ISC CCSP Certified Cloud Security Professional (CCSP) Online Training

In order to pass ISC CCSP exam a lot of people spend a lot of time and effort to learn the related knowledge, but in the end most of them do not succeed. Therefore Exam4Training is to analyze the reasons for their failure. The conclusion is that they do not take a pertinent training course. Now Exam4Training experts have developed ISC CCSP Certified Cloud Security Professional (CCSP) Online Training for CCSP Certifications CCSP exam, which can help you spend a small amount of time and money and 100% pass the Certified Cloud Security Professional (CCSP) exam at the same time.

1. Which of the following roles is responsible for creating cloud components and the testing and validation of services?

2. What is the best source for information about securing a physical asset's BIOS?

3. Which of the following is not a component of contractual PII?

4. Which of the following concepts refers to a cloud customer paying only for the resources and offerings they use within a cloud environment, and only for the duration that they are consuming them?

5. Which of the following roles involves testing, monitoring, and securing cloud services for an organization?

6. What is the only data format permitted with the SOAP API?

7. Which data formats are most commonly used with the REST API?

8. Which of the following threat types involves an application that does not validate authorization for portions of itself after the initial checks?

9. Which of the following roles involves overseeing billing, purchasing, and requesting audit reports for an organization within a cloud environment?

10. What is the biggest concern with hosting a key management system outside of the cloud environment?

11. Which of the following approaches would NOT be considered sufficient to meet the requirements of secure data destruction within a cloud environment?

12. Which of the following cloud aspects complicates eDiscovery?

13. What does the management plane typically utilize to perform administrative functions on the hypervisors that it has access to?

14. What is a serious complication an organization faces from the perspective of compliance with international operations?

15. Which networking concept in a cloud environment allows for network segregation and isolation of IP spaces?

16. Which of the following standards primarily pertains to cabling designs and setups in a data center?

17. Which of the following publishes the most commonly used standard for data center design in regard to tiers and topologies?

18. What type of segregation and separation of resources is needed within a cloud environment for multitenancy purposes versus a traditional data center model?

19. Which United States law is focused on data related to health records and privacy?

20. What is used for local, physical access to hardware within a data center?

21. Within an Infrastructure as a Service model, which of the following would NOT be a measured service?

22. Which of the following is NOT a criterion for data within the scope of eDiscovery?

23. Which United States law is focused on accounting and financial practices of organizations?

24. What type of masking strategy involves making a separate and distinct copy of data with masking in place?

25. Which of the following storage types is most closely associated with a database-type storage implementation?

26. Which of the following roles is responsible for overseeing customer relationships and the processing of financial transactions?

27. Which protocol does the REST API depend on?

28. Which United States program was designed to enable organizations to bridge the gap between privacy laws and requirements of the United States and the European Union?

29. What is the biggest benefit to leasing space in a data center versus building or maintain your own?

30. Which of the following security measures done at the network layer in a traditional data center are also applicable to a cloud environment?

31. Which aspect of cloud computing will be most negatively impacted by vendor lock-in?

32. Which of the following APIs are most commonly used within a cloud environment?

33. Which of the following attempts to establish an international standard for eDiscovery processes and best practices?

34. Which of the following roles is responsible for obtaining new customers and securing contracts and agreements?

35. Which term relates to the application of scientific methods and practices to evidence?

36. Which of the following roles involves the provisioning and delivery of cloud services?

37. What is the primary reason that makes resolving jurisdictional conflicts complicated?

38. GAAPs are created and maintained by which organization?

39. Which of the following roles is responsible for preparing systems for the cloud, administering and monitoring services, and managing inventory and assets?

40. Which protocol allows a system to use block-level storage as if it was a SAN, but over TCP network traffic instead?

41. Which of the cloud deployment models is used by popular services such as iCloud, Dropbox, and OneDrive?

42. Why does a Type 2 hypervisor typically offer less security control than a Type 1 hypervisor?

43. Which is the appropriate phase of the cloud data lifecycle for determining the data's classification?

44. Which of the following is the optimal temperature for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and Air Conditioning Engineers (ASHRAE)?

45. Which of the following is not a risk management framework?

46. Which of the following threat types involves the sending of untrusted data to a user's browser to be executed with their own credentials and access?

47. How is an object stored within an object storage system?

48. Which of the following is NOT a regulatory system from the United States federal government?

49. Which jurisdiction lacks specific and comprehensive privacy laws at a national or top level of legal authority?

50. Which United States law is focused on PII as it relates to the financial industry?

51. Which of the following threat types can occur when encryption is not properly applied or insecure transport mechanisms are used?

52. What is the best approach for dealing with services or utilities that are installed on a system but not needed to perform their desired function?

53. Which of the following actions will NOT make data part of the "create" phase of the cloud data lifecycle?

54. What are the two protocols that TLS uses?

55. Which type of cloud model typically presents the most challenges to a cloud customer during the "destroy" phase of the cloud data lifecycle?

56. Which of the following may unilaterally deem a cloud hosting model inappropriate for a system or application?

57. Which of the following is considered an internal redundancy for a data center?

58. Which of the following represents a control on the maximum amount of resources that a single customer, virtual machine, or application can consume within a cloud environment?

59. Which of the following roles is responsible for peering with other cloud services and providers?

60. Which of the following does NOT relate to the hiding of sensitive data from data sets?

61. Which of the following are the storage types associated with IaaS?

62. Which technology can be useful during the "share" phase of the cloud data lifecycle to continue to protect data as it leaves the original system and security controls?

63. Which of the following storage types is most closely associated with a traditional file system and tree structure?

64. Which of the following represents a prioritization of applications or cloud customers for the allocation of additional requested resources when there is a limitation on available resources?

65. Which type of audit report does many cloud providers use to instill confidence in their policies, practices, and procedures to current and potential customers?

66. Which of the following statements accurately describes VLANs?

67. What must be secured on physical hardware to prevent unauthorized access to systems?

68. What type of PII is regulated based on the type of application or per the conditions of the specific hosting agreement?

69. Which of the following security technologies is commonly used to give administrators access into trust zones within an environment?

70. Which concept BEST describes the capability for a cloud environment to automatically scale a system or application, based on its current resource demands?

71. If you're using iSCSI in a cloud environment, what must come from an external protocol or application?

72. Which of the following pertains to a macro level approach to data center design rather than the traditional tiered approach to data centers?

73. What does the REST API support that SOAP does NOT support?

74. Why does a Type 1 hypervisor typically offer tighter security controls than a Type 2 hypervisor?

75. Which of the following are the storage types associated with PaaS?

76. Which of the following threat types can occur when baselines are not appropriately applied or unauthorized changes are made?

77. What is the data encapsulation used with the SOAP protocol referred to?

78. Which of the following threat types can occur when an application does not properly validate input and can be leveraged to send users to malicious sites that appear to be legitimate?

79. Which publication from the United States National Institute of Standards and Technology pertains to defining cloud concepts and definitions for the various core components of cloud computing?

80. What is the biggest negative to leasing space in a data center versus building or maintain your own?

81. Which aspect of archiving must be tested regularly for the duration of retention requirements?

82. Which of the following represents a minimum guaranteed resource within a cloud environment for the cloud customer?

83. When is a virtual machine susceptible to attacks while a physical server in the same state would not be?

84. Which of the following threat types involves an application developer leaving references to internal information and configurations in code that is exposed to the client?

85. Which of the following is the biggest concern or challenge with using encryption?

86. Which of the following would NOT be considered part of resource pooling with an Infrastructure as a Service implementation?

87. Which technology is NOT commonly used for security with data in transit?

88. Which of the following roles is responsible for gathering metrics on cloud services and managing cloud deployments and the deployment processes?

89. Which of the following is considered an external redundancy for a data center?

90. Which of the following is the optimal humidity level for a data center, per the guidelines established by the America Society of Heating, Refrigeration, and Air Conditioning Engineers (ASHRAE)?

91. What is the first stage of the cloud data lifecycle where security controls can be implemented?

92. What controls the formatting and security settings of a volume storage system within a cloud environment?

93. What does SDN stand for within a cloud environment?

94. From a legal perspective, what is the most important first step after an eDiscovery order has been received by the cloud provider?

95. Which of the following would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

96. Which of the following pertains to fire safety standards within a data center, specifically with their enormous electrical consumption?

97. Which of the following roles involves the connection and integration of existing systems and services to a cloud environment?

98. Which technique involves replacing values within a specific data field to protect sensitive data?

99. What expectation of data custodians is made much more challenging by a cloud implementation, especially with PaaS or SaaS?

100. What type of PII is controlled based on laws and carries legal penalties for noncompliance with requirements?

101. Which if the following is NOT one of the three components of a federated identity system transaction?

102. Which value refers to the amount of time it takes to recover operations in a BCDR situation to meet management's objectives?

103. Which of the cloud deployment models requires the cloud customer to be part of a specific group or organization in order to host cloud services within it?

104. What provides the information to an application to make decisions about the authorization level appropriate when granting access?

105. What is a standard configuration and policy set that is applied to systems and virtual machines called?

106. Which entity requires all collection and storing of data on their citizens to be done on hardware that resides within their borders?

107. Which of the cloud cross-cutting aspects relates to the ability to easily move services and applications between different cloud providers?

108. Which type of audit report is considered a "restricted use" report for its intended audience?

109. What is the concept of segregating information or processes, within the same system or application, for security reasons?

110. The European Union passed the first major regulation declaring data privacy to be a human right.

In what year did it go into effect?

111. Which of the following is NOT a key area for performance monitoring as far as an SLA is concerned?

112. Which of the following is the MOST important requirement and guidance for testing during an audit?

113. Which value refers to the amount of data an organization would need to recover in the event of a BCDR situation in order to reach an acceptable level of operations?

114. What must SOAP rely on for security?

115. Which of the following is a commonly used tool for maintaining system configurations?

116. What type of data does data rights management (DRM) protect?

117. Which type of testing uses the same strategies and toolsets that hackers would use?

118. From a security perspective, which of the following is a major concern when evaluating possible BCDR solutions?

119. Which of the following is NOT a focus or consideration of an internal audit?

120. Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

121. What process is used within a clustered system to provide high availability and load balancing?

122. Which of the following is NOT a function performed by the handshake protocol of TLS?

123. Unlike SOC Type 1 reports, which are based on a specific point in time, SOC Type 2 reports are done over a period of time.

What is the minimum span of time for a SOC Type 2 report?

124. What changes are necessary to application code in order to implement DNSSEC?

125. Which type of controls are the SOC Type 1 reports specifically focused on?

126. Which security concept is based on preventing unauthorized access to data while also ensuring that it is accessible to those authorized to use it?

127. Which of the following is NOT a domain of the Cloud Controls Matrix (CCM)?

128. Which security concept, if implemented correctly, will protect the data on a system, even if a malicious actor gains access to the actual system?

129. Which of the following is the sole responsibility of the cloud provider, regardless of which cloud model is used?

130. Which of the following is NOT a factor that is part of a firewall configuration?

131. Which of the cloud deployment models involves spanning multiple cloud environments or a mix of cloud hosting models?

132. Which of the following is NOT one of five principles of SOC Type 2 audits?

133. Which aspect of cloud computing makes data classification even more vital than in a traditional data center?

134. What concept does the "T" represent in the STRIDE threat model?

135. Which of the following would be a reason to undertake a BCDR test?

136. What is the biggest challenge to data discovery in a cloud environment?

137. Which crucial aspect of cloud computing can be most threatened by insecure APIs?

138. Which of the following should NOT be part of the requirement analysis phase of the software development lifecycle?

139. Which of the cloud cross-cutting aspects relates to the assigning of jobs, tasks, and roles, as well as to ensuring they are successful and properly performed?

140. Which regulatory system pertains to the protection of healthcare data?

141. Which aspect of cloud computing makes it very difficult to perform repeat audits over time to track changes and compliance?

142. Which security concept would business continuity and disaster recovery fall under?

143. Which of the following is NOT an application or utility to apply and enforce baselines on a system?

144. Which of the cloud cross-cutting aspects relates to the ability for a cloud customer to easily remove their applications and data from a cloud environment?

145. Which of the following is NOT a function performed by the record protocol of TLS?

146. What concept does the "R" represent with the DREAD model?

147. The SOC Type 2 reports are divided into five principles.

Which of the five principles must also be included when auditing any of the other four principles?

148. How many additional DNS queries are needed when DNSSEC integrity checks are added?

149. Which of the following is the sole responsibility of the cloud customer, regardless of which cloud model is used?

150. Which of the following service categories entails the least amount of support needed on the part of the cloud customer?

151. Which of the following would NOT be a reason to activate a BCDR strategy?

152. Which of the cloud cross-cutting aspects relates to the oversight of processes and systems, as well as to ensuring their compliance with specific policies and regulations?

153. Which of the cloud cross-cutting aspects relates to the ability to reuse or move components of an application or service?

154. Which of the following is a restriction that can be enforced by information rights management (IRM) that is not possible for traditional file system controls?

155. What strategy involves hiding data in a data set to prevent someone from identifying specific individuals based on other data fields present?

156. What type of security threat is DNSSEC designed to prevent?

157. Which European Union directive pertains to personal data privacy and an individual's control over their personal data?

158. Which of the cloud cross-cutting aspects relates to the requirements placed on a system or application by law, policy, or requirements from standards?

159. Which data point that auditors always desire is very difficult to provide within a cloud environment?

160. What type of host is exposed to the public Internet for a specific reason and hardened to perform only that function for authorized users?

161. Which security concept is focused on the trustworthiness of data?

162. Which OSI layer does IPsec operate at?

163. Which of the cloud cross-cutting aspects relates to the requirements placed on the cloud provider by the cloud customer for minimum performance standards and requirements that must be met?

164. Which of the following service capabilities gives the cloud customer the most control over resources and configurations?

165. What concept does the "I" represent with the STRIDE threat model?

166. At which stage of the BCDR plan creation phase should security be included in discussions?

167. Which approach is typically the most efficient method to use for data discovery?

168. Which of the following features is a main benefit of PaaS over IaaS?

169. Which audit type has been largely replaced by newer approaches since 2011?

170. Which of the following can be useful for protecting cloud customers from a denial-of-service (DoS) attack against another customer hosted in the same cloud?

171. Which of the following service capabilities gives the cloud customer the least amount of control over configurations and deployments?

172. What does the "SOC" acronym refer to with audit reports?

173. What does the REST API use to protect data transmissions?

174. What strategy involves replacing sensitive data with opaque values, usually with a means of mapping it back to the original value?

175. With software-defined networking, what aspect of networking is abstracted from the forwarding of traffic?

176. Which of the following does NOT fall under the "IT" aspect of quality of service (QoS)?

177. What does dynamic application security testing (DAST) NOT entail?

178. Where is an XML firewall most commonly deployed in the environment?

179. What type of masking strategy involves replacing data on a system while it passes between the data and application layers?

180. Which of the following is a widely used tool for code development, branching, and collaboration?

181. Which aspect of security is DNSSEC designed to ensure?

182. Which process serves to prove the identity and credentials of a user requesting access to an application or data?

183. Who would be responsible for implementing IPsec to secure communications for an application?

184. What is the minimum regularity for testing a BCDR plan to meet best practices?

185. Other than cost savings realized due to measured service, what is another facet of cloud computing that will typically save substantial costs in time and money for an organization in the event of a disaster?

186. Which of the following is NOT part of a retention policy?

187. Which aspect of cloud computing would make the use of a cloud the most attractive as a BCDR solution?

188. Which of the cloud deployment models offers the easiest initial setup and access for the cloud customer?

189. Which of the following is NOT something that an HIDS will monitor?

190. Which of the following technologies is used to monitor network traffic and notify if any potential threats or attacks are noticed?

191. What concept does the "A" represent in the DREAD model?

192. Which attribute of data poses the biggest challenge for data discovery?

193. What does static application security testing (SAST) offer as a tool to the testers?

194. Which of the following service capabilities gives the cloud customer an established and maintained framework to deploy code and applications?

195. What process is used within a cloud environment to maintain resource balancing and ensure that resources are available where and when needed?

196. Which value refers to the percentage of production level restoration needed to meet BCDR objectives?

197. Over time, what is a primary concern for data archiving?

198. What is an often overlooked concept that is essential to protecting the confidentiality of data?

199. Which of the cloud deployment models offers the most control and input to the cloud customer as to how the overall cloud environment is implemented and configured?

200. What concept does the "D" represent with the STRIDE threat model?

201. Your boss has tasked your team with getting your legacy systems and applications connected with new cloud-based services that management has decided are crucial to customer service and offerings.

Which role would you be assuming under this directive?

202. One of the main components of system audits is the ability to track changes over time and to match these changes with continued compliance and internal processes.

Which aspect of cloud computing makes this particular component more challenging than in a traditional data center?

203. In the wake of many scandals with major corporations involving fraud and the deception of investors and regulators, which of the following laws was passed to govern accounting and financial records and disclosures?

204. Which one of the following threat types to applications and services involves the sending of requests that are invalid and manipulated through a user's client to execute commands on the application under the user's own credentials?

205. Which cloud service category would be most ideal for a cloud customer that is developing software to test its applications among multiple hosting providers to determine the best option for its needs?

206. You just hired an outside developer to modernize some applications with new web services and functionality. In order to implement a comprehensive test platform for validation, the developer needs a data set that resembles a production data set in both size and composition.

In order to accomplish this, what type of masking would you use?

207. In order to prevent cloud customers from potentially consuming enormous amounts of resources within a cloud environment and thus having a negative impact on other customers, what concept is commonly used by a cloud provider?

208. Where is a DLP solution generally installed when utilized for monitoring data at rest?

209. Which of the following aspects of security is solely the responsibility of the cloud provider?

210. Humidity levels for a data center are a prime concern for maintaining electrical and computing resources properly as well as ensuring that conditions are optimal for top performance.

Which of the following is the optimal humidity level, as established by ASHRAE?

211. Within a SaaS environment, what is the responsibility on the part of the cloud customer in regard to procuring the software used?

212. Implementing baselines on systems would take an enormous amount of time and resources if the staff had to apply them to each server, and over time, it would be almost impossible to keep all the systems in sync on an ongoing basis.

Which of the following is NOT a package that can be used for implementing and maintaining baselines across an enterprise?

213. From the perspective of compliance, what is the most important consideration when it comes to data center location?

214. Different certifications and standards take different approaches to data center design and operations.

Although many traditional approaches use a tiered methodology, which of the following utilizes a macro-level approach to data center design?

215. The European Union is often considered the world leader in regard to the privacy of personal data and has declared privacy to be a "human right."

In what year did the EU first assert this principle?

216. A DLP solution/implementation has three main components.

Which of the following is NOT one of the three main components?

217. What type of storage structure does object storage employ to maintain files?

218. Which cloud storage type requires special consideration on the part of the cloud customer to ensure they do not program themselves into a vendor lock-in situation?

219. Which cloud deployment model would be ideal for a group of universities looking to work together, where each university can gain benefits according to its specific needs?

220. Data centers have enormous power resources that are distributed and consumed throughout the entire facility.

Which of the following standards pertains to the proper fire safety standards within that scope?

221. Which of the following threat types involves an application that does not validate authorization for portions of itself beyond when the user first enters it?

222. Clustered systems can be used to ensure high availability and load balancing across individual systems through a variety of methodologies.

What process is used within a clustered system to ensure proper load balancing and to maintain the health of the overall system to provide high availability?

223. Although the REST API supports a wide variety of data formats for communications and exchange, which data formats are the most commonly used?

224. The share phase of the cloud data lifecycle involves allowing data to leave the application, to be shared with external systems, services, or even other vendors/contractors.

What technology would be useful for protecting data at this point?

225. When an API is being leveraged, it will encapsulate its data for transmission back to the requesting party or service.

What is the data encapsulation used with the SOAP protocol referred to as?

226. From a security perspective, what component of a cloud computing infrastructure represents the biggest concern?

227. Which of the following is NOT one of the main intended goals of a DLP solution?

228. Data center and operations design traditionally takes a tiered, topological approach.

Which of the following standards is focused on that approach and is prevalently used throughout the industry?

229. Jurisdictions have a broad range of privacy requirements pertaining to the handling of personal data and information.

Which jurisdiction requires all storage and processing of data that pertains to its citizens to be done on hardware that is physically located within its borders?

230. The management plane is used to administer a cloud environment and perform administrative tasks across a variety of systems, but most specifically it's used with the hypervisors.

What does the management plane typically leverage for this orchestration?

231. When dealing with PII, which category pertains to those requirements that can carry legal sanctions or penalties for failure to adequately safeguard the data and address compliance requirements?

232. Although the United States does not have a single, comprehensive privacy and regulatory framework, a number of specific regulations pertain to types of data or populations.

Which of the following is NOT a regulatory system from the United States federal government?

233. The president of your company has tasked you with implementing cloud services as the most efficient way of obtaining a robust disaster recovery configuration for your production services.

Which of the cloud deployment models would you MOST likely be exploring?

234. If you are running an application that has strict legal requirements that the data cannot reside on systems that contain other applications or systems, which aspect of cloud computing would be prohibitive in this case?

235. The REST API is a widely used standard for communications of web-based services between clients and the servers hosting them.

Which protocol does the REST API depend on?

236. Which of the following actions will NOT make data part of the create phase of the cloud data lifecycle?

237. Most APIs will support a variety of different data formats or structures.

However, the SOAP API will only support which one of the following data formats?

238. Which cloud storage type is typically used to house virtual machine images that are used throughout the environment?

239. With an API, various features and optimizations are highly desirable to scalability, reliability, and security.

What does the REST API support that the SOAP API does NOT support?

240. Although much of the attention given to data security is focused on keeping data private and only accessible by authorized individuals, of equal importance is the trustworthiness of the data.

Which concept encapsulates this?

241. Three central concepts define what type of data and information an organization is responsible for pertaining to eDiscovery.

Which of the following are the three components that comprise required disclosure?

242. Which of the following threat types involves the sending of commands or arbitrary data through input fields in an application in an attempt to get that code executed as part of normal processing?

243. With a cloud service category where the cloud customer is responsible for deploying all services, systems, and components needed for their applications, which of the following storage types are MOST likely to be available to them?

244. Which of the following roles would be responsible for managing memberships in federations and the use and integration of federated services?

245. Which data state would be most likely to use TLS as a protection mechanism?

246. You are working for a cloud service provider and receive an eDiscovery order pertaining to one of your customers.

Which of the following would be the most appropriate action to take first?

247. If a cloud computing customer wishes to guarantee that a minimum level of resources will always be available, which of the following set of services would compromise the reservation?

248. Which of the following threat types can occur when baselines are not appropriately applied or when unauthorized changes are made?

249. Which of the following is considered an internal redundancy for a data center?

250. Which of the following threat types involves the sending of invalid and manipulated requests through a user's client to execute commands on the application under their own credentials?

251. With finite resources available within a cloud, even the largest cloud providers will at times need to determine which customers will receive additional resources first.

What is the term associated with this determination?

252. In order to comply with regulatory requirements, which of the following secure erasure methods would be available to a cloud customer using volume storage within the IaaS service model?

253. Where is a DLP solution generally installed when utilized for monitoring data in use?

254. Which of the following aspects of cloud computing would make it more likely that a cloud provider would be unwilling to satisfy specific certification requirements?

255. Which phase of the cloud data lifecycle would be the MOST appropriate for the use of DLP technologies to protect the data?

256. During which phase of the cloud data lifecycle is it possible for the classification of data to change?

257. If a key feature of cloud computing that your organization desires is the ability to scale and expand without limit or concern about available resources, which cloud deployment model would you MOST likely be considering?

258. What is a serious complication an organization faces from the compliance perspective with international operations?

259. ISO/IEC has established international standards for many aspects of computing and any processes or procedures related to information technology.

Which ISO/IEC standard has been established to provide a framework for handling eDiscovery processes?

260. If a company needed to guarantee through contract and SLAs that a cloud provider would always have available sufficient resources to start their services and provide a certain level of provisioning, what would the contract need to refer to?

261. Many aspects and features of cloud computing can make eDiscovery compliance more difficult or costly.

Which aspect of cloud computing would be the MOST complicating factor?

262. A crucial decision any company must make is in regard to where it hosts the data systems it depends on. A debate exists as to whether it's best to lease space in a data center or build your own data center--and now with cloud computing, whether to purchase resources within a cloud.

What is the biggest advantage to leasing space in a data center versus procuring cloud services?

263. Which of the following systems is used to employ a variety of different techniques to discover and alert on threats and potential threats to systems and networks?

264. Which of the following is not a risk management framework?

265. In order to ensure ongoing compliance with regulatory requirements, which phase of the cloud data lifecycle must be tested regularly?

266. Which of the following threat types involves leveraging a user's browser to send untrusted data to be executed with legitimate access via the user’s valid credentials?

267. Digital investigations have adopted many of the same methodologies and protocols as other types of criminal or scientific inquiries.

What term pertains to the application of scientific norms and protocols to digital investigations?

268. Within a federated identity system, which entity accepts tokens from the identity provider?

269. Different types of audits are intended for different audiences, such as internal, external, regulatory, and so on.

Which of the following audits are considered "restricted use" versus being for a more broad audience?

270. Although host-based and network-based IDSs perform similar functions and have similar capabilities, which of the following is an advantage of a network-based IDS over a host-based IDS, assuming all capabilities are equal?

271. DNSSEC was designed to add a layer of security to the DNS protocol.

Which type of attack was the DNSSEC extension designed to mitigate?

272. Which aspect of cloud computing pertains to cloud customers only paying for the resources and services they actually use?

273. Many of the traditional concepts of systems and services for a traditional data center also apply to the cloud. Both are built around key computing concepts.

Which of the following compromise the two facets of computing?

274. With a cloud service category where the cloud customer is provided a full application framework into which to deploy their code and services, which storage types are MOST likely to be available to them?

275. Firewalls are used to provide network security throughout an enterprise and to control what information can be accessed--and to a certain extent, through what means.

Which of the following is NOT something that firewalls are concerned with?

276. Within an IaaS implementation, which of the following would NOT be a metric used to quantify service charges for the cloud customer?

277. Many different common threats exist against web-exposed services and applications. One attack involves attempting to leverage input fields to execute queries in a nested fashion that is unintended by the developers.

What type of attack is this?

278. For service provisioning and support, what is the ideal amount of interaction between a cloud customer and cloud provider?

279. What does a cloud customer purchase or obtain from a cloud provider?

280. Which phase of the cloud data lifecycle represents the first instance where security controls can be implemented?

281. You were recently hired as a project manager at a major university to implement cloud services for the academic and administrative systems. Because the load and demand for services at a university are very cyclical in nature, commensurate with the academic calendar, which of the following aspects of cloud computing would NOT be a primary benefit to you?

282. Which cloud deployment model is MOST likely to offer free or very cheap services to users?

283. Where is a DLP solution generally installed when utilized for monitoring data in transit?

284. With IaaS, what is responsible for handling the security and control over the volume storage space?

285. Configurations and policies for a system can come from a variety of sources and take a variety of formats.

Which concept pertains to the application of a set of configurations and policies that is applied to all systems or a class of systems?

286. Which of the following tasks within a SaaS environment would NOT be something the cloud customer would be responsible for?

287. An SLA contains the official requirements for contract performance and satisfaction between the cloud provider and cloud customer.

Which of the following would NOT be a component with measurable metrics and requirements as part of an SLA?

288. Within a federated identity system, which of the following would you be MOST likely to use for sending information for consumption by a relying party?

289. Which data state would be most likely to use digital signatures as a security protection mechanism?

290. There is a large gap between the privacy laws of the United States and those of the European Union. Bridging this gap is necessary for American companies to do business with European companies and in European markets in many situations, as the American companies are required to comply with the stricter requirements.

Which US program was designed to help companies overcome these differences?

291. Audits are either done based on the status of a system or application at a specific time or done as a study over a period of time that takes into account changes and processes.

Which of the following pairs matches an audit type that is done over time, along with the minimum span of time necessary for it?

292. With software-defined networking (SDN), which two types of network operations are segregated to allow for granularity and delegation of administrative access and functions?

293. Along with humidity, temperature is crucial to a data center for optimal operations and protection of equipment.

Which of the following is the optimal temperature range as set by ASHRAE?

294. Which of the following statements best describes a Type 1 hypervisor?

295. Which cloud storage type resembles a virtual hard drive and can be utilized in the same manner and with the same type of features and capabilities?

296. Which aspect of SaaS will alleviate much of the time and energy organizations spend on compliance (specifically baselines)?

297. Many tools and technologies are available for securing or monitoring data in transit within a data center, whether it is a traditional data center or a cloud.

Which of the following is NOT a technology for securing data in transit?

298. With a federated identity system, where would a user perform their authentication when requesting services or application access?

299. Where is an XML firewall most commonly and effectively deployed in the environment?

300. Modern web service systems are designed for high availability and resiliency.

Which concept pertains to the ability to detect problems within a system, environment, or application and programmatically invoke redundant systems or processes for mitigation?


 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>