ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 20

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Over time, what is a primary concern for data archiving?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
What concept does the "D" represent with the STRIDE threat model?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What is the biggest benefit to leasing space in a data center versus building or maintain your own?
The baseline should cover which of the following?
What is one of the reasons a baseline might be changed?

Question 191

Report
Export
Collapse

What concept does the "A" represent in the DREAD model?

A.
Affected users
A.
Affected users
Answers
B.
Authentication
B.
Authentication
Answers
C.
Affinity
C.
Affinity
Answers
D.
Authorization
D.
Authorization
Answers
Suggested answer: A

Explanation:

Affected users refers to the percentage of users who would be impacted by a successful exploit. Scoring ranges from 0, which means no users are impacted, to 10, which means all users are impacted.

Question 192

Report
Export
Collapse

Which attribute of data poses the biggest challenge for data discovery?

A.
Labels
A.
Labels
Answers
B.
Quality
B.
Quality
Answers
C.
Volume
C.
Volume
Answers
D.
Format
D.
Format
Answers
Suggested answer: B

Explanation:

The main problem when it comes to data discovery is the quality of the data that analysis is being performed against. Data that is malformed, incorrectly stored or labeled, or incomplete makes it very difficult to use analytical tools against.

Question 193

Report
Export
Collapse

What does static application security testing (SAST) offer as a tool to the testers?

A.
Production system scanning
A.
Production system scanning
Answers
B.
Injection attempts
B.
Injection attempts
Answers
C.
Source code access
C.
Source code access
Answers
D.
Live testing
D.
Live testing
Answers
Suggested answer: C

Explanation:

Static application security testing (SAST) is conducted with knowledge of the system, including source code, and is done against offline systems.

Question 194

Report
Export
Collapse

Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?

A.
Software
A.
Software
Answers
B.
Desktop
B.
Desktop
Answers
C.
Platform
C.
Platform
Answers
D.
Infrastructure
D.
Infrastructure
Answers
Suggested answer: C

Explanation:

The platform service capability provides programming languages and libraries from the cloud provider, where the customer can deploy their own code and applications into a managed and controlled framework.

Question 195

Report
Export
Collapse

What process is used within a cloud environment to maintain resource balancing and ensure that resources are available where and when needed?

A.
Dynamic clustering
A.
Dynamic clustering
Answers
B.
Dynamic balancing
B.
Dynamic balancing
Answers
C.
Dynamic resource scheduling
C.
Dynamic resource scheduling
Answers
D.
Dynamic optimization
D.
Dynamic optimization
Answers
Suggested answer: D

Explanation:

Dynamic optimization is the process through which the cloud environment is constantly maintained to ensure resources are available when and where needed, and that physical nodes do not become overloaded or near capacity, while others are underutilized.

Question 196

Report
Export
Collapse

Which value refers to the percentage of production level restoration needed to meet BCDR objectives?

A.
RPO
A.
RPO
Answers
B.
RTO
B.
RTO
Answers
C.
RSL
C.
RSL
Answers
D.
SRE
D.
SRE
Answers
Suggested answer: C

Explanation:

The recovery service level (RSL) is a percentage measure of the total typical production service level that needs to be restored to meet BCDR objectives in the case of a failure.

Question 197

Report
Export
Collapse

Over time, what is a primary concern for data archiving?

A.
Size of archives
A.
Size of archives
Answers
B.
Format of archives
B.
Format of archives
Answers
C.
Recoverability
C.
Recoverability
Answers
D.
Regulatory changes
D.
Regulatory changes
Answers
Suggested answer: C

Explanation:

Over time, maintaining the ability to restore and read archives is a primary concern for data archiving. As technologies change and new systems are brought in, it is imperative for an organization to ensure they are still able to restore and access archives for the duration of the required retention period.

Question 198

Report
Export
Collapse

What is an often overlooked concept that is essential to protecting the confidentiality of data?

A.
Strong password
A.
Strong password
Answers
B.
Training
B.
Training
Answers
C.
Security controls
C.
Security controls
Answers
D.
Policies
D.
Policies
Answers
Suggested answer: B

Explanation:

While the main focus of confidentiality revolves around technological requirements or particular security methods, an important and often overlooked aspect of safeguarding data confidentiality is appropriate and comprehensive training for those with access to it. Training should be focused on the safe handling of sensitive information overall, including best practices for network activities as well as physical security of the devices or workstations used to access the application.

Question 199

Report
Export
Collapse

Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?

A.
Public
A.
Public
Answers
B.
Community
B.
Community
Answers
C.
Hybrid
C.
Hybrid
Answers
D.
Private
D.
Private
Answers
Suggested answer: D

Explanation:

A private cloud model, and the specific contractual relationships involved, will give a cloud customer the most level of input and control over how the overall cloud environment is designed and implemented. This would be even more so in cases where the private cloud is owned and operated by the same organization that is hosting services within it.

Question 200

Report
Export
Collapse

What concept does the "D" represent with the STRIDE threat model?

A.
Data loss
A.
Data loss
Answers
B.
Denial of service
B.
Denial of service
Answers
C.
Data breach
C.
Data breach
Answers
D.
Distributed
D.
Distributed
Answers
Suggested answer: B

Explanation:

Any application can be a possible target of denial-of-service (DoS) attacks. From the application side, the developers should minimize how many operations are performed for non-authenticated users. This will keep the application running as quickly as possible and using the least amount of system resources to help minimize the impact of any such attacks.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms