Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Effective Study Techniques for the ISC CCSP Exam

Questions 106

Other than cost savings realized due to measured service, what is another facet of cloud computing that will typically save substantial costs in time and money for an organization in the event of a disaster?

Options:

A.

Broad network access

B.

Interoperability

C.

Resource pooling

D.

Portability

Buy Now
Questions 107

Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?

Options:

A.

Platform

B.

Infrastructure

C.

Software

D.

Desktop

Buy Now
Questions 108

Which of the following is NOT a function performed by the record protocol of TLS?

Options:

A.

Encryption

B.

Acceleration

C.

Authentication

D.

Compression

Buy Now
Questions 109

What changes are necessary to application code in order to implement DNSSEC?

Options:

A.

Adding encryption modules

B.

Implementing certificate validations

C.

Additional DNS lookups

D.

No changes are needed.

Buy Now
Questions 110

Which of the following would be a reason to undertake a BCDR test?

Options:

A.

Functional change of the application

B.

Change in staff

C.

User interface overhaul of the application

D.

Change in regulations

Buy Now
Questions 111

Which of the following should NOT be part of the requirement analysis phase of the software development lifecycle?

Options:

A.

Functionality

B.

Programming languages

C.

Software platform

D.

Security requirements

Buy Now
Questions 112

Which security concept would business continuity and disaster recovery fall under?

Options:

A.

Confidentiality

B.

Availability

C.

Fault tolerance

D.

Integrity

Buy Now
Questions 113

Which of the following features is a main benefit of PaaS over IaaS?

Options:

A.

Location independence

B.

High-availability

C.

Physical security requirements

D.

Auto-scaling

Buy Now
Questions 114

Which data point that auditors always desire is very difficult to provide within a cloud environment?

Options:

A.

Access policy

B.

Systems architecture

C.

Baselines

D.

Privacy statement

Buy Now
Questions 115

What concept does the "D" represent with the STRIDE threat model?

Options:

A.

Data loss

B.

Denial of service

C.

Data breach

D.

Distributed

Buy Now
Questions 116

Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?

Options:

A.

Virtualization

B.

Multitenancy

C.

Resource pooling

D.

Dynamic optimization

Buy Now
Questions 117

What type of host is exposed to the public Internet for a specific reason and hardened to perform only that function for authorized users?

Options:

A.

Proxy

B.

Bastion

C.

Honeypot

D.

WAF

Buy Now
Questions 118

There is a large gap between the privacy laws of the United States and those of the European Union. Bridging this gap is necessary for American companies to do business with European companies and in European markets in many situations, as the American companies are required to comply with the stricter requirements.

Which US program was designed to help companies overcome these differences?

Options:

A.

SOX

B.

HIPAA

C.

GLBA

D.

Safe Harbor

Buy Now
Questions 119

Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?

Options:

A.

Modify data

B.

Modify metadata

C.

New data

D.

Import data

Buy Now
Questions 120

Which one of the following threat types to applications and services involves the sending of requests that are invalid and manipulated through a user's client to execute commands on the application under the user's own credentials?

Options:

A.

Injection

B.

Missing function-level access control

C.

Cross-site scripting

D.

Cross-site request forgery

Buy Now