CCSP 2020 BEST EXAM STUDY QUESTIONS AND ANSWERS

Document Content and Description Below

CCSP 2020 BEST EXAM STUDY What type of solutions enable enterprises or individuals to store data and computer files on the Internet using a storage service provider rather than keeping the da... ta locally on a physical disk such as a hard drive or tape backup? A. Online backups B. Cloud backup solutions C. Removable hard drives D. Masking Correct answer- B When using an infrastructure as a service (IaaS) solution, which of the following is not an essential benefit for the customer? A. Removing the need to maintain a license library B. Metered service C. Energy and cooling efficiencies D. Transfer of ownership cost Correct answer- A ______________focuses on security and encryption to prevent unauthorized copying and limitations on distribution to only those who pay. A. Information rights management (IRM) B. Masking C. Bit splitting D. Degaussing Correct answer- A Which of the following represents the correct set of four cloud deployment models? A. Public, private, joint and community B. Public, private, hybrid, and community C. Public, Internet, hybrid, and community D. External, private, hybrid, and community Correct answer- B A special mathematical code that allows encryption hardware/software to encrypt and then decipher a message. A. PKI B. Key C. Public-private D. Masking Correct answer- B Which of the following lists the correct six components of the STRIDE threat model? A. Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege B. Spoofing, tampering, refutation, information disclosure, denial of service, and social engineering elasticity C. Spoofing, tampering, repudiation, information disclosure, distributed denial of service, and elevation of privilege D. Spoofing, tampering, nonrepudiation, information disclosure, denial of service, and elevation of privilege Correct answer- A What is the term that describes the assurance that a specific author actually created and sent a specific item to a specific recipient, and that the message was successfully received? A. PKI B. DLP C. Nonrepudiation D. Bit splitting Correct answer- C What is the correct term for the process of deliberately destroying the encryption keys used to encrypt data? A. Poor key management B. PKI C. Obfuscation D. Crypto-shredding Correct answer- D In a federated environment, who is the relying party, and what do they do? A. The relying party is the service provider, and they consume the tokens generated by the identity provider. B. The relying party is the service provider, and they consume the tokens generated by the customer. C. The relying party is the customer, and they consume the tokens generated by the identity provider. D. The relying party is the identity provider, and they consume the tokens generated by the service provider. Correct answer- A What is the process of replacing sensitive data with unique identification symbols/addresses? A. Randomization B. Elasticity C. Obfuscation D. Tokenization Correct answer- D Which of the following data storage types are associated or used with platform as a service (PaaS)? A. Databases and big data B. SaaS application C. Tabular D. Raw and block Correct answer- A What is the term used for software technology that abstracts application software from the underlying operating system on which it is executed? A. Partition B. Application virtualization C. Distributed D. SaaS Correct answer- B Which of the following represents the US legislation enacted to protect shareholders and the public from enterprise accounting errors and fraudulent practices? A. PCI B. Gramm-Leach-Bliley Act (GLBA) C. Sarbanes-Oxley Act (SOX) D. HIPAA Correct answer- C Which of the following is a device that can safely store and manage encryption keys and is used in servers, data transmission, and log files? A. Private key B. Hardware security module (HSM) C. Public key D. Trusted operating system module (TOS) Correct answer- B What is a type of cloud infrastructure that is provisioned for open use by the general public and is owned, managed, and operated by a cloud provider? A. Private cloud B. Public cloud C. Hybrid cloud D. Personal cloud Correct answer- B When transparent encryption of a database is used, where does the encryption engine reside? A. Within the database application itself B. At the application using the database C. On the instances attached to the volume D. In a key management system Correct answer- A What is a type of assessment that employs a set of methods, principles, or rules for assessing risk based on nonnumerical categories or levels? A. Quantitative assessment B. Qualitative assessment C. Hybrid assessment D. SOC 2 Correct answer- B Which of the following best describes the Cloud Security Alliance Cloud Controls Matrix (CSA CCM)? A. A set of regulatory requirements for cloud service providers B. A set of software development lifecycle requirements for cloud service providers C. A security controls framework that provides mapping/cross relationships with the main industry-accepted security standards, regulations, and controls frameworks D. An inventory of cloud service security controls that are arranged into separate security domains Correct answer- C When a conflict between parties occurs, which of the following is the primary means of determining the jurisdiction in which the dispute will be heard? A. Tort law B. Contract C. Common law D. Criminal law Correct answer- B Which one of the following is the most important security consideration when selecting a new computer facility? A. Local law enforcement response times B. Location adjacent to competitor's facilities Your selection is incorrect C. Aircraft flight paths D. Utility infrastructure Correct answer- D Which of the following is always safe to use in the disposal of electronic records within a cloud environment? A. Physical destruction B. Overwriting C. Encryption D. Degaussing Correct answer- C Which of the following does not represent an attack on a network? A. Syn flood B. Denial of service C. Nmap scan D. Brute force Correct answer- C Which of the following takes advantage of the information developed in the business impact analysis (BIA)? A. Calculating ROI B. Risk analysis C. Calculating TCO D. Securing asset acquisitions Correct answer- B Which of the following terms best describes a managed service model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources? A. Infrastructure as a service (IaaS) B. Public cloud C. Software as a service (SaaS) D. Private cloud Correct answer- C Which of the following is a federal law enacted in the United States to control the way financial institutions deal with private information of individuals? A. PCI B. ISO/IEC C. Gramm-Leach-Bliley Act (GLBA) D. Consumer Protection Act Correct answer- C The typical function of Secure Sockets Layer (SSL) in securing Wireless Application Protocol (WAP) is to protect transmissions that exist: A. Between the WAP gateway and the wireless endpoint device B. Between the web server and the WAP gateway C. From the web server to the wireless endpoint device D. Between the wireless device and the base station Correct answer- C What is an audit standard for service organizations? A. SOC 1 B. SSAE 18 C. GAAP D. [Show More]

Last updated: 1 year ago

Preview 1 out of 214 pages