ExamGecko
Search Search Login
Home Home / ISC / CCSP

ISC CCSP Practice Test - Questions Answers, Page 49

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Over time, what is a primary concern for data archiving?
Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?
Which United States law is focused on accounting and financial practices of organizations?
Which type of testing uses the same strategies and toolsets that hackers would use?
Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?
Which value refers to the percentage of production level restoration needed to meet BCDR objectives?
What concept does the "D" represent with the STRIDE threat model?
What is the data encapsulation used with the SOAP protocol referred to?
Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?
What is one of the reasons a baseline might be changed?

Question 481

Report
Export
Collapse

In addition to battery backup, a UPS can offer which capability?

A.
Breach alert
A.
Breach alert
Answers
B.
Confidentiality
B.
Confidentiality
Answers
C.
Communication redundancy
C.
Communication redundancy
Answers
D.
Line conditioning
D.
Line conditioning
Answers
Suggested answer: D

Explanation:

A UPS can provide line conditioning, adjusting power so that it is optimized for the devices it serves and smoothing any power fluctuations; it does not offer any of the other listed functions.

Question 482

Report
Export
Collapse

For performance purposes, OS monitoring should include all of the following except:

A.
Disk space
A.
Disk space
Answers
B.
Disk I/O usage
B.
Disk I/O usage
Answers
C.
CPU usage
C.
CPU usage
Answers
D.
Print spooling
D.
Print spooling
Answers
Suggested answer: D

Explanation:

Print spooling is not a metric for system performance; all the rest are.

Question 483

Report
Export
Collapse

Identity and access management (IAM) is a security discipline that ensures which of the following?

A.
That all users are properly authorized
A.
That all users are properly authorized
Answers
B.
That the right individual gets access to the right resources at the right time for the right reasons.
B.
That the right individual gets access to the right resources at the right time for the right reasons.
Answers
C.
That all users are properly authenticated
C.
That all users are properly authenticated
Answers
D.
That unauthorized users will get access to the right resources at the right time for the right reasons
D.
That unauthorized users will get access to the right resources at the right time for the right reasons
Answers
Suggested answer: B

Explanation:

Options A and C are also correct, but included in B, making B the best choice. D is incorrect, because we don't want unauthorized users gaining access.

Question 484

Report
Export
Collapse

Maintenance mode requires all of these actions except:

A.
Remove all active production instances
A.
Remove all active production instances
Answers
B.
Ensure logging continues
B.
Ensure logging continues
Answers
C.
Initiate enhanced security controls
C.
Initiate enhanced security controls
Answers
D.
Prevent new logins
D.
Prevent new logins
Answers
Suggested answer: C

Explanation:

While the other answers are all steps in moving from normal operations to maintenance mode, we do not necessarily initiate any enhanced security controls.

Question 485

Report
Export
Collapse

What is one of the reasons a baseline might be changed?

A.
Numerous change requests
A.
Numerous change requests
Answers
B.
To reduce redundancy
B.
To reduce redundancy
Answers
C.
Natural disaster
C.
Natural disaster
Answers
D.
Power fluctuation
D.
Power fluctuation
Answers
Suggested answer: A

Explanation:

If the CMB is receiving numerous change requests to the point where the amount of requests would drop by modifying the baseline, then that is a good reason to change the baseline. None of the other reasons should involve the baseline at all.

Question 486

Report
Export
Collapse

In a federated identity arrangement using a trusted third-party model, who is the identity provider and who is the relying party?

A.
The users of the various organizations within the federations within the federation/a CASB
A.
The users of the various organizations within the federations within the federation/a CASB
Answers
B.
Each member organization/a trusted third party
B.
Each member organization/a trusted third party
Answers
C.
Each member organization/each member organization
C.
Each member organization/each member organization
Answers
D.
A contracted third party/the various member organizations of the federation
D.
A contracted third party/the various member organizations of the federation
Answers
Suggested answer: D

Explanation:

In a trusted third-party model of federation, each member organization outsources the review and approval task to a third party they all trust. This makes the third party the identifier (it issues and manages identities for all users in all organizations in the federation), and the various member organizations are the relying parties (the resource providers that share resources based on approval from the third party).

Question 487

Report
Export
Collapse

Database activity monitoring (DAM) can be:

A.
Host-based or network-based
A.
Host-based or network-based
Answers
B.
Server-based or client-based
B.
Server-based or client-based
Answers
C.
Used in the place of encryption
C.
Used in the place of encryption
Answers
D.
Used in place of data masking
D.
Used in place of data masking
Answers
Suggested answer: A

Explanation:

We don't use DAM in place of encryption or masking; DAM augments these options without replacing them. We don't usually think of the database interaction as client-server, so A is the best answer.

Question 488

Report
Export
Collapse

The BC/DR kit should include all of the following except:

A.
Annotated asset inventory
A.
Annotated asset inventory
Answers
B.
Flashlight
B.
Flashlight
Answers
C.
Hard drives
C.
Hard drives
Answers
D.
Documentation equipment
D.
Documentation equipment
Answers
Suggested answer: C

Explanation:

While hard drives may be useful in the kit (for instance, if they store BC/DR data such as inventory lists, baselines, and patches), they are not necessarily required. All the other items should be included.

Question 489

Report
Export
Collapse

The baseline should cover which of the following?

A.
Data breach alerting and reporting
A.
Data breach alerting and reporting
Answers
B.
All regulatory compliance requirements
B.
All regulatory compliance requirements
Answers
C.
As many systems throughout the organization as possible
C.
As many systems throughout the organization as possible
Answers
D.
A process for version control
D.
A process for version control
Answers
Suggested answer: C

Explanation:

The more systems that be included in the baseline, the more cost-effective and scalable the baseline is. The baseline does not deal with breaches or version control; those are the provinces of the security office and CMB, respectively. Regulatory compliance might (and usually will) go beyond the baseline and involve systems, processes, and personnel that are not subject to the baseline.

Question 490

Report
Export
Collapse

Which of the following roles is responsible for creating cloud components and the testing and validation of services?

A.
Cloud auditor
A.
Cloud auditor
Answers
B.
Inter-cloud provider
B.
Inter-cloud provider
Answers
C.
Cloud service broker
C.
Cloud service broker
Answers
D.
Cloud service developer
D.
Cloud service developer
Answers
Suggested answer: D

Explanation:

The cloud service developer is responsible for developing and creating cloud components and services, as well as for testing and validating services.

Total 512 questions
Go to page: of 52
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms