Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

examstrack slider

Effective Study Techniques for the ISC CCSP Exam

Questions 31

Security is a critical yet often overlooked consideration for BCDR planning.

At which stage of the planning process should security be involved?

Options:

A.

Scope definition

B.

Requirements gathering

C.

Analysis

D.

Risk assessment

Buy Now
Questions 32

Gathering business requirements can aid the organization in determining all of this information about organizational assets, except:

Options:

A.

Full inventory

B.

Criticality

C.

Value

D.

Usefulness

Buy Now
Questions 33

As part of the auditing process, getting a report on the deviations between intended configurations and actual policy is often crucial for an organization.

What term pertains to the process of generating such a report?

Options:

A.

Deficiencies

B.

Findings

C.

Gap analysis

D.

Errors

Buy Now
Questions 34

The goals of SIEM solution implementation include all of the following, except:

Options:

A.

Dashboarding

B.

Performance enhancement

C.

Trend analysis

D.

Centralization of log streams

Buy Now
Questions 35

Which data protection strategy would be useful for a situation where the ability to remove sensitive data from a set is needed, but a requirement to retain the ability to map back to the original values is also present?

Options:

A.

Masking

B.

Tokenization

C.

Encryption

D.

Anonymization

Buy Now
Questions 36

Which of the following is the primary purpose of an SOC 3 report?

Options:

A.

HIPAA compliance

B.

Absolute assurances

C.

Seal of approval

D.

Compliance with PCI/DSS

Buy Now
Questions 37

Tokenization requires two distinct _________________ .

Options:

A.

Personnel

B.

Authentication factors

C.

Encryption keys

D.

Databases

Buy Now
Questions 38

Cryptographic keys for encrypted data stored in the cloud should be ________________ .

Options:

A.

Not stored with the cloud provider.

B.

Generated with redundancy

C.

At least 128 bits long

D.

Split into groups

Buy Now
Questions 39

In which cloud service model is the customer required to maintain the OS?

Options:

A.

Iaas

B.

CaaS

C.

PaaS

D.

SaaS

Buy Now
Questions 40

DLP can be combined with what other security technology to enhance data controls?

Options:

A.

SIEM

B.

Hypervisors

C.

DRM

D.

Kerberos

Buy Now
Questions 41

With a federated identity system, what does the identity provider send information to after a successful authentication?

Options:

A.

Relying party

B.

Service originator

C.

Service relay

D.

Service relay

Buy Now
Questions 42

Which component of ITIL involves planning for the restoration of services after an unexpected outage or incident?

Options:

A.

Continuity management

B.

Problem management

C.

Configuration management

D.

Availability management

Buy Now
Questions 43

Legal controls refer to which of the following?

Options:

A.

ISO 27001

B.

PCI DSS

C.

NIST 800-53r4

D.

Controls designed to comply with laws and regulations related to the cloud environment

Buy Now
Questions 44

Which of the following best describes data masking?

Options:

A.

A method for creating similar but inauthentic datasets used for software testing and user training.

B.

A method used to protect prying eyes from data such as social security numbers and credit card data.

C.

A method where the last few numbers in a dataset are not obscured. These are often used for authentication.

D.

Data masking involves stripping out all digits in a string of numbers so as to obscure the original number.

Buy Now
Questions 45

Data labels could include all the following, except:

Options:

A.

Multifactor authentication

B.

Access restrictions

C.

Confidentiality level

D.

Distribution limitations

Buy Now