Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Effective Study Techniques for the ISC CCSP Exam

Questions 16

Cloud systems are increasingly used for BCDR solutions for organizations.

What aspect of cloud computing makes their use for BCDR the most attractive?

Options:

A.

On-demand self-service

B.

Measured service

C.

Portability

D.

Broad network access

Buy Now
Questions 17

Which of the cloud cross-cutting aspects relates to the oversight of processes and systems, as well as to ensuring their compliance with specific policies and regulations?

Options:

A.

Governance

B.

Regulatory requirements

C.

Service-level agreements

D.

Auditability

Buy Now
Questions 18

Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?

Options:

A.

Software

B.

Desktop

C.

Platform

D.

Infrastructure

Buy Now
Questions 19

Which approach is typically the most efficient method to use for data discovery?

Options:

A.

Metadata

B.

Content analysis

C.

Labels

D.

ACLs

Buy Now
Questions 20

What is an often overlooked concept that is essential to protecting the confidentiality of data?

Options:

A.

Strong password

B.

Training

C.

Security controls

D.

Policies

Buy Now
Questions 21

Which of the following is a widely used tool for code development, branching, and collaboration?

Options:

A.

GitHub

B.

Maestro

C.

Orchestrator

D.

Conductor

Buy Now
Questions 22

Which protocol, as a part of TLS, handles the actual secure communications and transmission of data?

Options:

A.

Negotiation

B.

Handshake

C.

Transfer

D.

Record

Buy Now
Questions 23

Which of the following is NOT a major regulatory framework?

Options:

A.

PCI DSS

B.

HIPAA

C.

SOX

D.

FIPS 140-2

Buy Now
Questions 24

Which of the following terms is not associated with cloud forensics?

Options:

A.

eDiscovery

B.

Chain of custody

C.

Analysis

D.

Plausibility

Buy Now
Questions 25

Database activity monitoring (DAM) can be:

Options:

A.

Host-based or network-based

B.

Server-based or client-based

C.

Used in the place of encryption

D.

Used in place of data masking

Buy Now
Questions 26

SOC Type 1 reports are considered "restricted use," in that they are intended only for limited audiences and purposes.

Which of the following is NOT a population that would be appropriate for a SOC Type 1 report?

Options:

A.

Current clients

B.

Auditors

C.

Potential clients

D.

The service organization

Buy Now
Questions 27

The baseline should cover which of the following?

Options:

A.

Data breach alerting and reporting

B.

All regulatory compliance requirements

C.

As many systems throughout the organization as possible

D.

A process for version control

Buy Now
Questions 28

BCDR strategies typically do not involve the entire operations of an organization, but only those deemed critical to their business.

Which concept pertains to the required amount of time to restore services to the predetermined level?

Options:

A.

RPO

B.

RSL

C.

RTO

D.

SRE

Buy Now
Questions 29

To address shared monitoring and testing responsibilities in a cloud configuration, the provider might offer all these to the cloud customer except:

Options:

A.

Access to audit logs and performance data

B.

DLP solution results

C.

Security control administration

D.

SIM, SEIM. and SEM logs

Buy Now
Questions 30

Which of the following is NOT considered a type of data loss?

Options:

A.

Data corruption

B.

Stolen by hackers

C.

Accidental deletion

D.

Lost or destroyed encryption keys

Buy Now