ISC CCSP Practice Test - Questions Answers, Page 3

List of questions
Question 21

Within an Infrastructure as a Service model, which of the following would NOT be a measured service?
Within IaaS, the number of users on a system is not relevant to the particular hosting model in regard to cloud resources. IaaS is focused on infrastructure needs of a system or application. Therefore, a factor such as the number of users that could affect licensing requirements, for example, would apply to the SaaS model, or in some instances to PaaS.
Question 22

Which of the following is NOT a criterion for data within the scope of eDiscovery?
eDiscovery pertains to information and data that is in the possession, control, and custody of an organization.
Question 23

Which United States law is focused on accounting and financial practices of organizations?
The Sarbanes-Oxley (SOX) Act is not an act that pertains to privacy or IT security directly, but rather regulates accounting and financial practices used by organizations. It was passed to protect stakeholders and shareholders from improper practices and errors, and it sets forth rules for compliance, regulated and enforced by the Securities and Exchange Commission (SEC). The main influence on IT systems and operations is the requirements it sets for data retention, specifically in regard to what types of records must be preserved and for how long.
Question 24

What type of masking strategy involves making a separate and distinct copy of data with masking in place?
With static masking, a separate and distinct copy of the data set is created with masking in place. This is typically done through a script or other process that takes a standard data set, processes it to mask the appropriate and predefined fields, and then outputs the data set as a new one with the completed masking done.
Question 25

Which of the following storage types is most closely associated with a database-type storage implementation?
Structured storage involves organized and categorized data, which most closely resembles and operates like a database system would.
Question 26

Which of the following roles is responsible for overseeing customer relationships and the processing of financial transactions?
The cloud service business manager is responsible for overseeing business plans and customer relationships as well as processing financial transactions.
Question 27

Which protocol does the REST API depend on?
Representational State Transfer (REST) is a software architectural scheme that applies the components, connectors, and data conduits for many web applications used on the Internet. It uses and relies on the HTTP protocol and supports a variety of data formats.
Question 28

Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the
European Union?
Due to the lack of an adequate privacy law or protection at the federal level in the United States, European privacy regulations generally prohibit the exporting or sharing of PII from Europe with the United States. Participation in the Safe Harbor program is voluntary on behalf of an organization, but it does require them to conform to specific requirements and policies that mirror those from the EU. Thus, organizations can fulfill requirements for data sharing and export and possibly serve customers in the EU.
Question 29

What is the biggest benefit to leasing space in a data center versus building or maintain your own?
When leasing space in a data center, an organization can avoid the enormous startup and building costs associated with a data center, and can instead leverage economies of scale by grouping with other organizations and sharing costs.
Question 30

Which of the following security measures done at the network layer in a traditional data center are also applicable to a cloud environment?
Trust zones can be implemented to separate systems or tiers along logical lines for great security and access controls. Each zone can then have its own security controls and monitoring based on its particular needs.
Question