove and sanitize the data. As such, the data remains in a recoverable state, and more secure methods are needed to ensure it has been destroyed and is not recoverable by another party.

Question 12

Report
Export
Collapse

Which of the following cloud aspects complicates eDiscovery?

A.
Resource pooling
A.
Resource pooling
Answers
B.
On-demand self-service
B.
On-demand self-service
Answers
C.
Multitenancy
C.
Multitenancy
Answers
D.
Measured service
D.
Measured service
Answers
Suggested answer: C

Explanation:

With multitenancy, eDiscovery becomes more complicated because the data collection involves extra steps to ensure that only those customers or systems that are within scope are turned over to the requesting authority.

Question 13

Report
Export
Collapse

What does the management plane typically utilize to perform administrative functions on the hypervisors that it has access to?

A.
Scripts
A.
Scripts
Answers
B.
RDP
B.
RDP
Answers
C.
APIs
C.
APIs
Answers
D.
XML
D.
XML
Answers
Suggested answer: C

Explanation:

The functions of the management plane are typically exposed as a series of remote calls and function executions and as a set of APIs. These APIs are typically leveraged through either a client or a web portal, with the latter being the most common.

Question 14

Report
Export
Collapse

What is a serious complication an organization faces from the perspective of compliance with international operations?

A.
Different certifications
A.
Different certifications
Answers
B.
Multiple jurisdictions
B.
Multiple jurisdictions
Answers
C.
Different capabilities
C.
Different capabilities
Answers
D.
Different operational procedures
D.
Different operational procedures
Answers
Suggested answer: B

Explanation:

When operating within a global framework, a security professional runs into a multitude of jurisdictions and requirements, and many times they might be in contention with one other or not clearly applicable. These requirements can include the location of the users and the type of data they enter into systems, the laws governing the organization that owns the application and any regulatory requirements they may have, as well as the appropriate laws and regulations for the jurisdiction housing the IT resources and where the data is actually stored, which might be multiple jurisdictions as well.

Question 15

Report
Export
Collapse

Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?

A.
PLAN
A.
PLAN
Answers
B.
WAN
B.
WAN
Answers
C.
LAN
C.
LAN
Answers
D.
VLAN
D.
VLAN
Answers
Suggested answer: D

Explanation:

A virtual area network (VLAN) allows the logical separation and isolation of networks and IP spaces to provide enhanced security and controls.

Question 16

Report
Export
Collapse

Which of the following standards primarily pertains to cabling designs and setups in a data center?

A.
IDCA
A.
IDCA
Answers
B.
BICSI
B.
BICSI
Answers
C.
NFPA
C.
NFPA
Answers
D.
Uptime Institute
D.
Uptime Institute
Answers
Suggested answer: B

Explanation:

The standards put out by Building Industry Consulting Service International (BICSI) primarily cover complex cabling designs and setups for data centers, but also include specifications on power, energy efficiency, and hot/cold aisle setups.

Question 17

Report
Export
Collapse

Which of the following publishes the most commonly used standard for data center design in regard to tiers and topologies?

A.
IDCA
A.
IDCA
Answers
B.
Uptime Institute
B.
Uptime Institute
Answers
C.
NFPA
C.
NFPA
Answers
D.
BICSI
D.
BICSI
Answers
Suggested answer: B

Explanation:

The Uptime Institute publishes the most commonly used and widely known standard on data center tiers and topologies. It is based on a series of four tiers, with each progressive increase in number representing more stringent, reliable, and redundant systems for security, connectivity, fault tolerance, redundancy, and cooling.

Question 18

Report
Export
Collapse

What type of segregation and separation of resources is needed within a cloud environment for multitenancy purposes versus a traditional data center model?

A.
Virtual
A.
Virtual
Answers
B.
Security
B.
Security
Answers
C.
Physical
C.
Physical
Answers
D.
Logical
D.
Logical
Answers
Suggested answer: D

Explanation:

Cloud environments lack the ability to physically separate resources like a traditional data center can. To compensate, cloud computing logical segregation concepts are employed. These include VLANs, sandboxing, and the use of virtual network devices such as firewalls.

Question 19

Report
Export
Collapse

Which United States law is focused on data related to health records and privacy?

A.
Safe Harbor
A.
Safe Harbor
Answers
B.
SOX
B.
SOX
Answers
C.
GLBA
C.
GLBA
Answers
D.
HIPAA
D.
HIPAA
Answers
Suggested answer: D

Explanation:

The Health Insurance Portability and Accountability Act (HIPAA) requires the U.S. Federal Department of Health and Human Services to publish and enforce regulations pertaining to electronic health records and identifiers between patients, providers, and insurance companies. It is focused on the security controls and confidentiality of medical records, rather than the specific technologies used, so long as they meet the requirements of the regulations.

Question 20

Report
Export
Collapse

What is used for local, physical access to hardware within a data center?

A.
SSH
A.
SSH
Answers
B.
KVM
B.
KVM
Answers
C.
VPN
C.
VPN
Answers
D.
RDP
D.
RDP
Answers
Suggested answer: B

Explanation:

Local, physical access in a data center is done via KVM (keyboard, video, mouse) switches.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms