CCSP Exam Questions

Total 512 Questions

Last Updated Exam : 16-Dec-2024

Topic 1: Exam Pool A

Of the following, which is probably the most significant risk in a managed cloud
environment?
Response:


A.

DDoS


B.

Management plane breach


C.

Guest escape


D.

Physical attack on the utility service lines





B.
  

Management plane breach



You have been tasked with creating an audit scope statement and are making your
project outline. Which of the following is NOT typically included in an audit scope
statement?


A.

Statement of purpose


B.

Deliverables


C.

Classification


D.

Costs





D.
  

Costs



Cloud environments pose many unique challenges for a data custodian to properly
adhere to policies and the use of data. What poses the biggest challenge for a data
custodian with a PaaS implementation, over and above the same concerns with
IaaS?
Response:


A.

Access to systems


B.

Knowledge of systems


C.

Data classification rules


D.

Contractual requirements





B.
  

Knowledge of systems



Log data should be protected ____________.
Response:


A.

One level below the sensitivity level of the systems from which it was collected


B.

At least at the same sensitivity level as the systems from which it was collected


C.

With encryption in transit, at rest, and in use


D.

According to NIST guidelines





B.
  

At least at the same sensitivity level as the systems from which it was collected



Which of the following is not a reason for conducting audits?


A.

Regulatory compliance


B.

User satisfaction


C.

Determination of service quality


D.

Security assurance





B.
  

User satisfaction



Under EU law, a cloud customer who gives sensitive data to a cloud provider is still
legally responsible for the damages resulting from a data breach caused by the
provider; the EU would say that it is the cloud customer’s fault for choosing the
wrong provider.
This is an example of insufficient ____________.


A.

Proof


B.

Evidence


C.

Due diligence


D.

Application of reasonableness





C.
  

Due diligence



The Cloud Security Alliance (CSA) publishes the Notorious Nine, a list of common threats
to organizations participating in cloud computing.
According to the CSA, what is one reason the threat of insecure interfaces and APIs is so
prevalent in cloud computing? 
Response:


A.

Cloud customers and third parties are continually enhancing and modifying APIs.


B.

APIs can have automated settings.


C.

It is impossible to uninstall APIs.


D.

APIs are a form of malware.





A.
  

Cloud customers and third parties are continually enhancing and modifying APIs.



A honeypot can be used for all the following purposes except ____________.
Response:


A.

Gathering threat intelligence


B.

Luring attackers


C.

Distracting attackers


D.

Delaying attackers





B.
  

Luring attackers



Who is the entity identified by personal data?
Response:


A.

The data owner


B.

The data processor


C.

The data custodian


D.

The data subject





D.
  

The data subject



Egress monitoring solutions usually include a function that ____________.
Response: 


A.

Uses biometrics to scan users


B.

Inspects incoming packets


C.

Resides on client machines


D.

Uses stateful inspection





C.
  

Resides on client machines




Page 5 out of 52 Pages
Previous