CCSP Exam Questions

Total 512 Questions

Last Updated Exam : 16-Dec-2024

Topic 1: Exam Pool A

Which of the following is essential for getting full security value from your system baseline?
Response:


A.

Capturing and storing an image of the baseline


B.

Keeping a copy of upcoming suggested modifications to the baseline


C.

Having the baseline vetted by an objective third party


D.

Using a baseline from another industry member so as not to engage in repetitious efforts





A.
  

Capturing and storing an image of the baseline



A typical DLP tool can enhance the organization’s efforts at accomplishing what legal task?
Response:


A.

Evidence collection


B.

Delivering testimony


C.

Criminal prosecution


D.

Enforcement of intellectual property rights





A.
  

Evidence collection



____________ can often be the result of inadvertent activity.
Response:


A.

DDoS


B.

Phishing


C.

Sprawl


D.

Disasters





C.
  

Sprawl



Who is ultimately responsible for a data breach that includes personally identifiable
information (PII), in the event of negligence on the part of the cloud provider?


A.

The user


B.

The subject


C.

The cloud provider


D.

The cloud customer





D.
  

The cloud customer



Which of the following practices can enhance both operational capabilities and
configuration management efforts?
Response:


A.

Regular backups


B.

Constant uptime


C.

Multifactor authentication


D.

File hashes





D.
  

File hashes



Which cloud service category offers the most customization options and control to
the cloud customer?
Response:


A.

PaaS


B.

IaaS


C.

SaaS


D.

DaaS





B.
  

IaaS



What is the primary security mechanism used to protect SOAP and REST APIs?
Response:


A.

Firewalls


B.

XML firewalls


C.

Encryption


D.

WAFs





C.
  

Encryption



What is the amount of fuel that should be on hand to power generators for backup
datacenter power, in all tiers, according to the Uptime Institute?


A.

1


B.

1,000 gallons


C.

12 hours


D.

As much as needed to ensure all systems may be gracefully shut down and data
securely stored





C.
  

12 hours



DRM solutions should generally include all the following functions, except:


A.

Persistency


B.

Automatic self-destruct


C.

Automatic expiration


D.

Dynamic policy control





B.
  

Automatic self-destruct



What can tokenization be used for?
Response:


A.

Encryption


B.

Compliance with PCI DSS


C.

Enhancing the user experience


D.

Giving management oversight to e-commerce functions





B.
  

Compliance with PCI DSS




Page 4 out of 52 Pages
Previous