Home

Home / ISC / CCSP

Question list

List of questions

Question 1

(0)

Which of the following roles is responsible for creating cloud components and the testing and validation of services?

Question 2

(0)

What is the best source for information about securing a physical asset's BIOS?

Question 3

(0)

Which of the following is not a component of contractual PII?

Question 4

(0)

Which of the following concepts refers to a cloud customer paying only for the resources and offerings they use within a cloud environment, and only for the duration that they are consuming them?

Question 5

(0)

Which of the following roles involves testing, monitoring, and securing cloud services for an organization?

Question 6

(0)

What is the only data format permitted with the SOAP API?

Question 7

(0)

Which data formats are most commonly used with the REST API?

Question 8

(0)

Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks?

Question 9

(0)

Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?

Question 10

(0)

What is the biggest concern with hosting a key management system outside of the cloud environment?

Open VPLUS File

Convert VPLUS to PDF

Related questions

Over time, what is a primary concern for data archiving?

Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?

Which type of testing uses the same strategies and toolsets that hackers would use?

Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?

Which United States law is focused on accounting and financial practices of organizations?

Which value refers to the percentage of production level restoration needed to meet BCDR objectives?

Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?

What concept does the "D" represent with the STRIDE threat model?

What is the data encapsulation used with the SOAP protocol referred to?

What is one of the reasons a baseline might be changed?

Question 8 - CCSP discussion

Report

Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks?

A.

Injection

B.

Missing function-level access control

C.

Cross-site request forgery

D.

Cross-site scripting

Show Answer

asked 18/09/2024

Sascha Mintenbeck

31 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first