Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Effective Study Techniques for the ISC CCSP Exam

Questions 46

Which kind of SSAE audit report is most beneficial for a cloud customer, even though it’s unlikely the cloud provider will share it?

Options:

A.

SOC 3

B.

SOC 1 Type 2

C.

SOC 2 Type 2

D.

SOC 1 Type 1

Buy Now
Questions 47

What category of PII data can carry potential fines or even criminal charges for its improper use or disclosure?

Options:

A.

Protected

B.

Legal

C.

Regulated

D.

Contractual

Buy Now
Questions 48

Which of the following is a management role, versus a technical role, as it pertains to data management and oversight?

Options:

A.

Data owner

B.

Data processor

C.

Database administrator

D.

Data custodian

Buy Now
Questions 49

Which of the following would be considered an example of insufficient due diligence leading to security or operational problems when moving to a cloud?

Options:

A.

Monitoring

B.

Use of a remote key management system

C.

Programming languages used

D.

Reliance on physical network controls

Buy Now
Questions 50

What is the Cloud Security Alliance Cloud Controls Matrix (CCM)?

Options:

A.

A set of software development life cycle requirements for cloud service providers

B.

An inventory of cloud services security controls that are arranged into a hierarchy of security domains

C.

An inventory of cloud service security controls that are arranged into separate security domains

D.

A set of regulatory requirements for cloud service providers

Buy Now
Questions 51

Every security program and process should have which of the following?

Options:

A.

Severe penalties

B.

Multifactor authentication

C.

Foundational policy

D.

Homomorphic encryption

Buy Now
Questions 52

What is the intellectual property protection for a confidential recipe for muffins?

Options:

A.

Patent

B.

Trademark

C.

Trade secret

D.

Copyright

Buy Now
Questions 53

What is the data encapsulation used with the SOAP protocol referred to?

Options:

A.

Packet

B.

Envelope

C.

Payload

D.

Object

Buy Now
Questions 54

Which of the following does NOT relate to the hiding of sensitive data from data sets?

Options:

A.

Obfuscation

B.

Federation

C.

Masking

D.

Anonymization

Buy Now
Questions 55

What is the best source for information about securing a physical asset's BIOS?

Options:

A.

Security policies

B.

Manual pages

C.

Vendor documentation

D.

Regulations

Buy Now
Questions 56

What is used for local, physical access to hardware within a data center?

Options:

A.

SSH

B.

KVM

C.

VPN

D.

RDP

Buy Now
Questions 57

What are the two protocols that TLS uses?

Options:

A.

Handshake and record

B.

Transport and initiate

C.

Handshake and transport

D.

Record and transmit

Buy Now
Questions 58

Which aspect of archiving must be tested regularly for the duration of retention requirements?

Options:

A.

Availability

B.

Recoverability

C.

Auditability

D.

Portability

Buy Now
Questions 59

Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?

Options:

A.

PLAN

B.

WAN

C.

LAN

D.

VLAN

Buy Now
Questions 60

What controls the formatting and security settings of a volume storage system within a cloud environment?

Options:

A.

Management plane

B.

SAN host controller

C.

Hypervisor

D.

Operating system of the host

Buy Now