CCSP Exam Questions

Total 512 Questions

Last Updated Exam : 16-Dec-2024

Topic 1: Exam Pool A

The use of which of the following technologies will NOT require the security
dependency of an operating system, other than its own?


A.

Management plane


B.

Type 1 hypervisor


C.

Type 2 hypervisor


D.

Virtual machine





B.
  

Type 1 hypervisor



Which of the following is characterized by a set maximum capacity?
Response:


A.

A secret-sharing-made-short (SSMS) bit-splitting implementation


B.

A tightly coupled cloud storage cluster


C.

A loosely coupled cloud storage cluster


D.

A public-key infrastructure





B.
  

A tightly coupled cloud storage cluster



Which of the following is a possible negative aspect of bit-splitting?


A.

Greater chance of physical theft of assets


B.

Loss of public image


C.

Some risk to availability, depending on the implementation


D.

A small fire hazard





C.
  

Some risk to availability, depending on the implementation



What sort of legal enforcement may the Payment Card Industry (PCI) Security
Standards Council not bring to bear against organizations that fail to comply with
the Payment Card Industry Data Security Standard (PCI DSS)?
Response:


A.

Fines


B.

Jail time


C.

Suspension of credit card processing privileges


D.

Subject to increased audit frequency and scope





B.
  

Jail time



Each of the following are dependencies that must be considered when reviewing the
BIA after cloud migration except:
Response:


A.

The cloud provider’s suppliers


B.

The cloud provider’s vendors


C.

The cloud provider’s utilities


D.

The cloud provider’s resellers





D.
  

The cloud provider’s resellers



Which Common Criteria Evaluation Assurance Level (EAL) is granted to those
products that are formally verified in terms of design and tested by an independent
third party?


A.

1


B.

3


C.

5


D.

7





D.
  

7



Which of the following best describes data masking?
Response:


A.

A method where the last few numbers in a dataset are not obscured. These are often
used for authentication.


B.

A method for creating similar but inauthentic datasets used for software testing and user
training.


C.

A method used to protect prying eyes from data such as social security numbers and
credit card data.


D.

Data masking involves stripping out all similar digits in a string of numbers so as to
obscure the original number.





B.
  

A method for creating similar but inauthentic datasets used for software testing and user
training.



The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common
threats to organizations participating in cloud computing.
According to the CSA, what is one reason the threat of insecure interfaces and APIs
is so prevalent in cloud computing?
Response:


A.

Most of the cloud customer’s interaction with resources will be performed through APIs.


B.

APIs are inherently insecure.


C.

Attackers have already published vulnerabilities for all known APIs.


D.

APIs are known carcinogens.





A.
  

Most of the cloud customer’s interaction with resources will be performed through APIs.



You are the security policy lead for your organization, which is considering
migrating from your on-premises, legacy environment into the cloud. You are
reviewing the Cloud Security Alliance Cloud Controls Matrix (CSA CCM) as a tool for
your organization.
Which of the following benefits will the CSA CCM offer your organization?Response:


A.

Simplifying regulatory compliance


B.

Collecting multiple data streams from your log files


C.

Ensuring that the baseline configuration is applied to all systems


D.

Enforcing contract terms between your organization and the cloud provider





A.
  

Simplifying regulatory compliance



SOX was enacted because of which of the following?
Response:


A.

Poor BOD oversight


B.

Lack of independent audits


C.

Poor financial controls


D.

All of the above





D.
  

All of the above




Page 3 out of 52 Pages
Previous